2018
DOI: 10.1007/s12652-018-0936-7
|View full text |Cite
|
Sign up to set email alerts
|

Near-miss situation based visual analysis of SIEM rules for real time network security monitoring

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
8
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
2
1

Relationship

1
7

Authors

Journals

citations
Cited by 18 publications
(8 citation statements)
references
References 49 publications
0
8
0
Order By: Relevance
“…The work in [3] extended the manual process to develop an embedded analytics tool that examines an entire log file and provides tools to find novelty, anomalies, and contextual meaning in a log. Notably, the authors in [31] recently proposed a similar process to that of [3]. Herein, we extend upon [3] with more advanced analytics as well as a feedback approach.…”
Section: Big Cyber Log Datamentioning
confidence: 96%
“…The work in [3] extended the manual process to develop an embedded analytics tool that examines an entire log file and provides tools to find novelty, anomalies, and contextual meaning in a log. Notably, the authors in [31] recently proposed a similar process to that of [3]. Herein, we extend upon [3] with more advanced analytics as well as a feedback approach.…”
Section: Big Cyber Log Datamentioning
confidence: 96%
“…This allows administrators to see anomalies like login attempts from suspicious locations, network scans, and simultaneous user authentication attempts from various locations. The SIEM also monitors network traffic using this rule for better detection of threats and unusual activity [11]. It also can automatically extract this important information into a report or diagram that allows us to visualize activities from many sources.…”
Section: Event Correlationmentioning
confidence: 99%
“…The paper examined the most frequent AETs as well as the tools used to carry out such attacks. An Adaptive learning system based on an Artificial Immune System (AIS) has been proposed by A. Majeed et al [11]. The authors use the near-miss situation based on visual analysis for the SIEM rules.…”
Section: Current Research On Siemmentioning
confidence: 99%
See 1 more Smart Citation
“…In addition, we can use graphs to perform real-time threat analysis. This can enable security analysts to deploy defense mechanism accordingly [66]. We can also present the failure attempts on a particular system via graphs.…”
Section: Uses Of Graph Algorithms/concepts In Network Security Monitomentioning
confidence: 99%