Response automation for security information and event manager, SIERA
Date of Publication
2016
Document Type
Bachelor's Thesis
Degree Name
Bachelor of Science in Computer Science
Subject Categories
Computer Sciences
College
College of Computer Studies
Department/Unit
Computer Science
Thesis Adviser
Miguel Alberto Gomez
Fritz Kevin Flores
Defense Panel Chair
Gregory G. Cu
Defense Panel Member
Arlyn Verina L Ong
Marnel S. Peradilla
Abstract/Summary
Information security is a crucial element that should be prioritized in all organization today. With the fast-paced growth of security threats, there is a need to strengthen their defense. Security information and event managers (SIEM) systems are deployed into organizations as one of its lines of defense. It acts as a middlemen between devices monitoring if there are attacks that have been made into the network. Traditional SIEMs handle attacks by creating reports and by at most notifying the system administrator. This approach relies solely on the skills of the system administrator and resources in mitigating the attacks that have been detected. This being the case, there is a lack of proactive in the case of SIEM. Without implementing the proper mitigation technique immediately, the severity of the attack might heighten making the data of the organization susceptible to breach. This study aims to create a response automation system for security information and event managers. In order to verify the functionality of the system, several tests have been conducted. One of these include the classification of attacks, it categorizes the attacks based on the needed metrics like protocol used, priority of the victim, and attack rate. After which, the proper response for the attack will be imposed automatically. The implemented features together with the performance of the system shows the effectivity of the response automation for SIEMs.
Abstract Format
html
Language
English
Format
Accession Number
TU18973
Shelf Location
Archives, The Learning Commons, 12F, Henry Sy Sr. Hall
Physical Description
1 volume (various foliations): illustrations (some colored); 29 cm.
Keywords
Computer security
Recommended Citation
Albayda, G. B., Coloma, J. A., Corpuz, D. D., & Nieva, P. A. (2016). Response automation for security information and event manager, SIERA. Retrieved from https://animorepository.dlsu.edu.ph/etd_bachelors/6639