Repository hosted by TU Delft Library

Home · Contact · About · Disclaimer ·
 

Detecting security attacks with SIEM : SERCO project report

Author: Paassen R.J.G. van · Hut, D.H. · Boltjes, B. · Trichias, K.
Type:report
Date:2012
Publisher: TNO
Place: Delft
Identifier: 469161
Report number: TNO 2012 R11302
Keywords: SIEM · Serco · Opnet · Exata · Cyber security · Information security · IT security · Vital Infrastructures · Information Society · Communication & Information ; Organisation · ISEC - Information Security ; MSG - Modelling Simulation & Gaming ; PNS - Performance of Networks & Services · TS - Technical Sciences ; BSS - Behavioural and Societal Sciences

Abstract

The ‘Critical ICT Infrastructures’ program managed by prof. dr. ir. Rob Kooij is a strategic research program that aims to improve the quality of ICT infrastructures. The red line for all projects within this program is quality and dependability for all information and communication technology. Especially for the Dutch national vital infrastructure, at least that part which is dependent on ICT, such as energy supply, telecommunications, and financial infrastructure, it is necessary to pay attention to the different aspects of quality and dependability because our society is becoming more and more dependent on ICT infrastructures and of companies that manage such infrastructures. The work package ‘Technically Robust Infrastructures’ aims to develop robust ICT networks by using new network and security technologies. In general ‘Information Security’ typically looks at three aspects of quality and dependability: Confidentiality (C), Integrity (I) and Availability (A) of information and functionality. These three aspects are known as the “CIA” triad of information security. The project ‘Service Recovery and Cyber Continuity’ (SERCO) is part of the ‘Critical ICT Infrastructures’ program and focuses on the detection and response phase of a security incident.