Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
MOSCOW +7(495)-142-86-81

The model of processing events of information security

Gaynov Arthur Evgenevich  (Kuban institute of information protection, Krasnodar)

Zavodtsev Ilya Valentinovich  (k.t.s., docent, Kuban institute of information protection, Krasnodar)

This article reviews the existing models of the process of handling information security events, identified and analyzed their strengths and weaknesses. The improved model of this process is proposed, which differs from existing ones that for the events processing are used the special characteristics, contained in log files and data received from employees / customers of the organization, which takes into account the performance requirements. At the same time, the data received from the employees / customers of the organization are represented by the different modalities from the graphic and text materials characterized by different statistical properties. The use of these data in SIEM-systems will improve the speed and accuracy of detection the information security incidents.

Keywords:an information security incident, a SIEM-system, a log-file, multimodality.

 

Read the full article …



Citation link:
Gaynov A. E., Zavodtsev I. V. The model of processing events of information security // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2017. -№03-04. -С. 44-49
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"