IT organizations rely on a variety of independent security monitors and data sources to develop situational awareness for detecting and responding to security incidents. In spite of the advances in Security Information and Event Management (SIEM) for handling monitoring data in production environments, computer defense still depends on many cognitive human processes. In this context, having machines doing part of the cognitive work in lieu of humans is by now a real necessity. We present our framework towards the vision of cognitive SIEM, its building components and ongoing work on the topic.
Towards Cognitive Security Defense from Data / Cinque, M.; Cotroneo, D.; Pecchia, A.. - (2019), pp. 11-12. (Intervento presentato al convegno 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2019 tenutosi a usa nel 2019) [10.1109/DSN-S.2019.00011].
Towards Cognitive Security Defense from Data
Cinque M.;Cotroneo D.;Pecchia A.
2019
Abstract
IT organizations rely on a variety of independent security monitors and data sources to develop situational awareness for detecting and responding to security incidents. In spite of the advances in Security Information and Event Management (SIEM) for handling monitoring data in production environments, computer defense still depends on many cognitive human processes. In this context, having machines doing part of the cognitive work in lieu of humans is by now a real necessity. We present our framework towards the vision of cognitive SIEM, its building components and ongoing work on the topic.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
