Title :
Countermeasure Selection in SIEM Systems Based on the Integrated Complex of Security Metrics
Author :
Kotenko, Igor ; Doynikova, Elena
Author_Institution :
Lab. of Comput. Security Problems, St. Petersburg Inst. for Inf. & Autom., St. Petersburg, Russia
Abstract :
The paper considers a technique for countermeasure selection in security information and event management (SIEM) systems. The developed technique is based on the suggested complex of security metrics. For the countermeasure selection the set of security metrics is extended with an additional level needed for security decision support. This level is based on the countermeasure effectiveness metrics. Key features of the suggested technique are application of the attack and service dependencies graphs, the introduced model of the countermeasure and the suggested metrics of the countermeasure effectiveness, cost and collateral damage. Other important feature of the technique is providing the solution on the countermeasure implementation in any time on the base of the current security state and security events.
Keywords :
decision support systems; graph theory; security of data; software metrics; SIEM systems; attack dependencies graphs; countermeasure selection; integrated complex; security decision support; security events; security information and event management; security metrics; security state; service dependencies graphs; Authentication; Measurement; Risk management; Taxonomy; attack graphs; countermeasures; cyber security; risk assessment; security information and event management; security metrics; service dependencies graphs;
Conference_Titel :
Parallel, Distributed and Network-Based Processing (PDP), 2015 23rd Euromicro International Conference on
Conference_Location :
Turku
DOI :
10.1109/PDP.2015.34
