Topics
transformerDevice
Dans les systèmes d'informations, les outils de détection produisent en continu un grand nombre d'alertes.Des outils de corrélation permettent de réduire le nombre d'alertes et de synthétiser au sein de méta-alertes les informations importantes pour les administrateurs.Cependant, la complexité des règles de corrélation rend difficile leur écriture et leur maintenance.Cette thèse propose par conséquent une méthode pour générer des règles de corrélation de manière semi-automatique à partir d’un scénario d’attaque exprimé dans un langage de niveau d'abstraction élevé.La méthode repose sur la construction et l'utilisation d’une base de connaissances contenant une modélisation des éléments essentiels du système d’information (par exemple les n...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceIn large distributed information systems, alert correlation systems are necess...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceIn large distributed information systems, alert correlation systems are necess...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
Information systems produce continuously a large amount of messages and alerts. In order to manage t...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceCurrent SIEM (Security Information and Event Management) provide very simple a...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceIn large distributed information systems, alert correlation systems are necess...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceInformation systems are prone to attacks. Those attacks can take different for...
International audienceIn large distributed information systems, alert correlation systems are necess...
Add to ORKG