A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko, “An Analysis of Security Event Correlation Techniques in Siem-Systems. Part 1”, Tr. SPIIRAN, 2016, Issue 47,Pages <nobr>5

This article is cited in 7 papers

Information Security

An Analysis of Security Event Correlation Techniques in Siem-Systems. Part 1

A. V. Fedorchenko, D. S. Levshun, A. A. Chechulin, I. V. Kotenko

St. Petersburg Institute for Informatics and Automation of the Russian Academy of Science (SPIIRAS)

Abstract: The paper is devoted to the analysis of security event correlation methods in Security Information and Event Management (SIEM) systems. The correlation process is considered to be a multilevel hierarchy of stages. The goal of each stage consists in executing appropriate operations on security data being processed. Based on this analysis we outline each correlation stage and their interaction scheme.

Keywords: data correlation process; security event; security event analysis; computer network security evaluation systems; SIEM systems.

UDC: 004.056.53

DOI: 10.15622/sp.47.1