loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Gustavo Gonzalez-Granadillo ; Susana Gonzalez-Zarzosa and Mario Faiella

Affiliation: Atos Research and Innovation, Cyber Security Department and Spain

Keyword(s): XL-SIEM, SIEM Enhancements, Security Data Analytic Platforms, SIEM Analysis.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Information and Systems Security ; Insider Threats and Countermeasures ; Intrusion Detection & Prevention ; Network Security ; Security in Information Systems ; Security Information Systems Architecture and Design and Security Patterns ; Security Management ; Wireless Network Security

Abstract: We present in this paper a Cross-Layer Security Information and Event Management tool (herein after denoted as XL-SIEM) as an enhanced security data analytics platform with added high-performance correlation engine able to raise alarms from a business perspective considering different events collected at different layers. The platform is composed of a set of distributed agents, responsible for the event collection, normalization and transfer of data; an engine, responsible for the filtering, aggregation, and correlation of the events collected by the agents, as well as the generation of alarms; a database, responsible of the data storage; and a dashboard, responsible for the data visualization in the web graphical interface. The proposed platform has been deployed on top of the open-source SIEM OSSIM (AlienVault) providing enhanced features compared to current open-source solutions, in particular associated to data sources, correlation engine, visualization, and reaction capabilities . A testbed implementation is described to show the integration and applicability of the tool over a security infrastructure. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.118.32.213

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Gonzalez-Granadillo, G.; Gonzalez-Zarzosa, S. and Faiella, M. (2018). Towards an Enhanced Security Data Analytic Platform. In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-319-3; ISSN 2184-3236, SciTePress, pages 453-458. DOI: 10.5220/0006831106190624

@conference{secrypt18,
author={Gustavo Gonzalez{-}Granadillo. and Susana Gonzalez{-}Zarzosa. and Mario Faiella.},
title={Towards an Enhanced Security Data Analytic Platform},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2018},
pages={453-458},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006831106190624},
isbn={978-989-758-319-3},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Towards an Enhanced Security Data Analytic Platform
SN - 978-989-758-319-3
IS - 2184-3236
AU - Gonzalez-Granadillo, G.
AU - Gonzalez-Zarzosa, S.
AU - Faiella, M.
PY - 2018
SP - 453
EP - 458
DO - 10.5220/0006831106190624
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic