A METHOD OF RESPONDING TO TARGETED ATTACKS BASED ON THE MAPPING OF INFORMATION SECURITY EVENTS USING INDICATION SIGNATURES
D. V. Andrushkevich, S. S. Andrushkevich, R. O. Kryukov Mozhaisky Military Aerospace Academy
Annotation: A method of responding to targeted attacks is developed, which is based on the idea of detecting and responding to targeted attacks at the stage of their implementation. The adequacy of application of the developed method in practice is demonstrated.
Keywords: information security, information security event, information security incident, information security monitoring, computer attack, SIEM-system, correlation.
Pages 48-60