Essays about: "SIEM"
Showing result 1 - 5 of 12 essays containing the word SIEM.
-
1. Network Traffic Analysis and Anomaly Detection : A Comparative Case Study
University essay from Högskolan i Halmstad/Akademin för informationsteknologiAbstract : Computer security is to protect the data inside the computer, relay the information, expose the information, or reduce the level of security to some extent. The communication contents are the main target of any malicious intent to interrupt one or more of the three aspects of the information security triad (confidentiality, integrity, and availability). READ MORE
-
2. Modeling a Security Operations Center
University essay from KTH/Hälsoinformatik och logistikAbstract : Security breaches caused by hackers are a significant issue for businesses. This illustrates the need for protection against these attacks. Using a Security Operations Center (SOC) solution to detect attacks against ones corporation is an essential step in doing that. READ MORE
-
3. Feasibility to implement a SIEM based on Open-source applications
University essay from KTH/Skolan för elektroteknik och datavetenskap (EECS)Abstract : As more and more things digitize, the need of logging events and managing these logs increases. To be able to makes sense of these logs, a (Security Information and Event Management) SIEM tool is commonly used both to correlate the events and as a tool to analyze the logs. READ MORE
-
4. A Performance Analysis of Intrusion Detection with Snort and Security Information Management
University essay from Linköpings universitet/Databas och informationsteknikAbstract : Network intrusion detection systems (NIDSs) are a major component in cybersecurity and can be implemented with open-source software. Active communities and researchers continue to improve projects and rulesets used for detecting threats to keep up with the rapid development of the internet. READ MORE
-
5. A Real- time Log Correlation System for Security Information and Event Management
University essay from KTH/Skolan för elektroteknik och datavetenskap (EECS)Abstract : The correlation of several events in a period of time is a necessity for a threat detection platform. In the case of multistep attacks (attacks characterized by a sequence of executed commands), it allows detecting the different steps one by one and correlating them to raise an alert. READ MORE
