International audienceThe paper studies the process of correlation for SIEM systems based on analyzing the structures of security event types. The approach to automated analysis of security events as input data with dynamic content is proposed. For the automated analysis of events the paper suggests to build a graph of types of events with direct and indirect links between them. Processing of security input data means performing functional and behavioral analysis by computing the frequency-time characteristics of events, their ranking and building of patterns of behavior. The proposed approach allows to use a previously not applied method of rank correlation, alongside with other intelligent methods. The requirements to the normalization of...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
Current techniques employed in security alert correlation area for multi-step attack recognition pur...
Abstract. Alert correlation is a system which receives alerts from heterogene-ous Intrusion Detectio...
International audienceThe paper studies the process of correlation for SIEM systems based on analyzi...
Abstract—Detecting and identifying security events to provide cyber situation awareness has become a...
International audienceCurrent Security Information and Event Management systems (SIEMs) constitute t...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
The timely and reliable data transfer required by many networked applications necessitates the devel...
Security Information and Event Management (SIEM) is a consolidated technology that relies on the cor...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
The strategy of combining artificial intelligence (AI) and self–adaptation to opti-mize different ty...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
This paper focuses on Simple Event Correlator – a lightweight event correlator written by one of the...
The premise of automated alert correlation is to accept that false alerts from a low level intrusion...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
Current techniques employed in security alert correlation area for multi-step attack recognition pur...
Abstract. Alert correlation is a system which receives alerts from heterogene-ous Intrusion Detectio...
International audienceThe paper studies the process of correlation for SIEM systems based on analyzi...
Abstract—Detecting and identifying security events to provide cyber situation awareness has become a...
International audienceCurrent Security Information and Event Management systems (SIEMs) constitute t...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
The timely and reliable data transfer required by many networked applications necessitates the devel...
Security Information and Event Management (SIEM) is a consolidated technology that relies on the cor...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
The strategy of combining artificial intelligence (AI) and self–adaptation to opti-mize different ty...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
This paper focuses on Simple Event Correlator – a lightweight event correlator written by one of the...
The premise of automated alert correlation is to accept that false alerts from a low level intrusion...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
We propose an adaptive cyber security monitoring system that integrates a number of component techni...
Current techniques employed in security alert correlation area for multi-step attack recognition pur...
Abstract. Alert correlation is a system which receives alerts from heterogene-ous Intrusion Detectio...