Paper Info
Title
A SIEM Architecture for Multidimensional Anomaly Detection
Abstract
In recent years businesses and organizations have experienced an increase in the occurrence of IT-security related threats, causing the compromise of sensitive information, disruption of everyday operations, and ultimately financial damage. Meanwhile, these attacks have become more varied and sophisticated, making them increasingly hard to detect. In order to address these issues we initiated the GLACIER <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">1</sup> <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">1</sup> GLACIER = Attack detection through multidimensional analysis of security-relevant data streams-project [1]. As a part of the project we created an architecture, which can be realized as an in-house operated SIEM system for SMEs. In addition to SIEM-specific tasks like network data collection, normalization, enrichment and storage, the systems main purpose is to supply data to advanced multidimensional analysis algorithms. These provide a novel way to reliably detect security-related anomalies. Found anomalies are displayed in a GUI, which allows giving feedback for tuning the anomaly detection algorithm, while also providing access to network actors for quick incidence responses. The architecture can be implemented using exclusively free, open-source components and is suitable for both information technology (IT) and operational technology (OT) environments.
Year
DOI
Venue
2021
10.1109/IDAACS53288.2021.9660903
2021 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS)
Keywords
DocType
Volume
SIEM,intrusion detection,security architecture,multi-dimensional data,anaomaly detection,open source,security
Conference
1
ISSN
ISBN
Citations 
2770-4262
978-1-6654-2606-0
0
PageRank 
References 
Authors
0.34
7
4
Name
Order
Citations
PageRank
Tim Laue100.34
Carsten Kleiner27321.21
Kai-Oliver Detken300.34
Timo Klecker400.34