Response automation for security information and event manager, SIERA
Information security is a crucial element that should be prioritized in all organization today. With the fast-paced growth of security threats, there is a need to strengthen their defense. Security information and event managers (SIEM) systems are deployed into organizations as one of its lines of d...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2016
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etd_bachelors/6639 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| id |
oai:animorepository.dlsu.edu.ph:etd_bachelors-7283 |
|---|---|
| record_format |
eprints |
| spelling |
oai:animorepository.dlsu.edu.ph:etd_bachelors-72832021-07-26T15:42:04Z Response automation for security information and event manager, SIERA Albayda, Giodeelyn B. Coloma, Juan Paolo A. Corpuz, Danica Christine D. Nieva, Patricia Hera A Information security is a crucial element that should be prioritized in all organization today. With the fast-paced growth of security threats, there is a need to strengthen their defense. Security information and event managers (SIEM) systems are deployed into organizations as one of its lines of defense. It acts as a middlemen between devices monitoring if there are attacks that have been made into the network. Traditional SIEMs handle attacks by creating reports and by at most notifying the system administrator. This approach relies solely on the skills of the system administrator and resources in mitigating the attacks that have been detected. This being the case, there is a lack of proactive in the case of SIEM. Without implementing the proper mitigation technique immediately, the severity of the attack might heighten making the data of the organization susceptible to breach. This study aims to create a response automation system for security information and event managers. In order to verify the functionality of the system, several tests have been conducted. One of these include the classification of attacks, it categorizes the attacks based on the needed metrics like protocol used, priority of the victim, and attack rate. After which, the proper response for the attack will be imposed automatically. The implemented features together with the performance of the system shows the effectivity of the response automation for SIEMs. 2016-01-01T08:00:00Z text https://animorepository.dlsu.edu.ph/etd_bachelors/6639 Bachelor's Theses English Animo Repository Computer security Computer Sciences |
| institution |
De La Salle University |
| building |
De La Salle University Library |
| continent |
Asia |
| country |
Philippines Philippines |
| content_provider |
De La Salle University Library |
| collection |
DLSU Institutional Repository |
| language |
English |
| topic |
Computer security Computer Sciences |
| spellingShingle |
Computer security Computer Sciences Albayda, Giodeelyn B. Coloma, Juan Paolo A. Corpuz, Danica Christine D. Nieva, Patricia Hera A Response automation for security information and event manager, SIERA |
| description |
Information security is a crucial element that should be prioritized in all organization today. With the fast-paced growth of security threats, there is a need to strengthen their defense. Security information and event managers (SIEM) systems are deployed into organizations as one of its lines of defense. It acts as a middlemen between devices monitoring if there are attacks that have been made into the network. Traditional SIEMs handle attacks by creating reports and by at most notifying the system administrator. This approach relies solely on the skills of the system administrator and resources in mitigating the attacks that have been detected. This being the case, there is a lack of proactive in the case of SIEM. Without implementing the proper mitigation technique immediately, the severity of the attack might heighten making the data of the organization susceptible to breach. This study aims to create a response automation system for security information and event managers. In order to verify the functionality of the system, several tests have been conducted. One of these include the classification of attacks, it categorizes the attacks based on the needed metrics like protocol used, priority of the victim, and attack rate. After which, the proper response for the attack will be imposed automatically. The implemented features together with the performance of the system shows the effectivity of the response automation for SIEMs. |
| format |
text |
| author |
Albayda, Giodeelyn B. Coloma, Juan Paolo A. Corpuz, Danica Christine D. Nieva, Patricia Hera A |
| author_facet |
Albayda, Giodeelyn B. Coloma, Juan Paolo A. Corpuz, Danica Christine D. Nieva, Patricia Hera A |
| author_sort |
Albayda, Giodeelyn B. |
| title |
Response automation for security information and event manager, SIERA |
| title_short |
Response automation for security information and event manager, SIERA |
| title_full |
Response automation for security information and event manager, SIERA |
| title_fullStr |
Response automation for security information and event manager, SIERA |
| title_full_unstemmed |
Response automation for security information and event manager, SIERA |
| title_sort |
response automation for security information and event manager, siera |
| publisher |
Animo Repository |
| publishDate |
2016 |
| url |
https://animorepository.dlsu.edu.ph/etd_bachelors/6639 |
| _version_ |
1712576623799173120 |