2019 3rd Cyber Security in Networking Conference (CSNet) 2019
DOI: 10.1109/csnet47905.2019.9108976
|View full text |Cite
|
Sign up to set email alerts
|

Dynamic security management driven by situations: An exploratory analysis of logs for the identification of security situations

Abstract: Situation awareness consists of "the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning, and the projection of their status in the near future". Being aware of the security situation is then mandatory to launch proper security reactions in response to cybersecurity attacks. Security Incident and Event Management solutions are deployed within Security Operation Centers. Some vendors propose machine learning based approaches to detect intrusions by… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 6 publications
(4 citation statements)
references
References 6 publications
0
4
0
Order By: Relevance
“…A situation is a particular time frame of interest with a beginning, a life span and an end [ 34 ]. The beginning and the end of a situation can determined by combining multiple events coming from multiple sensors and occurring at different moments [ 9 ]. Indeed the beginning and the end of a situation involving multiple entities and multiple conditions cannot be limited to simple events captured by one single sensor.…”
Section: The Proposed Methodologymentioning
confidence: 99%
See 2 more Smart Citations
“…A situation is a particular time frame of interest with a beginning, a life span and an end [ 34 ]. The beginning and the end of a situation can determined by combining multiple events coming from multiple sensors and occurring at different moments [ 9 ]. Indeed the beginning and the end of a situation involving multiple entities and multiple conditions cannot be limited to simple events captured by one single sensor.…”
Section: The Proposed Methodologymentioning
confidence: 99%
“…The specification of the situations depends on the sensors available in the vessel and their characteristics. Different patterns for describing situations using CEP have been proposed in [ 8 , 9 ]. The resulting low level situations specification is then provided to a situation manager that continuously calculate the current situation.…”
Section: The Proposed Methodologymentioning
confidence: 99%
See 1 more Smart Citation
“…Due to the increasing complexity of networks and the growing trend in network traffic, network monitoring has become increasingly challenging [15]. The literature is rich in data sources and methods for monitoring [16], [17], [18]. Fuentes-García et al [19] discuss the framework of data integrators in network security monitoring, with the notable example of Security Information and Event Management (SIEM) Systems.…”
Section: Related Workmentioning
confidence: 99%