Response automation for security information and event manager, SIERA

Date of Publication

2016

Document Type

Bachelor's Thesis

Degree Name

Bachelor of Science in Computer Science

Subject Categories

Computer Sciences

College

College of Computer Studies

Department/Unit

Computer Science

Thesis Adviser

Miguel Alberto Gomez
Fritz Kevin Flores

Defense Panel Chair

Gregory G. Cu

Defense Panel Member

Arlyn Verina L Ong
Marnel S. Peradilla

Abstract/Summary

Information security is a crucial element that should be prioritized in all organization today. With the fast-paced growth of security threats, there is a need to strengthen their defense. Security information and event managers (SIEM) systems are deployed into organizations as one of its lines of defense. It acts as a middlemen between devices monitoring if there are attacks that have been made into the network. Traditional SIEMs handle attacks by creating reports and by at most notifying the system administrator. This approach relies solely on the skills of the system administrator and resources in mitigating the attacks that have been detected. This being the case, there is a lack of proactive in the case of SIEM. Without implementing the proper mitigation technique immediately, the severity of the attack might heighten making the data of the organization susceptible to breach. This study aims to create a response automation system for security information and event managers. In order to verify the functionality of the system, several tests have been conducted. One of these include the classification of attacks, it categorizes the attacks based on the needed metrics like protocol used, priority of the victim, and attack rate. After which, the proper response for the attack will be imposed automatically. The implemented features together with the performance of the system shows the effectivity of the response automation for SIEMs.

Abstract Format

html

Language

English

Format

Print

Accession Number

TU18973

Shelf Location

Archives, The Learning Commons, 12F, Henry Sy Sr. Hall

Physical Description

1 volume (various foliations): illustrations (some colored); 29 cm.

Keywords

Computer security

This document is currently not available here.

Share

COinS