
Research Article
Behavioral Analysis of SIEM Solutions for Energy Technology Systems
@INPROCEEDINGS{10.1007/978-3-030-67101-3_21, author={Tomas Svoboda and Josef Horalek and Vladimir Sobeslav}, title={Behavioral Analysis of SIEM Solutions for Energy Technology Systems}, proceedings={Context-Aware Systems and Applications, and Nature of Computation and Communication. 9th EAI International Conference, ICCASA 2020, and 6th EAI International Conference, ICTCC 2020, Thai Nguyen, Vietnam, November 26--27, 2020, Proceedings}, proceedings_a={ICCASA \& ICTCC}, year={2021}, month={1}, keywords={SIEM Qradar LogRhythm NextGen SIEM User and entity behavioral analysis IBM sense CloudAI}, doi={10.1007/978-3-030-67101-3_21} }
- Tomas Svoboda
Josef Horalek
Vladimir Sobeslav
Year: 2021
Behavioral Analysis of SIEM Solutions for Energy Technology Systems
ICCASA & ICTCC
Springer
DOI: 10.1007/978-3-030-67101-3_21
Abstract
The aim of this article is to analyze SIEM solutions. Emphasizing the use of these systems to ensure data confidentiality, availability, and integrity monitoring energy technology systems. First, the issue of security in the area of energy systems is introduced. In order to maintain the availability, confidentiality and data integrity, the user behavioral analysis modules in SIEM systems are also introduced. The next section presents specific SIEM solutions that can be currently used not only in ICS environments and which will be subject to comparative analysis. This is IBM Security QRadar SIEM and LogRhythm NextGen SIEM. What follows is the introduction and implementation of modules for user behavioral analysis in the mentioned SIEM solutions, including testing own Use Case for testing user behavioral analysis modules. The results of the comparative analysis of user behavioral analysis modules in selected SIEM solutions are presented in the last section.