BIBLIOS

  Ciências References Management System

Visitor Mode (Login)
Need help?


Back

Publication details

Document type
Conference papers

Document subtype
Full paper

Title
A Cost-Effective Cloud Event Archival for SIEMs

Participants in the publication
Adriano Serckumecka (Author)
Dep. Informática
LASIGE
Iberia Medeiros (Author)
Dep. Informática
LASIGE
Bernardo Ferreira (Author)
Dep. Informática
LASIGE
Alysson Neves Bessani (Author)
Dep. Informática
LASIGE

Summary
Security Information and Event Management (SIEM) systems have been adopted by organizations to enable holistic monitoring of malicious activities in their IT infrastructures. SIEMs receive events from diverse devices of the organization's IT infrastructure (e.g., servers, firewalls, IDS), correlate these events, and present reports for security analysts. Given the large number of events collected by SIEMs, it is costly to store such data for long periods. Since organizations store a relatively limited time-frame of events, the forensic analysis capabilities severely become reduced. This concern limits the organizations' ability to store important information about the past cybersecurity-related activity, limiting forensic analysis. A possible solution for this issue is to leverage public cloud storage services, exploiting their low cost and "infinite" scalability. We present SLiCER an archival system for long-term storage that makes use of a multi-cloud-based storage system to guarantee data security and ensures cost-effectiveness by grouping events in blocks and using indexing techniques to recover them. The system was evaluated using a real dataset and the results show that it is significantly more cost-efficient than competing alternatives.

Date of Publication
2019-10

Institution
FACULDADE DE CIÊNCIAS DA UNIVERSIDADE DE LISBOA

Event
2019 38th International Symposium on Reliable Distributed Systems Workshops (SRDSW)

Publication Identifiers
ISBN - 9781728142555

Address
Lyon, France

Publisher
IEEE

Document Identifiers
DOI - https://doi.org/10.1109/srdsw49218.2019.00013
URL - http://dx.doi.org/10.1109/srdsw49218.2019.00013


Export

APA
Adriano Serckumecka, Iberia Medeiros, Bernardo Ferreira, Alysson Neves Bessani, (2019). A Cost-Effective Cloud Event Archival for SIEMs. 2019 38th International Symposium on Reliable Distributed Systems Workshops (SRDSW), -

IEEE
Adriano Serckumecka, Iberia Medeiros, Bernardo Ferreira, Alysson Neves Bessani, "A Cost-Effective Cloud Event Archival for SIEMs" in 2019 38th International Symposium on Reliable Distributed Systems Workshops (SRDSW), Lyon, France, 2019, pp. -, doi: 10.1109/srdsw49218.2019.00013

BIBTEX
@InProceedings{43380, author = {Adriano Serckumecka and Iberia Medeiros and Bernardo Ferreira and Alysson Neves Bessani}, title = {A Cost-Effective Cloud Event Archival for SIEMs}, booktitle = {2019 38th International Symposium on Reliable Distributed Systems Workshops (SRDSW)}, year = 2019, pages = {-}, address = {Lyon, France}, publisher = {IEEE} }