View article

The technology of Security Information and Event Management (SIEM) becomes one of the most important research applications in the area of computer network security, including distributed networks of internet enabled objects (as in the Internet of Things). The overall functionality of SIEM systems depends largely on the quality of solutions implemented at the data storage level, which is purposed for the representation of heterogeneous security events, their storage in the data repository and the extraction of relevant data for the analytical modules of SIEM systems. An ontological approach at present becomes more applicable for realizing these tasks in various spheres of information security. The paper discusses the possibilities of applying the ontological approach for implementation of the data repository of SIEM systems for distributed networks of Internet enabled objects. Based on the analysis of existing SIEM …