Paper Info
Title
SIEM approach for a higher level of IT security in enterprise networks
Abstract
The threat of cyber-attacks grows up, as one can see by several negative security-news from companies and private persons. [7] Especially small-and-medium-sized enterprises (SME) are in focus of external attackers because they have not implemented sufficient security strategies and components for their networks yet. Additionally, tablets, smartphones, and netbooks changed the requirements of IT security rapidly. Today, there are several security components (e.g. anti-virus-system, firewall, and intrusion detection system) available to protect enterprise networks; unfortunately, they work independently from each other - isolated. But many attacks can only be recognized if logs and events of different security components are combined and correlated with each other. This possibility is offered by a security information and event management (SIEM) system. But nowadays these systems are very complex and expensive in deployment and maintenance ([12]). The SIMU project, funded by the BMBF [6] and presented in this paper, offers several features of a SIEM system with better handling and more efficient use in the SME environment.
Year
DOI
Venue
2015
10.1109/IDAACS.2015.7340752
2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS)
Keywords
Field
DocType
SIEM,open source,IF-MAP,CBOR,IDS,network security
Security through obscurity,Computer security,Computer science,Asset (computer security),Security service,Cloud computing security,Security information and event management,Enterprise information security architecture,Intrusion detection system,Computer security model
Conference
Volume
ISBN
Citations 
1
978-1-4673-8359-2
0
PageRank 
References 
Authors
0.34
4
5
Name
Order
Citations
PageRank
Kai-Oliver Detken124.25
Thomas Rix200.68
Carsten Kleiner37321.21
Bastian Hellmann400.34
Leonard Renners542.74