Wyniki wyszukiwania - BazTech

Ograniczanie wyników

Znaleziono wyników: 2

Liczba wyników na stronie

Wyniki wyszukiwania

Wyszukiwano:
w słowach kluczowych: event management

Sortuj według:

Ogranicz wyniki do:

Adaptive Monitoring of Companies' Information Security

Lakhno Valerii, Adilzhanova Saltanat, Ydyryshbayeva Moldir, Turgynbayeva Aliza, Kryvoruchko Olena, Chubaievskyi Vitalyi, Desiatko Alona

International Journal of Electronics and Telecommunications

2023

Vol. 69, No. 1

75--82

Additions were proposed to the method of organizing the information security (IS) event management process of companies. Unlike existing solutions, the algorithm of the "Event handling" subprocess was detailed. This detailing is a complex, which includes the IS event processing substage. In addition, the proposed detailing of the "Event Handling" subprocess allows for covering the entire life cycle of an IS event. The performed research allows in practice to fill in potential gaps in information when creating a company's ISMS. An additional advantage of the proposed solution is the possibility of using this sub-process as an independent one. The proposed approach makes it possible to simplify the procedure for managing the information security of a company as a whole, as well as potentially reduce the costs of its construction for small companies and enterprises. Also, this subprocess can be considered as an independent information security management process, for example, for a company's CIS. The proposed solutions and additions, in contrast to similar studies, are characterized by invariance with respect to the methods of implementing the company's IS infrastructure solutions, and in particular its CIS. This ultimately allows, without changing the methodological tools, to scale this approach and adapt it to the ISMS of various companies.

Proactive network security event management using mobile agents

Narendran G., Vimal Jebaraj G.N., Sugesh Kumar R., ILayaraja R., Narayanasamy P.

Studia Informatica

2003

Vol. 24, nr 2B

107-116

This paper introduces a novel implementation of an upcoming paradigm in network security. The Network Security Event Management paradigm aims at detecting events in the network and correlating them with attacks, so that the attacks can be prevented even from being successfully attempted. The use of mobile agent technology provides distinctive advantages over client-server architecture and the use of an expert system adds to the intelligent analysis and correlating capabilities of the system. The event management paradigm has been successfully implemented by integrating the modules of Network Monitor, Network Traffic Analyzer and an Expert System for intelligent decision making. This system provides with various advantages over traditional network security tools in manners that, this system detects and acts on pre-attack postures itself, reduces the network traffic by transporting the know-how to the client itself. Other advantages include intelligent analysis and correlation of events, flexible reporting, automated alerting and preventive action enabling.

Artykuł przedstawia implementację nowej polityki bezpieczeństwa w sieci, polegającej na wykrywaniu zdarzeń w sieci i ustalaniu ich korelacji z występującymi atakami, co pomaga zapobieżeniu tych ataków. Wykorzystanie technologii ruchomych agentów przynosi znaczne korzyści w stosunku do architektury klient-serwer, a zastosowanie systemu eksperckiego wspiera inteligentną analizę zdarzeń i ustalanie korelacji. System zarządzania zdarzeniami jest realizowany poprzez integracje modułów Monitora Sieci, Analizatora Ruchu i Systemu Eksperckiego. Niektóre zalety opisywanego systemu w stosunku do tradycyjnych narzędzi zabezpieczających sieć to możliwość uprzedzania ataków, zmniejszenie natężenia ruchu w sieci poprzez przeniesienie niezbędnej wiedzy na poziom użytkownika, inteligentna analiza i korelacja zdarzeń, raportowanie dostosowane do indywidualnych potrzeb, automatyczne alarmowanie i podejmowanie akcji zapobiegawczych.