Abstract
AbstractSecurity monitoring systems for computer systems and networks (CSN) are classified by areas of information infrastructure where security policy violations are detected. At the same time, there are security monitoring systems (SMS) focused on: workstation; applications; database management system (DMS); computer network. SMS of a workstation are executed on the protected node and monitor various security events, collect and analyze information reflecting the activity taking place in the operating system of a separate computer. Application-level SMSs and DMSs collect and analyze information from specific applications such as Web servers, firewalls, or database management systems. Network layer SMSs collect information from network traffic. They can be performed on ordinary or specialized computers, and also can be integrated into routers or switches. The article discusses the features of the practical implementation of SMS in CSN. Based on the analysis of the problems arising during the functioning of security monitoring tools in modern CSN, the main research area is highlighted - the development of methods and means of security monitoring that ensure an increase in the effectiveness of SMS against the actions of malicious intent by: predicting possible actions of intruders; dynamic analysis of risks of implementation of threats to the security of information resources; recommendations to the adaptive security management system for reconfiguring/modifying protection when the threat level changes. The developed complex SMS based on the analysis of the goals of the actions of the subjects of computer systems is described.KeywordsSecurity monitoring systemComputer systems and networksVulnerabilityAttack detection toolsMeans of security
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.