Please use this identifier to cite or link to this item:
Title: Performance Analysis of Security Information and Event Management Solutions Detecting Web-Based Attacks
Authors: Morufu, Olalere
Juliana, Ndunagu
Abdulhamid, Shafi’i Muhammad
Odey, Peter
Keywords: Cyber crimes
Cloud Computing security
Issue Date: 13-Aug-2019
Publisher: Proceedings of the Cyber Secure Nigeria 2019 Conference, CBN International Training Institute, Maitama, Abuja, Nigeria
Abstract: With rising trends and forms of web application attacks such as SQL Injection, cross-site scripting and the likes, most organizations today deploy a security information and event management solution as a proactive measure for threat management to get a centralized view of the network security posture and for advanced reporting of incidents. The days of relying merely on perimeter controls are elapsed; it is no longer enough to just rely on firewalls, Intrusion Detection Systems, Intrusion Protection systems and antivirus alone. Security information and event management systems have become a crucial and essential component of complex enterprise networks. They typically aggregate and correlate incidents from different systems and platforms, and carry out a rule-based analysis to detect advanced threats. This paper detects, evaluates and analyzes the performance of various SIEM detecting web based attacks, noting the time of report of attack and behavioral patterns of each SIEM. An attack simulation experiment is performed on different SIEM tools to demonstrate the capabilities of SIEM in detecting any suspicious behavior of event logs and alerting the attacks in near real-time, then the best tool is recommended based on its ability to collect, filter, normalize, correlate, alert, and report attacks within minutes after attack incidents.
Appears in Collections:Cyber Security Science

Files in This Item:
File Description SizeFormat 
71&72.pdfPerformance Analysis of Security Information and Event Management Solutions Detecting Web-Based Attacks5.91 MBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.