Kutub Thakur, Sandra Kopecky, Moath Nuseir, M. Ali, Meikang Qiu
{"title":"信息安全事件管理器分析","authors":"Kutub Thakur, Sandra Kopecky, Moath Nuseir, M. Ali, Meikang Qiu","doi":"10.1109/CSCloud.2016.19","DOIUrl":null,"url":null,"abstract":"The most effective security starts with real time visibility into all activity on all systems, networks, database and applications. In this paper the focus in on structured data however, some semi-structured and unstructured data is also explored. Whether the source is from network traffic, user activity, or the application user, any variation from normal of abnormal activity could indicate that a threat is imminent and that your data or infrastructure is at risk. In the last several years, there has been a disturbing trend in which attackers are innovating much faster than the defenders. There has been a commercialization of malware with attack kits available through underground forums for anyone who wants to perpetrate any variety of attacks. Large botnets are available for rent, allowing attackers to send spam or launch DDos (distributed denial-of-service) attacks. Many attackers reuse malware and command and control (C & C) and methods, adapting their products over time to keep ahead of the anti malware industry and security professionals. This paper surveys ESMs (Enterprise Security Managers) and cyber-attack case studies.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"2007 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"An Analysis of Information Security Event Managers\",\"authors\":\"Kutub Thakur, Sandra Kopecky, Moath Nuseir, M. Ali, Meikang Qiu\",\"doi\":\"10.1109/CSCloud.2016.19\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The most effective security starts with real time visibility into all activity on all systems, networks, database and applications. In this paper the focus in on structured data however, some semi-structured and unstructured data is also explored. Whether the source is from network traffic, user activity, or the application user, any variation from normal of abnormal activity could indicate that a threat is imminent and that your data or infrastructure is at risk. In the last several years, there has been a disturbing trend in which attackers are innovating much faster than the defenders. There has been a commercialization of malware with attack kits available through underground forums for anyone who wants to perpetrate any variety of attacks. Large botnets are available for rent, allowing attackers to send spam or launch DDos (distributed denial-of-service) attacks. Many attackers reuse malware and command and control (C & C) and methods, adapting their products over time to keep ahead of the anti malware industry and security professionals. This paper surveys ESMs (Enterprise Security Managers) and cyber-attack case studies.\",\"PeriodicalId\":410477,\"journal\":{\"name\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"volume\":\"2007 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCloud.2016.19\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCloud.2016.19","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Analysis of Information Security Event Managers
The most effective security starts with real time visibility into all activity on all systems, networks, database and applications. In this paper the focus in on structured data however, some semi-structured and unstructured data is also explored. Whether the source is from network traffic, user activity, or the application user, any variation from normal of abnormal activity could indicate that a threat is imminent and that your data or infrastructure is at risk. In the last several years, there has been a disturbing trend in which attackers are innovating much faster than the defenders. There has been a commercialization of malware with attack kits available through underground forums for anyone who wants to perpetrate any variety of attacks. Large botnets are available for rent, allowing attackers to send spam or launch DDos (distributed denial-of-service) attacks. Many attackers reuse malware and command and control (C & C) and methods, adapting their products over time to keep ahead of the anti malware industry and security professionals. This paper surveys ESMs (Enterprise Security Managers) and cyber-attack case studies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
