Журнал «Современная Наука»

Methodology for forming a significant set of the rules of correlation to identify distributed events of information security

Gaynov Arthur Evgenevich (Kuban institute of information protection, Krasnodar)

Zavodtsev Ilya Valentinovich (k.t.s., docent, Kuban institute of information protection, Krasnodar)

In this script a technique for forming a significant set of the rules for SIEM-systems is proposed, which allows to identify and eliminate possible conflicts in the process of forming correlation rules in case of simultaneously setting complementary, parallel or interrelated relations between different security events. In general it allows reducing the number of information se-curity incidents, which are not detected by other methods.

Keywords:an information security incident, a SIEM-system, a log-file.

Read the full article …

Citation link:
Gaynov A. E., Zavodtsev I. V. Methodology for forming a significant set of the rules of correlation to identify distributed events of information security // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2017. -№05. -С. 53-61

LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"

Terms Publications

Issues of the journals (Archive)

ECONOMICS AND LAW

HUMANITIES

NATURAL AND TECHNICAL SCIENCES

COGNITION

Серия - Natural and Technical Sciences

2011

2012

2013

2014

2015

2016

2017

2018

2019

2020

2021

2022

2023

2024