Sökning: "security information and event management siem"

Visar resultat 1 - 5 av 7 uppsatser innehållade orden security information and event management siem.

  1. 1. Operativ cybersäkerhet: för och nackdelar med AI verktyg : En Förstudie

    Kandidat-uppsats, Luleå tekniska universitet/Digitala tjänster och system

    Författare :David Jepsson; Axel Tillman; [2023]
    Nyckelord :Artificial Intelligence; AI Tools; Cybersecurity; IT Security; Explainable Artificial Intelligence; Incident Management; Security Operations Center SOC ; Security Information and Event Management SIEM ; National Institute of Standards and Technology NIST ; Artificiell Intelligens; AI-verktyg; Cybersäkerhet; IT-säkerhet; Explainable AI; Incidenthantering; Security Operations Center; SIEM; NIST;

    Sammanfattning : Denna studie undersöker för- och nackdelarna med att implementera artificiell intelligens (AI)som ett verktyg inom en Security Operations Center (SOC). Syftet med studien är att undersökaom och hur AI-verktyg kan underlätta incidenthantering inom en SOC, samt vilka nyautmaningar som uppstår. LÄS MER

  3. 2. Method of finding the minimum number of sources of indicators of compromise to cover the maximum set

    Master-uppsats, Blekinge Tekniska Högskola/Institutionen för datavetenskap

    Författare :Kateryna Sydorenko; [2023]
    Nyckelord :Indicator of Compromise; Set Cover Problem; Maximum Coverage; Open Threat Exchange;

    Sammanfattning : Background. With the increasing demand for cybersecurity, there is a growing interest in understanding cyber-attack surfaces and vectors. LÄS MER

  4. 3. Feasibility to implement a SIEM based on Open-source applications

    Kandidat-uppsats, KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Författare :Robin Björk; [2022]
    Nyckelord :IT-security; log management; open-source; SIEM; Correlation engine; IT-säkerhet; Loghantering; Öppen-källkod; SIEM; Korrelationsmotor;

    Sammanfattning : As more and more things digitize, the need of logging events and managing these logs increases. To be able to makes sense of these logs, a (Security Information and Event Management) SIEM tool is commonly used both to correlate the events and as a tool to analyze the logs. LÄS MER

  5. 4. A Real- time Log Correlation System for Security Information and Event Management

    Master-uppsats, KTH/Skolan för elektroteknik och datavetenskap (EECS)

    Författare :Clémence Dubuc; [2021]
    Nyckelord :Correlation; SIEM; Security Logs; Apache Spark; Elastic Search; Korrelation; SIEM; Säkerhetsloggar; Apache Spark; Elastic Search;

    Sammanfattning : The correlation of several events in a period of time is a necessity for a threat detection platform. In the case of multistep attacks (attacks characterized by a sequence of executed commands), it allows detecting the different steps one by one and correlating them to raise an alert. LÄS MER

  7. 5. Research of methods and algorithms of insider detection in a computer network using machine learning technologies

    Master-uppsats, Blekinge Tekniska Högskola/Institutionen för datavetenskap

    Författare :Dmitrii Pelevin; [2021]
    Nyckelord :IPS; IDS; UBA; NoSQL; Information Security;

    Sammanfattning : Background. Security Information and Event Management (SIEM) systems today are sophisticated sets of software packages combined with hardware platforms, which can perform real-time analysis on security events and can respond to them before potential damage due to the actions of intruders. LÄS MER