Logo des Repositoriums
 

Visual problem-solving support for new event triage in centralized network security monitoring: Challenges, tools and benefits

dc.contributor.authorStolze, Markus
dc.contributor.authorPawlitzek, René
dc.contributor.authorWespi, Andreas
dc.contributor.editorNedon, Jens
dc.contributor.editorFrings, Sandra
dc.contributor.editorGöbel, Oliver
dc.date.accessioned2019-10-30T13:22:29Z
dc.date.available2019-10-30T13:22:29Z
dc.date.issued2003
dc.description.abstractOrganizations that provide centralized security monitoring of the networks of multiple third-party organizations are faced with a challenging task. The amount of security event data to be processed presents not only a technical challenge, but also a problem-solving challenge to operators. We present a model of the problem-solving process and discuss how visual support tools can facilitate the central problem-solving step called new event triage. We argue that with tools such as these the natural benefits of centralized monitoring can come into play, which enhances effectiveness of centralized monitoring to a level beyond the reach of organizations focusing exclusively on their own network.en
dc.identifier.isbn3-88579-368-7
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/29544
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofIT-incident management & IT-forensics – IMF 2003
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-39
dc.titleVisual problem-solving support for new event triage in centralized network security monitoring: Challenges, tools and benefitsen
dc.typeText/Conference Paper
gi.citation.endPage76
gi.citation.publisherPlaceBonn
gi.citation.startPage67
gi.conference.date24.-25. November 2003
gi.conference.locationStuttgart
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
GI-Proceedings.39-5.pdf
Größe:
442.55 KB
Format:
Adobe Portable Document Format