Abstract
Security Information and Event Management (SIEM) systems have been widely deployed as a powerful tool to prevent, detect, and react against cyber-attacks. SIEM solutions have evolved to become comprehensive systems that provide a wide visibility to identify areas of high risks and proactively focus on mitigation strategies aiming at reducing costs and time for incident response. Currently, SIEM systems and related solutions are slowly converging with big data analytics tools. We survey the most widely used SIEMs regarding their critical functionality and provide an analysis of external factors affecting the SIEM landscape in mid and long-term. A list of potential enhancements for the next generation of SIEMs is provided as part of the review of existing solutions as well as an analysis on their benefits and usage in critical infrastructures.
Funder
Seventh Framework Programme
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference170 articles.
1. 15 Cybersecurity Fundamentals for Water and Wastewater Utilities. Best Practices to reduce Exploitable Weaknesses and Attackshttps://www.waterisac.org/system/files/articles/15%20Cybersecurity%20Fundamentals%20%28WaterISAC%29.pdf
2. NIST Recommendations for IoT & ICS Security. An Executive Summaryhttps://cyberx-labs.com/resources/nist-recommendations-for-iot-ics-security/
3. Security Information and Event Management (SIEM) Implementation;Miller,2010
4. Improving SIEM alert metadata aggregation with a novel kill-chain based classification model
Cited by
82 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献