|
This article is cited in 4 scientific papers (total in 4 papers)
Information Security
An analysis of security event correlation techniques in SIEM-systems. Part 2
A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko St. Petersburg Institute for Informatics and Automation of the Russian Academy of Science (SPIIRAS)
Abstract:
The paper proceeds research of the security event correlation methods in Security Information and Event Management (SIEM) systems. In this part we consider correlation methods of information security events that can be applied during separate correlation stages described in the previous paper. Classification of the considered correlation methods and analysis of their advantages and disadvantages are provided. The effectiveness of using these methods at different stages of the correlation process is evaluated.
Keywords:
data correlation techniques; security event; security event analysis; computer network security evaluation systems; SIEM-systems.
Citation:
A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko, “An analysis of security event correlation techniques in SIEM-systems. Part 2”, Tr. SPIIRAN, 49 (2016), 208–225
Linking options:
https://www.mathnet.ru/eng/trspy924 https://www.mathnet.ru/eng/trspy/v49/p208
|
Statistics & downloads: |
Abstract page: | 903 | Full-text PDF : | 626 |
|