Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)

Date of Publication

2010

Document Type

Bachelor's Thesis

Degree Name

Bachelor of Science in Computer Science

College

College of Computer Studies

Department/Unit

Computer Science

Thesis Adviser

Miguel Alberto N. Gomez

Abstract/Summary

The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to protect their data and to help network or system administrators monitor the state of their workplace. A lot of SIEM products focus on security tools and lack log consolidation and incident management solutions. The Adaptable Software-based Log Consolidation and Incident Management (AdLCIM) is a type of SIEM that works on a typical Local Area Network (LAN) where various network devices report status to the system. The system is capable of collecting different logs coming from different, identified network devices. It is also capable of standardizing logs into its format, consolidates and correlates patterns through its inventories. All resolvable attack logs are event sniped, while non-resolvable logs are flagged as alerts. The system is capable of handling different scenarios with different devices, and tests result confirmed successful log analysis. The system, moreover, is capable in running for long durations of time to see if the system is capable of analyzing all the logs coming from different, identified network devices. Overall, the performance of the system came up with the correct and accurate results in verifying log analysis from different network devices having different scenarios.

Abstract Format

html

Accession Number

TU16031

Shelf Location

Archives, The Learning Commons, 12F, Henry Sy Sr. Hall

Physical Description

1 volume (various foliations), 28 cm.

Keywords

Electronic security systems

Embargo Period

4-16-2021

This document is currently not available here.

Share

COinS