A general extension system for event processing languages

Alves, Alexandre de Castro

doi:10.1145/2002259.2002261

Cited by 3 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance in commercial SIEM solutions such as OSSEC (open source HIDS (Host-based Intrussion Detection Systems) SECurity) or OSSIM (open source security information management), an XML-based language is included for that task [ 25 ]. Other systems such as Prelude use Lua language [ 26 ], and in Esper, they use an event processing language (EPL) [ 27 ]. Nevertheless, In most SIEM systems, the languages are mainly focused on the construction of correlation rules which could aid in the detection of possible threats or intrusions, while the goal of our proposal is the definition of a language for the generation of security enforcement policies, related specifically with the access control through firewalls and other related network devices.…”

Section: Related Workmentioning

confidence: 99%

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

Rivera

Monje

Villagrá

et al. 2019

Entropy

View full text Add to dashboard Cite

The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks.

show abstract

Section: Related Workmentioning

confidence: 99%

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

Rivera

Monje

Villagrá

et al. 2019

Entropy

View full text Add to dashboard Cite

show abstract

“…Event tools are also important to manage the runtime of an event-based system, so features like control of subscriptions, monitoring and administration of the event system infrastructure, statistics of the event flow, visibility and transport of the event generation are important functionality in order to support the lifecycle of an eventbased system. Some leading software vendors like IBM and Oracle [1] offers on their SOA-based products some sort of event development tooling to support implementation of eventdriven architecture. An event tool developed as part of this project is used to specify an use case based on a Serasa Experian real scenario.…”

Section: Event Toolingmentioning

confidence: 99%

An Use Case About Event-Based Systems Applied to Services-Oriented Architecture at Serasa Experian

Júnior

Liesenberg

Proceedings of the 9th CONTECSI International Conference on Information Systems and Technology Management CONTECSI

View full text Add to dashboard Cite

This article describes the experience and deliverables of a research supported and sponsored by Serasa Experian as part of its program for incentive of academic research. The aim of this project was to introduce the event driven architecture story to the company and how it extends the service-oriented architecture. In order to achieve this main objective, a real use case of an event-based system based on corporate scenarios at Serasa Experian was modeled and implemented using an integrated development environment (IDE) that is part of this research. This IDE based on Eclipse offers support for development of distributed event-based systems and has visual editors for modeling and specification of these systems. The use case was also deployed on a controlled runtime environment also described in this article, so its execution and the deployment effort could be simulated and tested. This paper presents the contributions of this experience of implementing a real corporate event flow and how this opportunity influenced this work.Keywords event-based systems, service oriented architecture, software engineering, behavioral modeling, reactive components, distributed computing Acknowledgments:The authors would like to thank Serasa Experian and all of its associates who contributed to this study and research. We are especially grateful to Djalma Padovani and Luciana Portela for their collaboration during the regular meetings and for providing relevant information for the completion of this work.

show abstract

Information system monitoring and notifications using complex event processing

Nguyen

Pitner

2012

Proceedings of the Fifth Balkan Conference in Informatics

View full text Add to dashboard Cite

A general extension system for event processing languages

Cited by 3 publications

References 6 publications

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

An Use Case About Event-Based Systems Applied to Services-Oriented Architecture at Serasa Experian

Information system monitoring and notifications using complex event processing

Contact Info

Product

Resources

About