I. V. Kotenko, I. B. Saenko, O. V. Polubelova, A. A. Chechulin, “Application of security information and event management technology for information security in critical infrastructures”, Tr. SPIIRAN, 2012, Issue 20,Pages <nobr>27

This article is cited in 7 papers

Application of security information and event management technology for information security in critical infrastructures

I. V. Kotenko, I. B. Saenko, O. V. Polubelova, A. A. Chechulin

St. Petersburg Institute for Informatics and Automation of RAS

Abstract: Application of SIEM (Security Information and Event Management) technology is promising in the field of information protection, especially for critical infrastructures. The paper considers the general issues of construction and operation of systems that implement this technology. The known implementations of such systems are described. The paper also discusses the peculiarities of the MASSIF project of the seventh framework program of the European Union which is devoted to advanced SIEM systems. We outline two key tasks of the project associated with the analysis of security events, based on the modeling of network attacks, and building the SIEM repository.

Keywords: information security, security event, critical infrastructure, security monitoring, modeling network attacks, repository.

UDC: 004.056.53

Received: 22.03.2012