2014
DOI: 10.1109/msp.2014.103
|View full text |Cite
|
Sign up to set email alerts
|

The Operational Role of Security Information and Event Management Systems

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2

Citation Types

0
75
0
1

Year Published

2015
2015
2024
2024

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 144 publications
(76 citation statements)
references
References 7 publications
0
75
0
1
Order By: Relevance
“…For example, an analysis of 12 million events lasts about 70 s only. Taking into account the linearly growing execution time, such a performance allows to analyse about 15 billion events per day, which should be enough to analyse all available events even in large enterprises such as EMC or at least significantly increase the number of processed events for a Cyber Defense Center like HP has . Further, we believe that the main limitation – memory requirements of the SAP HANA database – could be elaborated.…”
Section: Performance Of Predictive Analysis Methodsmentioning
confidence: 99%
See 1 more Smart Citation
“…For example, an analysis of 12 million events lasts about 70 s only. Taking into account the linearly growing execution time, such a performance allows to analyse about 15 billion events per day, which should be enough to analyse all available events even in large enterprises such as EMC or at least significantly increase the number of processed events for a Cyber Defense Center like HP has . Further, we believe that the main limitation – memory requirements of the SAP HANA database – could be elaborated.…”
Section: Performance Of Predictive Analysis Methodsmentioning
confidence: 99%
“…To deal with this issue, Yen et al needed to apply data reduction and artificially reduce the number of events to be processed . The Cyber Defense Center of HP seems to have a similar problem: Bhatt et al report about 100 billion to 1 trillion security events per day, while only 3 billion of them could be processed .…”
Section: Introductionmentioning
confidence: 99%
“…For example, an analysis of 12 million events lasts about 70 seconds only. Taking into account the linearly growing execution time, such a performance allows to analyse about 15 billion events per day, which should be enough to analyse all available events even in large enterprises such as EMC [19] or at least significantly increase the number of processed events for a Cyber Defense Center like HP has [20]. Further, we believe, that the main limitation -memory requirements of the SAP HANA database -could be elaborated.…”
Section: Performance Of Predictive Analysis Methodsmentioning
confidence: 99%
“…al. report about 100 billion to 1 trillion security events per day, while only 3 billion of them could be processed [20].…”
Section: Introductionmentioning
confidence: 99%
“…1 That article emphasized that SIEMs are responsible for collecting audit logs from all areas of an enterprise and presenting SOC analysts with only the most critical security events to act on.…”
mentioning
confidence: 99%