Title
Detecting security attacks with SIEM: SERCO project report
Author
Paassen R.J.G. van,
Hut, D.H.
Boltjes, B.
Trichias, K.
Publication year
2012
Abstract
The ‘Critical ICT Infrastructures’ program managed by prof. dr. ir. Rob Kooij is a strategic research program that aims to improve the quality of ICT infrastructures. The red line for all projects within this program is quality and dependability for all information and communication technology. Especially for the Dutch national vital infrastructure, at least that part which is dependent on ICT, such as energy supply, telecommunications, and financial infrastructure, it is necessary to pay attention to the different aspects of quality and dependability because our society is becoming more and more dependent on ICT infrastructures and of companies that manage such infrastructures. The work package ‘Technically Robust Infrastructures’ aims to develop robust ICT networks by using new network and security technologies. In general ‘Information Security’ typically looks at three aspects of quality and dependability: Confidentiality (C), Integrity (I) and Availability (A) of information and functionality. These three aspects are known as the “CIA” triad of information security. The project ‘Service Recovery and Cyber Continuity’ (SERCO) is part of the ‘Critical ICT Infrastructures’ program and focuses on the detection and response phase of a security incident.
Subject
SIEM
Serco
Opnet
Exata
Cyber security
Information security
IT security
Vital Infrastructures
Information Society
Communication & Information ; Organisation
ISEC - Information Security ; MSG - Modelling Simulation & Gaming ; PNS - Performance of Networks & Services
TS - Technical Sciences ; BSS - Behavioural and Societal Sciences
To reference this document use:
http://resolver.tudelft.nl/uuid:553c98df-9a47-462a-94e2-fc3b1dd990d5
TNO identifier
469161
Report number
TNO 2012 R11302
Publisher
TNO, Delft
Document type
report