Real time monitoring of security events for forensic purposes in Cloud environments using SIEM

被引:0
|
作者
Bachane, Imane [1 ]
Adsi, Youness Idrissi Khamlichi [1 ]
Adsi, Habiba Chaoui [1 ]
机构
[1] IBN Tofail Univ Kenitra, ADSI Lab, Kenitra, Morocco
来源
PROCEEDINGS OF 2016 THIRD INTERNATIONAL CONFERENCE ON SYSTEMS OF COLLABORATION (SYSCO) | 2016年
关键词
Cloud computing forensics; SIEM; Cloud Computing;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The use of Cloud computing keeps increasing day after day due to the unique combination of characteristics that the cloud introduce, including: on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service. Though, from forensics experts' point of view, many challenges are faced when responding to incidents that have occurred in a cloud computing ecosystem. This paper examines some of the challenges in cloud forensics identified in the current research literature. Furthermore, it discusses an approach offered by researchers aiming to resolve forensics need in cloud computing. Finally, it presents a new approach for forensics investigation in the cloud based on SIEM by providing real time monitoring of security events and storing this events in order to use it as evidences in investigations.
引用
收藏
页码:P18 / P20
页数:3
相关论文
共 50 条
  • [1] Effective Security Monitoring Using Efficient SIEM Architecture
    Sheeraz, Muhammad
    Paracha, Muhammad Arsalan
    Ul Haque, Mansoor
    Durad, Muhammad Hanif
    Mohsin, Syed Muhammad
    Band, Shahab S.
    Mosavi, Amir
    HUMAN-CENTRIC COMPUTING AND INFORMATION SCIENCES, 2023, 13
  • [2] Enhancing Cloud Security-Proactive Threat Monitoring and Detection Using a SIEM-Based Approach
    Tuyishime, Emmanuel
    Balan, Titus C.
    Cotfas, Petru A.
    Cotfas, Daniel T.
    Rekeraho, Alexandre
    APPLIED SCIENCES-BASEL, 2023, 13 (22):
  • [3] Near-miss situation based visual analysis of SIEM rules for real time network security monitoring
    Majeed, Abdul
    Rasool, Raihan Ur
    Ahmad, Farooq
    Alam, Masoom
    Javaid, Nadeem
    JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2019, 10 (04) : 1509 - 1526
  • [4] Near-miss situation based visual analysis of SIEM rules for real time network security monitoring
    Abdul Majeed
    Raihan ur Rasool
    Farooq Ahmad
    Masoom Alam
    Nadeem Javaid
    Journal of Ambient Intelligence and Humanized Computing, 2019, 10 : 1509 - 1526
  • [5] Real Time Monitoring Of Substation by Using Cloud Computing
    Raut, Ashwini
    2017 IEEE 3RD INTERNATIONAL CONFERENCE ON SENSING, SIGNAL PROCESSING AND SECURITY (ICSSS), 2017, : 138 - 147
  • [6] Spatiotemporal Aspects of the Monitoring of Complex Events for Public Security Purposes
    Ligozat, Gerard
    Vetulani, Zygmunt
    Osinski, Jedrzej
    SPATIAL COGNITION AND COMPUTATION, 2011, 11 (01) : 103 - 128
  • [7] XML Schema-Based Minification for Communication of Security Information and Event Management (SIEM) Systems in Cloud Environments
    Moussa, Bishoy
    Mostafa, Mahmoud
    El-Khouly, Mahmoud
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2014, 5 (09) : 74 - 82
  • [8] Real-time monitoring as a supplementary security component of vigilantism in modern network environments
    Kebande V.R.
    Karie N.M.
    Ikuesan R.A.
    International Journal of Information Technology, 2021, 13 (1) : 5 - 17
  • [9] MICE: Monitoring High-Level Events in Cloud Environments
    Apostol, Gabriel-Cosmin
    Pop, Florin
    2016 IEEE 11TH INTERNATIONAL SYMPOSIUM ON APPLIED COMPUTATIONAL INTELLIGENCE AND INFORMATICS (SACI), 2016, : 377 - 380
  • [10] Real-time Anomaly Detection in SDN Architecture using Integrated SIEM and Machine Learning for Enhancing Network Security
    Sebbar, Anass
    Cherqi, Othmane
    Chougdali, Khalid
    Boulmalf, Mohammed
    IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM, 2023, : 1795 - 1800
12345