I. V. Kotenko, I. B. Saenko, R. M. Yusupov, “New generation of security information and event management systems”, St. Petersburg Polytechnical University Journal. Computer Science. Telecommunication and Control Sys, 2014, Issue 3(198),Pages <nobr>7

Infocommunication Technologies

New generation of security information and event management systems

I. V. Kotenko^a, I. B. Saenko^b, R. M. Yusupov^a

^a St.Petersburg Institute for Informatics and Automation of the Russian Academy of Science
^b Institution N.S.Solomenko Institute of Transportation Problems Institute of the Russian Academy of Sciences

Abstract: The given paper justifies the technological necessity to develop a new generation of security monitoring and event management systems based on security information and event management technology. We have focused on the typical architecture and key solutions to design the individual modules of such systemscollecting constant security data, their universal translation, scalable processing, hybrid ontological storage and rich visualization, as well as a cross-level correlation of events, attack modelling and predictive security analysis. We have also stated some proposals to use such systems in the domains related to security protectionin critical infrastructures.

Keywords: security monitoring and management, computer network, security event, information infrastructure.

UDC: 004.056.5