DOI:10.5220/0004230105300538

Corpus ID: 3570935

Enhancing Security Event Management Systems with Unsupervised Anomaly Detection

@inproceedings{Goldstein2013EnhancingSE,
  title={Enhancing Security Event Management Systems with Unsupervised Anomaly Detection},
  author={Markus Goldstein and Stefan Asanger and M. Reif and A. Hutchison},
  booktitle={ICPRAM},
  year={2013}
}

Markus Goldstein, Stefan Asanger, +1 author A. Hutchison

Published in ICPRAM 2013

Computer Science

Security Information and Event Management (SIEM) systems are today a key component of complex enterprise networks. They usually aggregate and correlate events from different machines and perform a rule-based analysis to detect threats. In this paper we present an enhancement of such systems which makes use of unsupervised anomaly detection algorithms without the need for any prior training of the system. For data acquisition, events are exported from an existing SIEM appliance, parsed, unified… CONTINUE READING

View via Publisher

Share This Paper

8 Citations

Highly Influential Citations

1

Background Citations

5

Methods Citations

1

Figures, Tables, and Topics from this paper

Figures and Tables

Experiences and Challenges in Enhancing Security Information and Event Management Capability Using Unsupervised Anomaly Detection

Stefan Asanger, A. Hutchison
Computer Science
2013 International Conference on Availability, Reliability and Security
2013

9

Towards a system for complex analysis of security events in large-scale networks

A. Sapegin, D. Jaeger, F. Cheng, C. Meinel
Computer Science
Comput. Secur.
2017

10
PDF

A Security Information and Event Management Pattern

Manfred Vielberth, G. Pernul
Computer Science
2018

3
Highly Influenced
PDF

High-Speed Security Log Analytics Using Hybrid Outlier Detection

A. Sapegin
Computer Science
2019

1
PDF

Behavior Analysis Using Unsupervised Anomaly Detection

Markus Goldstein, S. Uchida
Computer Science
2014

8
PDF

Security operations center — A need for an academic environment

Lubna Aijaz, Baber Aslam, U. Khalid
Engineering
2015 World Symposium on Computer Networks and Information Security (WSCNIS)
2015

9

Evaluation of in‐memory storage engine for machine learning analysis of security events

A. Sapegin, M. Gawron, D. Jaeger, F. Cheng, C. Meinel
Computer Science
Concurr. Comput. Pract. Exp.
2017

5

A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data

Markus Goldstein, S. Uchida
Computer Science, Medicine
PloS one
2016

362
PDF

References

SHOWING 1-10 OF 25 REFERENCES

SORT BY

Anomaly-based network intrusion detection: Techniques, systems and challenges

P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, E. Vázquez
Computer Science
Comput. Secur.
2009

1,427

Security Information and Event Management (SIEM)

E. Schultz
Computer Science
Encyclopedia of Information Assurance
2011

96

Improving Network Security through Traffic Log Anomaly Detection Using Time Series Analysis

A. Rodriguez, M. Mozos
Computer Science
CISIS
2010

18

Magic Quadrant for Security Information and Event Management

K. M. Kavanagh
2011

91
PDF

IBM Tivoli Security Operations Manager 4.1

Ibm Redbooks
Engineering
2008

1

Critical Capabilities for Security Information and Event Management

Gorka Sadowski, K. M. Kavanagh
2013

18
PDF

Anomaly detection: A survey

V. Chandola, A. Banerjee, V. Kumar
Computer Science
CSUR
2009

7,027
PDF

Anomaly-based network intrusion detection

Garcia-TeodoroP., Diaz-VerdejoJ., Macia-FernandezG., VázquezE.
Computer Science
2009

49

Nearest-Neighbor and Clustering based Anomaly Detection Algorithms for RapidMiner

M. Amer, Markus Goldstein
2012

78
PDF

A Survey of Outlier Detection Methodologies

Victoria J. Hodge, J. Austin
Computer Science
Artificial Intelligence Review
2004

2,638
PDF

‹
1
2
3
›