2021
DOI: 10.1109/access.2021.3067106
|View full text |Cite
|
Sign up to set email alerts
|

Present and Future of Network Security Monitoring

Abstract: Network Security Monitoring (NSM) is a popular term to refer to the detection of security incidents by monitoring the network events. An NSM system is central for the security of current networks, given the escalation in sophistication of cyberwarfare. In this paper, we review the state-of-the-art in NSM, and derive a new taxonomy of the functionalities and modules in an NSM system. This taxonomy is useful to assess current NSM deployments and tools for both researchers and practitioners. We organize a list of… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
10
0
4

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
4

Relationship

0
9

Authors

Journals

citations
Cited by 27 publications
(14 citation statements)
references
References 74 publications
0
10
0
4
Order By: Relevance
“…The internet protocols have been viewed as a set of layers or protocol stack described according to the open system’s interconnections (OSI) into a seven-layered network [ 23 ]. Several protocols such as IPSec, SSL, and DNSSEC which have been proposed to provide end-to-end security solutions.…”
Section: Literature Reviewmentioning
confidence: 99%
“…The internet protocols have been viewed as a set of layers or protocol stack described according to the open system’s interconnections (OSI) into a seven-layered network [ 23 ]. Several protocols such as IPSec, SSL, and DNSSEC which have been proposed to provide end-to-end security solutions.…”
Section: Literature Reviewmentioning
confidence: 99%
“…To monitor uninterruptedly the services and operations, a Security Operation Center (SOC) is established. The SOC has become a priority for organizations since they are investing in their development to provide increased visibility to events throughout their networks [4]. Essentially, it is the centralized monitoring unit of the IT and network infrastructure and handles security issues on an organizational and technical level [5].…”
Section: Measuring Cyber Securitymentioning
confidence: 99%
“…The latter type offers a more finegrained visibility of the infrastructure's state. According to Fuentes-Garcia et al [4], a network security monitoring system should provide traceability of the processes of the network and systems under monitoring. However, to achieve this view, the setup should incorporate multiple components, such as those described subsequently.…”
Section: Ieee Instrumentation and Measurement Magazinementioning
confidence: 99%
“…In today's society, the Internet has affected the entire social process. e application for the Internet is becoming diversified, and the scale of netizens continues to show a trend of sustained and rapid development [1,2]. At this stage, China's cyber security situation is becoming more severe and complex, and cyber security incidents are becoming more complex.…”
Section: Introductionmentioning
confidence: 99%