A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko, “An analysis of security event correlation techniques in SIEM-systems. Part 2”, Tr. SPIIRAN, 49 (2016), 208

Trudy SPIIRAN

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Informatics and Automation:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Trudy SPIIRAN, 2016, Issue 49, Pages 208–225
DOI: https://doi.org/10.15622/sp.49.11 (Mi trspy924)

This article is cited in 4 scientific papers (total in 4 papers)

Information Security

An analysis of security event correlation techniques in SIEM-systems. Part 2

A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko

St. Petersburg Institute for Informatics and Automation of the Russian Academy of Science (SPIIRAS)

Full-text PDF (1030 kB) Citations (4)

DOI: https://doi.org/10.15622/sp.49.11

Abstract: The paper proceeds research of the security event correlation methods in Security Information and Event Management (SIEM) systems. In this part we consider correlation methods of information security events that can be applied during separate correlation stages described in the previous paper. Classification of the considered correlation methods and analysis of their advantages and disadvantages are provided. The effectiveness of using these methods at different stages of the correlation process is evaluated.

Keywords: data correlation techniques; security event; security event analysis; computer network security evaluation systems; SIEM-systems.

Funding agency	Grant number
Russian Foundation for Basic Research	14-07-00697_а 14-07-00417_а 15-07-07451_а 16-37-00338_мол_а 16-29-09482_офи_м
Russian Academy of Sciences - Federal Agency for Scientific Organizations	0073-2015-0004 0073-2015-0007
Russian Science Foundation	15-11-30029
This research is supported by RFBR (projects No. 14-07-00697, 14-07-00417, 15-07-07451, 16-37-00338, 16-29-09482 офи_м), in part by the budget (projects No. 0073-2015-0004 and 0073-2015-0007) and by the grant of RSF 15-11-30029 in SPIIRAS.

Bibliographic databases:

Document Type: Article

UDC: 004.056.53

Language: Russian

Citation: A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko, “An analysis of security event correlation techniques in SIEM-systems. Part 2”, Tr. SPIIRAN, 49 (2016), 208–225

Citation in format AMSBIB

\Bibitem{FedLevChe16}

\by A.~V.~Fedorchenko, D.~S.~Levshun, A.~A.~Chechulin, I.~V.~Kotenko

\paper An analysis of security event correlation techniques in SIEM-systems. Part~2

\jour Tr. SPIIRAN

\yr 2016

\vol 49

\pages 208--225

\mathnet{http://mi.mathnet.ru/trspy924}

\crossref{https://doi.org/10.15622/sp.49.11}

\elib{https://elibrary.ru/item.asp?id=27657130}

Linking options:

https://www.mathnet.ru/eng/trspy924

https://www.mathnet.ru/eng/trspy/v49/p208

Cycle of papers

An Analysis of Security Event Correlation Techniques in Siem-Systems. Part 1
A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko
Tr. SPIIRAN, 2016, 47, 5–27
An analysis of security event correlation techniques in SIEM-systems. Part 2
A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko
Tr. SPIIRAN, 2016, 49, 208–225

This publication is cited in the following 4 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Statistics & downloads:
Abstract page:	903
Full-text PDF :	626

Что такое QR-код?

Registration to the website

Logotypes