Data Mining Approach in Security Information and Event Management

zope, anita; Vidhate, Amarsinh; Harale, Naresh

doi:10.7763/ijfcc.2013.v2.126

Cited by 9 publications

(4 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2. Data mining architecture [12] agencies or companies without SIEM can generate fast and concise reports, as required for their reports to comply. In the current environment, the reporting of each device is essential to periodically recover data manually from each device and to ensure a central configuration for the generation of a report can be created.…”

Section: Benefits Of Siemmentioning

confidence: 99%

“…All raw data can be processed through a data mining technique. According to Zope et al, [12], this technique can quickly be implemented on existing software platforms and hardware platforms for enhancing the value of existing information resources. It is the process of examining data from several angles and synthesizing it into meaningful knowledge.…”

Section: Mining Processmentioning

confidence: 99%

See 1 more Smart Citation

SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure

Isa

Khairuddin

Sulaiman

et al. 2021

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

One major problem faced by network users is an attack on the security of the network especially if the network is vulnerable due to poor security policies. Network security is largely an exercise to protect not only the network itself but most importantly, the data. This exercise involves hardware and software technology. Secure and effective access management falls under the purview of network security. It focuses on threats both internally and externally, intending to protect and stop the threats from entering or spreading into the network. A specialized collection of physical devices, such as routers, firewalls, and anti-malware tools, is required to address and ensure a secure network. Almost all agencies and businesses employ highly qualified information security analysts to execute security policies and validate the policies’ effectiveness on regular basis. This research paper presents a significant and flexible way of providing centralized log analysis between network devices. Moreover, this paper proposes a novel method for compiling and displaying all potential threats and alert information in a single dashboard using a deep learning approach for campus network infrastructure.

show abstract

Section: Benefits Of Siemmentioning

confidence: 99%

Section: Mining Processmentioning

confidence: 99%

SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure

Isa

Khairuddin

Sulaiman

et al. 2021

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

show abstract

“…Intrusion detection system's accuracy was improved by correlating data among different logs [3,4]. Different attacks were reflected in different logs and argued that some attacks were not evident when a single log was analyzed.…”

Section: Related Workmentioning

confidence: 99%

Use of Machine Learning Algorithms with SIEM for Attack Prediction

Anumol

2014

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

In the recent years, organizations face the ever growing challenge of providing security in the network infrastructure. An intrusion detection system is essentially a spruced up, intelligent variant of a firewall which does deep packet analysis which generate alerts but cannot predict multistep attacks. In this work, we propose an intrusion prediction system (IPS) with the extension of a commercial SIEM framework, namely open source security information management (OSSIM), to perform the event analysis and to predict future probable multistep attacks before they pose a serious security risk. Security information and event management (SIEM) framework affirms network protection by the correlation and management of network log files. Data mining techniques are used for processing of all normalized data from OSSIM and also for classification.

show abstract

“…In recent years, management of security systems in the enterprise has been widespread, including those related to personnel, based on the methods of data mining. In particular, Zope A. R., Vidhate A., and Harale N. (2013) offer an overview of the various techniques of data mining for solving the problems of information security in the enterprise. The most commonly used implementations are firewalls that operate on the basis of set rules to protect the network against unauthorized access, and spam filtering systems and undesirable software applications in the letters, based on the simplest of which is the Bayesian rule.…”

mentioning

confidence: 99%

Innovation Methods and Models of Personnel Security Management: Opportunities and Imperatives of Use at Ukrainian Enterprises

Zatonatskiy¹

2019

MMI

View full text Add to dashboard Cite

In the modern world, issues of personnel security management are getting more popular and significant in order to protect companies from internal and external threats. The article analyses modern approaches and models of personnel security management in the structure of economic security. The aim of the paper is to develop recommendations for the use of modern information systems and models of personnel security management for Ukrainian enterprises of strategic importance to the national economy. It is determined that the most general and broad approach to the definition of personnel security involves not only prevention of violations of the norms and principles of confidentiality of information by the personnel but also the organization of the security of the personnel itself, therefore, there is a need for the formation of an integrated system of personnel security management at the corporate level. The author's analysis of modern systems of personnel security management has shown the importance of researching the psychological and behavioural characteristics of employees not only in the corporate environment but also beyond its borders. It has been proved that the introduction of modern modelling techniques (in particular, the Bayesian model, the nonlinear model of the neural net with feedback, linear regression, k-mean algorithms, etc.) will contribute to the strengthening of the system in the practice of providing personal security under the influence of external and internal threats. It is recommended that domestic enterprises introduce a comprehensive and integrated personnel security system to improve the practice of psychological diagnosis and monitoring of employees' actions, in particular, improving the systems for collecting information on employee behavioural indicators in the corporate environment and beyond. The necessity of using the modern toolkit of the technical component of information security and certification system using the international standard ISO 27001 is proved, which significantly improves personnel security management in the structure of economic security of enterprises, reduces operational risk and increases the awareness of managers and ordinary employees. It is recommended to introduce improved technical systems in those types of activities and industries that are strategic for the economic growth of Ukraine's national economy and ensuring the country's defence and competitiveness.

show abstract

Data Mining Approach in Security Information and Event Management

Abstract: This paper gives an overview of data mining field& security information event management system. We will seehow various data mining techniques can be used in securityinformation and event management system to enhance thecapabilities of the system

Cited by 9 publications

References 4 publications

SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure

SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure

Use of Machine Learning Algorithms with SIEM for Attack Prediction

Innovation Methods and Models of Personnel Security Management: Opportunities and Imperatives of Use at Ukrainian Enterprises

Contact Info

Product

Resources

About