1. Advanced Analysis of Intrusion Detection Logs
- Subjects
- *
COMPUTER security , *ACCESS control , *COMPUTER industry , *INFORMATION resources management , *COMPUTER network security - Abstract
Johan Beckers & Jean Paul Ballerini, Technology Consultants, Internet Security Systems EMEA (www.iss.net)It is important to know that there are various sources of IDS data, i.e. network, server and desktop, and to have a common understanding of what they detect, and how they can be configured. In this article we will look at ways of analysing this data, focusing on the area of the Security Information Management (SIM) systems where consolidation, aggregation and correlation play a key role. [Copyright &y& Elsevier]
- Published
- 2003
- Full Text
- View/download PDF