Download now Free registration required
This paper proposes a novel hybrid distributed security operation center which collects logs that are generated by any application, service, and protocol regardless of the layer of the protocol stack and the device (e.g., router); providing a global view of the supervised system based on which complex and distributed intrusions can be detected. The HDSOC further distributes its capabilities and provides extensive coordination capabilities for guarantying that both the network and the HDSOC components do not constitute isolated entities largely unaware of each others.
- Format: PDF
- Size: 81.2 KB