Introducing DINGfest: An architecture for next generation SIEM systems
| dc.contributor.author | Menges, Florian | |
| dc.contributor.author | Böhm, Fabian | |
| dc.contributor.author | Vielberth, Manfred | |
| dc.contributor.author | Puchta, Alexander | |
| dc.contributor.author | Taubmann, Benjamin | |
| dc.contributor.author | Rakotondravony, Noëlle | |
| dc.contributor.author | Latzo, Tobias | |
| dc.contributor.editor | Langweg, Hanno | |
| dc.contributor.editor | Meier, Michael | |
| dc.contributor.editor | Witt, Bernhard C. | |
| dc.contributor.editor | Reinhardt, Delphine | |
| dc.date.accessioned | 2018-03-22T12:40:41Z | |
| dc.date.available | 2018-03-22T12:40:41Z | |
| dc.date.issued | 2018 | |
| dc.description.abstract | Isolated and easily protectable IT systems have developed into fragile and complex structures over the past years. These systems host manifold, flexible and highly connected applications, mainly in virtual environments. To ensure protection of those infrastructures, Security Incident and Event Management (SIEM) systems have been deployed. Such systems, however, suffer from many shortcomings such as lack of mechanisms for forensic readiness. In this extended abstract, we identify these shortcomings and propose an architecture which addresses them. It is developed within the DINGfest project, on which we report and for which we seek initial feedback from the community. | en |
| dc.identifier.doi | 10.18420/sicherheit2018_21 | |
| dc.identifier.isbn | 978-3-88579-675-6 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/16287 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | SICHERHEIT 2018 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-281 | |
| dc.subject | Forensics | |
| dc.subject | Virtual Machine Introspection | |
| dc.subject | Visual Analytics | |
| dc.subject | Security Incident and Event Management | |
| dc.subject | Identity and Access Management | |
| dc.title | Introducing DINGfest: An architecture for next generation SIEM systems | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 260 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 257 | |
| gi.conference.date | 25.-27. April 2018 | |
| gi.conference.location | Konstanz, Germany | |
| gi.conference.sessiontitle | Practitioners Track |
Dateien
Originalbündel
1 - 1 von 1