Logo des Repositoriums
 
Konferenzbeitrag

Visual problem-solving support for new event triage in centralized network security monitoring: Challenges, tools and benefits

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2003

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Organizations that provide centralized security monitoring of the networks of multiple third-party organizations are faced with a challenging task. The amount of security event data to be processed presents not only a technical challenge, but also a problem-solving challenge to operators. We present a model of the problem-solving process and discuss how visual support tools can facilitate the central problem-solving step called new event triage. We argue that with tools such as these the natural benefits of centralized monitoring can come into play, which enhances effectiveness of centralized monitoring to a level beyond the reach of organizations focusing exclusively on their own network.

Beschreibung

Stolze, Markus; Pawlitzek, René; Wespi, Andreas (2003): Visual problem-solving support for new event triage in centralized network security monitoring: Challenges, tools and benefits. IT-incident management & IT-forensics – IMF 2003. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 3-88579-368-7. pp. 67-76. Regular Research Papers. Stuttgart. 24.-25. November 2003

Schlagwörter

Zitierform

DOI

Tags