A framework for mastering heterogeneity in multi-layer security information and event correlation
详细信息 查看全文
- 作者:Luigi Coppolino luigi.coppolino@uniparthenope.it" class="auth_mail" title="E-mail the corresponding authorAuthor Vitae ; Salvatore D'Antonio salvatore.dantonio@uniparthenope.it" class="auth_mail" title="E-mail the corresponding authorAuthor Vitae ; Valerio Formicola ; valerio.formicola@uniparthenope.it" class="auth_mail" title="E-mail the corresponding authorAuthor Vitae ; Luigi Romano luigi.romano@uniparthenope.it" class="auth_mail" title="E-mail the corresponding authorAuthor Vitae
- 关键词:Security Information and Event Management ; Security Probe ; Mobile payment ; Data collection ; Data correlation
- 刊名:Journal of Systems Architecture
- 出版年:2016
- 出版时间:January 2016
- 年:2016
- 卷:62
- 期:Complete
- 页码:78-88
- 全文大小:1973 K
文摘
- •
We detected limits of SIEM systems while being used to protect critical infrastructures from sophisticated cyberattacks.
- •
We developed a new data collection and pre-correlation framework named “GET”.
- •
GET links physical to logical security and exploits knowledge of the Business Process.
- •
The GET framework has been integrated into the open-source SIEM OSSIM.
- •
We validated the GET in a dam control system and a mobile phone based payment service.