User:Jbuchanan 1/Security information and event management/Bibliography

Bibliography

This is where you will compile the bibliography for your Wikipedia assignment. Please refer to the following resources for help:

History / Background

Basis for Audit and Evaluation of Computer Security from National Institute of Standards and Technology Special Publication 500-19 published in 1977.^[1]

NIST Guide to Computer Security Log Management; what and why certain logs need to be collected. Pre-curser to major SIEM implementations.^[2]

NIST SP 800-53 AU-2 Event Monitoring.^[3]

NIST SP 800-53 SI-4 System Monitoring.^[4]

NIST SP 800-53 RA-10 Threat Hunting.^[5]

NIST SP 800-53 R5.^[6]

Components of a SIEM.^[7]

Windows audit logs.^[8]

Handling and operating with SIEM data.^[9]

Healthcare as a use case.^[10]

Forensics and SIEM.^[11]

Attack Modeling.^[12]

SIEM repositories.^[13]

^ Ruthberg, Zella; McKenzie, Robert (1977-10-01). "Audit and Evaluation of Computer Security". {{cite journal}}: Cite journal requires |journal= (help)
^ Kent, Karen; Souppaya, Murugiah (2006-09-13). "Guide to Computer Security Log Management". {{cite journal}}: Cite journal requires |journal= (help)
^ Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.
^ Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.
^ Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.
^ Force, Joint Task (2020-12-10). "Security and Privacy Controls for Information Systems and Organizations". {{cite journal}}: Cite journal requires |journal= (help)
^ Azodi, Amir; Jaeger, David; Cheng, Feng; Meinel, Christoph (2013-12). "Pushing the Limits in Event Normalisation to Improve Attack Detection in IDS/SIEM Systems". 2013 International Conference on Advanced Cloud and Big Data: 69–76. doi:10.1109/CBD.2013.27. {{cite journal}}: Check date values in: |date= (help)
^ Berlin, Konstantin; Slater, David; Saxe, Joshua (2015-10-16). "Malicious Behavior Detection using Windows Audit Logs". Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security. AISec '15. Denver, Colorado, USA: Association for Computing Machinery: 35–44. doi:10.1145/2808769.2808773. ISBN 978-1-4503-3826-4.
^ Cinque, Marcello; Cotroneo, Domenico; Pecchia, Antonio (2018-10). "Challenges and Directions in Security Information and Event Management (SIEM)". 2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW): 95–99. doi:10.1109/ISSREW.2018.00-24. {{cite journal}}: Check date values in: |date= (help)
^ Di Sarno, Cesario; Formicola, Valerio; Sicuranza, Mario; Paragliola, Giovanni (2013-09). "Addressing Security Issues of Electronic Health Record Systems through Enhanced SIEM Technology". 2013 International Conference on Availability, Reliability and Security: 646–653. doi:10.1109/ARES.2013.85. {{cite journal}}: Check date values in: |date= (help)
^ Irfan, Muhammad; Abbas, Haider; Iqbal, Waseem (2015-06). "Feasibility analysis for incorporating/deploying SIEM for forensics evidence collection in cloud environment". 2015 IEEE/ACIS 14th International Conference on Computer and Information Science (ICIS): 15–21. doi:10.1109/ICIS.2015.7166563. {{cite journal}}: Check date values in: |date= (help)
^ Kotenko, Igor; Chechulin, Andrey (2012-11). "Common Framework for Attack Modeling and Security Evaluation in SIEM Systems". 2012 IEEE International Conference on Green Computing and Communications: 94–101. doi:10.1109/GreenCom.2012.24. {{cite journal}}: Check date values in: |date= (help)
^ Kotenko, Igor; Polubelova, Olga; Saenko, Igor (2012-11). "The Ontological Approach for SIEM Data Repository Implementation". 2012 IEEE International Conference on Green Computing and Communications: 761–766. doi:10.1109/GreenCom.2012.125. {{cite journal}}: Check date values in: |date= (help)

[1] Ruthberg, Zella; McKenzie, Robert (1977-10-01). "Audit and Evaluation of Computer Security". {{cite journal}}: Cite journal requires |journal= (help)

[2] Kent, Karen; Souppaya, Murugiah (2006-09-13). "Guide to Computer Security Log Management". {{cite journal}}: Cite journal requires |journal= (help)

[3] Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.

[4] Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.

[5] Computer Security Division, Information Technology Laboratory (2016-11-30). "Release Search - NIST Risk Management Framework | CSRC | CSRC". CSRC | NIST. Retrieved 2021-06-13.

[6] Force, Joint Task (2020-12-10). "Security and Privacy Controls for Information Systems and Organizations". {{cite journal}}: Cite journal requires |journal= (help)

[7] Azodi, Amir; Jaeger, David; Cheng, Feng; Meinel, Christoph (2013-12). "Pushing the Limits in Event Normalisation to Improve Attack Detection in IDS/SIEM Systems". 2013 International Conference on Advanced Cloud and Big Data: 69–76. doi:10.1109/CBD.2013.27. {{cite journal}}: Check date values in: |date= (help)

[8] Berlin, Konstantin; Slater, David; Saxe, Joshua (2015-10-16). "Malicious Behavior Detection using Windows Audit Logs". Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security. AISec '15. Denver, Colorado, USA: Association for Computing Machinery: 35–44. doi:10.1145/2808769.2808773. ISBN 978-1-4503-3826-4.

[9] Cinque, Marcello; Cotroneo, Domenico; Pecchia, Antonio (2018-10). "Challenges and Directions in Security Information and Event Management (SIEM)". 2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW): 95–99. doi:10.1109/ISSREW.2018.00-24. {{cite journal}}: Check date values in: |date= (help)

[10] Di Sarno, Cesario; Formicola, Valerio; Sicuranza, Mario; Paragliola, Giovanni (2013-09). "Addressing Security Issues of Electronic Health Record Systems through Enhanced SIEM Technology". 2013 International Conference on Availability, Reliability and Security: 646–653. doi:10.1109/ARES.2013.85. {{cite journal}}: Check date values in: |date= (help)

[11] Irfan, Muhammad; Abbas, Haider; Iqbal, Waseem (2015-06). "Feasibility analysis for incorporating/deploying SIEM for forensics evidence collection in cloud environment". 2015 IEEE/ACIS 14th International Conference on Computer and Information Science (ICIS): 15–21. doi:10.1109/ICIS.2015.7166563. {{cite journal}}: Check date values in: |date= (help)

[12] Kotenko, Igor; Chechulin, Andrey (2012-11). "Common Framework for Attack Modeling and Security Evaluation in SIEM Systems". 2012 IEEE International Conference on Green Computing and Communications: 94–101. doi:10.1109/GreenCom.2012.24. {{cite journal}}: Check date values in: |date= (help)

[13] Kotenko, Igor; Polubelova, Olga; Saenko, Igor (2012-11). "The Ontological Approach for SIEM Data Repository Implementation". 2012 IEEE International Conference on Green Computing and Communications: 761–766. doi:10.1109/GreenCom.2012.125. {{cite journal}}: Check date values in: |date= (help)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

User:Jbuchanan 1/Security information and event management/Bibliography

Bibliography

zproxy.org