Abstract
Security monitoring systems for computer systems and networks (CSN) are classified by areas of information infrastructure where security policy violations are detected. At the same time, there are security monitoring systems (SMS) focused on: workstation; applications; database management system (DMS); computer network. SMS of a workstation are executed on the protected node and monitor various security events, collect and analyze information reflecting the activity taking place in the operating system of a separate computer. Application-level SMSs and DMSs collect and analyze information from specific applications such as Web servers, firewalls, or database management systems. Network layer SMSs collect information from network traffic. They can be performed on ordinary or specialized computers, and also can be integrated into routers or switches. The article discusses the features of the practical implementation of SMS in CSN. Based on the analysis of the problems arising during the functioning of security monitoring tools in modern CSN, the main research area is highlighted - the development of methods and means of security monitoring that ensure an increase in the effectiveness of SMS against the actions of malicious intent by: predicting possible actions of intruders; dynamic analysis of risks of implementation of threats to the security of information resources; recommendations to the adaptive security management system for reconfiguring/modifying protection when the threat level changes. The developed complex SMS based on the analysis of the goals of the actions of the subjects of computer systems is described.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Schubert, M., Bennett, D., Gines, J., Hay, A., Strand, J.: Nagios.: Enterprise Network Monitoring: Including Plug-Ins and Hardware Devices. Publishing Syngress (2008)
Mark, R.-O.: Information Security, 2nd edn. Graw Hill (2016)
Stamp, M.: Information Security: Principles and Practice, 2nd edn. USA (2011)
Khamdamova, S.M.: Methods and algorithms for the implementation of security monitoring in computer networks of automated process control systems. Int. J. Adv. Sci. Technol. 29(11s), 1464–1469 (2020)
William, S.: Network security essentials: Applications and Standards, 4th edn. Prentice Hall, Upper Saddle River (2011)
Bejtlich, R.: The Tao of Network Security Monitoring: Beyond Intrusion Detection. Pearson, London (2004)
Ou, X, Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: Proceedings of the 14th USENIX Security Symposium, pp. 113–128. Princeton University (2005)
Northcutt, S., Zeltser, L., Winters, S., Kent, K., Ritchey, R.W.: Inside Network Perimeter Security, 2nd Edition. Sams Publishing, Indianapolis (2005)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Conference 2002, pp. 217–224, ACM Press (2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Karimov, M.M., Khamdamova, S.M. (2021). Development of an Integrated Security Monitoring System Based on the Analysis of the Goals of Actions of Subjects of Computer Systems. In: Aliev, R.A., Yusupbekov, N.R., Kacprzyk, J., Pedrycz, W., Sadikoglu, F.M. (eds) 11th World Conference “Intelligent System for Industrial Automation” (WCIS-2020). WCIS 2020. Advances in Intelligent Systems and Computing, vol 1323. Springer, Cham. https://doi.org/10.1007/978-3-030-68004-6_75
Download citation
DOI: https://doi.org/10.1007/978-3-030-68004-6_75
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68003-9
Online ISBN: 978-3-030-68004-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)