Trudy SPIIRAN
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS


Informatics and Automation:
Year:
Volume:
Issue:
Page:
Find




Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register

Trudy SPIIRAN, 2017, Issue 54, Pages 5–34
DOI: https://doi.org/10.15622/sp.54.1 (Mi trspy964) 		 
This article is cited in 6 scientific papers (total in 6 papers)

Information Security

A system for collecting, storing and processing security information and events based on Elastic Stack tools

I. V. Kotenkoa, A. A. Kuleshovb, I. A. Ushakovb

a St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences (SPIIRAS)
b Federal State Budget-Financed Educational Institution of Higher Education, The Bonch-Bruevich Saint - Petersburg State University of Telecommunications (SPbSUT)
Full-text PDF (1657 kB) Citations (6)
DOI: https://doi.org/10.15622/sp.54.1
Abstract: The paper considers an approach to the design of a system for data and security events collecting, storing and processing based on Elastic Stack tools. The tasks of monitoring and incident management are analyzed; architectural solutions for monitoring systems are studied; requirements to such systems are defined; and the architecture of systems for data and security events collecting, storing and processing is suggested. The developed software prototype of such system is described, and the results of experiments are specified.
Keywords: security information and event management; Big Data; SIEM systems; Elastic Stack; Elasticsearch; Logstash; Kibana.
Funding agency Grant number
Russian Science Foundation 15-11-30029
This research is supported by RSF (project № 15-11-30029).
Bibliographic databases:
Document Type: Article
UDC: 004.056.53
Language: Russian
Citation: I. V. Kotenko, A. A. Kuleshov, I. A. Ushakov, “A system for collecting, storing and processing security information and events based on Elastic Stack tools”, Tr. SPIIRAN, 54 (2017), 5–34
Citation in format AMSBIB
\Bibitem{KotKulUsh17}
\by I.~V.~Kotenko, A.~A.~Kuleshov, I.~A.~Ushakov
\paper A system for collecting, storing and processing security information and events based on Elastic Stack tools
\jour Tr. SPIIRAN
\yr 2017
\vol 54
\pages 5--34
\mathnet{http://mi.mathnet.ru/trspy964}
\crossref{https://doi.org/10.15622/sp.54.1}
\elib{https://elibrary.ru/item.asp?id=30282018}
Linking options:
  • https://www.mathnet.ru/eng/trspy964
  • https://www.mathnet.ru/eng/trspy/v54/p5
    • This publication is cited in the following 6 articles:
    1. V. M. Krundyshev, G. A. Markov, I. Yu. Zhukov, “Mathematical Model of Information Security Event Management Using a Markov Chain in Industrial Systems”, Aut. Control Comp. Sci., 58:8 (2024), 1132  crossref
    2. Igor Kotenko, Andrey Krasov, Igor Ushakov, Konstantin Izrailov, “An Approach for Stego-Insider Detection Based on a Hybrid NoSQL Database”, JSAN, 10:2 (2021), 25  crossref
    3. Viktoria Konovalova, Nikita Kazakov, Hamza Mohammed Ridha Al-Khafaji, Maxim Kovtsur, Anton Kistruga, The 5th International Conference on Future Networks & Distributed Systems, 2021, 581  crossref
    4. Anastasiia O. Khlobystova, Maxim V. Abramov, Tatiana V. Tulupyeva, 2020 XXIII International Conference on Soft Computing and Measurements (SCM), 2020, 37  crossref
    5. I.V. Kotenko, N.A. Komashinskiy, I.B. Saenko, A.V. Bashmakov, “Methods and tools of parallel event processing for creating new generation of security monitoring systems”, I&C, 5 (2020), 107  crossref
    6. Andrey Krasov, Lidia Vitkova, Igor Pestov, 2019 International Russian Automation Conference (RusAutoCon), 2019, 1  crossref
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    		Informatics and Automation
    Statistics & downloads:
    Abstract page:317
    Full-text PDF :905
     
      Contact us:
    		  Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2025