To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
A Rule Based Event Correlation Approach for Physical and Logical Security Convergence |
|
Author |
Dongho Kang, Jungchan Na |
| Citation |
Vol. 12 No. 1 pp. 28-31 |
|
Abstract |
Cyber threats have rapidly evolved in frequency and sophistication. As a result, physical and logical security systems are an essential solution to protect enterprise assets. Most enterprises deployed different types of physical and logical security systems but manage them as independent domain. Most physical security systems focus on the protection of the physical behavior of the unauthenticated personnel. Logical security systems protect information assets. Physical and logical security systems generate a large volume of alerts. Some of them report false positives and retrieve different alerts for a single attack. Those problems may cause the delay in response and miss detection. The convergence of physical and logical security brings significant benefits, specifically identifying blended attacks. Recent event correlation techniques have become one of the most important security techniques. The objective of this paper is to overcome the limitations of existing physical and logical security systems that focus on specific problems rather than event correlation for an entire enterprise. To solve this problem, we build the correlation rules to define the relationship between physical and logical security events caused by abnormal behavior activities, and provide the correlation analysis technique to detect the multi-stage attacks. |
|
Keywords |
Enterprise Security, Security Convergence, Correlation analysis, Intrusion Detection |
|
URL |
