SIEM Based on Big Data Analysis
SIEM Based on Big Data Analysis
Information security problem being more and more serious, plenty of data about security being produced fast, the Security Information and Event Management (SIEM) systems have faced with diversity of Volume Big data sources, so it is necessary that big data analysis should be used. This paper presents the architecture and principle of SIEM systems which use popular big data technology. The information security data is transferred from flume to Flink or Spark Computing Framework through Kafka and is retrieved through Elastic Research. The K-means algorithm is used in analyzing the abnormal condition with spark mllib. The report of experiment and results of SIEM shows it is efficient systems process big data to detect security anomaly. In the end, the full paper is summarized and the future work should be the usage of stream computing in the SIEM to solve inform security problem in large-scale network with the continuously producing information security data.
- Nanjing University of Information Science and Technology China (People's Republic of)
citations This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).5 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!