Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Universidade do Minh...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Universidade do Minho: RepositoriUM
Master thesis . 2024
License: CC BY NC SA
Data sources: Universidade do Minho: RepositoriUM
Claim

This Research product is the result of merged Research products in OpenAIRE.

You have already added 0 works in your ORCID record related to the merged Research product.

Implementação de um SIEM

Implementation of a SIEM
descriptionPublicationkeyboard_double_arrow_right Master thesis 20 May 2024 Portugal Portuguese
Authors: Dantas, Joana Esteves;

handle: 1822/94064

Implementação de um SIEM

Abstract

Ao longo dos anos tem-se observado um aumento progressivo na frequência e sofisticação dos ataques informáticos. Esta tendência obriga ao melhoramento constante do software de apoio às equipas de segurança e administração de sistemas. Os sistemas de gestão e correlação de eventos de segurança (em inglês, Security Information and Event Managing - SIEM) fornecem a análise em tempo real de alertas de segurança gerados por aplicações e hardware de rede. O princípio base de todos os sistemas SIEM é agregar dados relevantes (logs) provenientes de múltiplas fontes de forma centralizada, identificar desvios da norma e tomar as ações necessárias. Espera-se com este trabalho de dissertação implementar um SIEM eficaz, on-premises (i.e, que corra localmente usando os recursos computacionais da organização). A solução deverá permitir efetuar correlação de eventos, alertas e gestão de incidentes.

Over time, there has been a noticeable increase in the frequency and sophistication of cyber-attacks. This trend forces the constant improvement of software that supports system administration and security teams. Security Information and Event Managing systems provide a real-time analysis of security alerts gen erated by applications and network hardware. The basic principle of all SIEMs is to aggregate relevant data (i.e, logs) originated from multiple sources in a centralized basis, identify deviations from the norm and take the appropriate actions. The aim of this dissertation is to implement an effective SIEM solution that is on-premises (i.e, that runs locally in the organization’s own computing resources). The solution should be able to perform incident management, event correlation and generate alerts.

Dissertação de mestrado em Engenharia Informática

Country
Portugal
Related Organizations
Keywords

Cybersecurity, Alerts, Events, Ciber-segurança, Correlação, Eventos, Gestão de incidentes, Logs, Correlation, Incident management, Alertas, SOC, SIEM, Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática

  • BIP!
    Impact byBIP!
    citations
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
    OpenAIRE UsageCounts
    Usage byUsageCounts
    visibility views 53
    download downloads 18
  • 53
    views
    18
    downloads
    Powered byOpenAIRE UsageCounts
Powered by OpenAIRE graph
Found an issue? Give us feedback
visibility
download
citations
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
views
OpenAIRE UsageCountsViews provided by UsageCounts
downloads
OpenAIRE UsageCountsDownloads provided by UsageCounts
0
Average
Average
Average
53
18
Green
Related to Research communities
Knowmad Institut