Rodrigo Díaz scite author profile

Security Information and Event Management (SIEM) systems have been widely deployed as a powerful tool to prevent, detect, and react against cyber-attacks. SIEM solutions have evolved to become comprehensive systems that provide a wide visibility to identify areas of high risks and proactively focus on mitigation strategies aiming at reducing costs and time for incident response. Currently, SIEM systems and related solutions are slowly converging with big data analytics tools. We survey the most widely used SIEMs regarding their critical functionality and provide an analysis of external factors affecting the SIEM landscape in mid and long-term. A list of potential enhancements for the next generation of SIEMs is provided as part of the review of existing solutions as well as an analysis on their benefits and usage in critical infrastructures.

show abstract

Securing combined Fog-to-Cloud system Through SDN Approach

Kahvazadeh

Souza

Masip-Bruin

et al. 2017

View full text Add to dashboard Cite

Future IoT services execution may benefit from combining resources at cloud and at the edge. To that end, new architectures should be proposed to handle IoT services in a coordinated way at either the edge of the network, the cloud, or both. Reacting to that need, the Fog-to-Cloud concept has been recently proposed. A key aspect in the F2C design refers to security, since F2C raises security issues besides those yet unsolved in fog and cloud. Thus, we envision the need for new security strategies to handle all components in the F2C architecture. In this paper we propose an SDNbased (mater/slave) security architecture leveraging a centralized controller on the cloud, and distributed controllers at the edge of the network. We argue that the proposed architecture brings more security and privacy to the cloud users by reducing the distance between them and, therefore, reducing the risks of the so called man-in-the-middle attacks. The proposed security architecture is analyzed in some critical infrastructure scenarios in order to illustrate their potential benefits.

show abstract

An Overview of the CUREX Platform

Díaz-Honrubia¹,

González²,

Zamorano

et al. 2019

View full text Add to dashboard Cite

SDN-Based Resilient Smart Grid: The SDN-microSENSE Architecture

Radoglou-Grammatikis

Sarigiannidis

Dalamagkas

et al. 2021

Digital

View full text Add to dashboard Cite

The technological leap of smart technologies and the Internet of Things has advanced the conventional model of the electrical power and energy systems into a new digital era, widely known as the Smart Grid. The advent of Smart Grids provides multiple benefits, such as self-monitoring, self-healing and pervasive control. However, it also raises crucial cybersecurity and privacy concerns that can lead to devastating consequences, including cascading effects with other critical infrastructures or even fatal accidents. This paper introduces a novel architecture, which will increase the Smart Grid resiliency, taking full advantage of the Software-Defined Networking (SDN) technology. The proposed architecture called SDN-microSENSE architecture consists of three main tiers: (a) Risk assessment, (b) intrusion detection and correlation and (c) self-healing. The first tier is responsible for evaluating dynamically the risk level of each Smart Grid asset. The second tier undertakes to detect and correlate security events and, finally, the last tier mitigates the potential threats, ensuring in parallel the normal operation of the Smart Grid. It is noteworthy that all tiers of the SDN-microSENSE architecture interact with the SDN controller either for detecting or mitigating intrusions.

show abstract

MASSIF: A Promising Solution to Enhance Olympic Games IT Security

Prieto

Díaz

Romano

et al. 2012

View full text Add to dashboard Cite

Nowadays, Olympic Games have become one of the most profitable global media events, becoming at the same way more and more attractive target from the terrorist perspective due to their media diffusion and international dimension. Critical for the success of such a highly visible event is protecting and securing the business and the supporting cyber infrastructure enabling it. In this context, the MASSIF project aims to provide a new generation SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rodrigo Díaz

Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures

Securing combined Fog-to-Cloud system Through SDN Approach

An Overview of the CUREX Platform

SDN-Based Resilient Smart Grid: The SDN-microSENSE Architecture

MASSIF: A Promising Solution to Enhance Olympic Games IT Security

Contact Info

Product

Resources

About