Study of the applicability of the hierarchy analysis method for choosing a SIEM system
The paper is dedicated to the problem of choosing a SIEM system for use in the Network Security Center (NSC) of the critical information infrastructure (CII) information and telecommunications system (ITCS) entities. The security information and event management system is a central element of any NS...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Joint Stock Company "Experimental Scientific and Production Association SPELS
2023-09-01
|
Series: | Безопасность информационных технологий |
Subjects: | |
Online Access: | https://bit.spels.ru/index.php/bit/article/view/1526 |
_version_ | 1797688010756587520 |
---|---|
author | Natalia G. Miloslavskaya Mark Karapetyans Vladimir А. Cheverkalov |
author_facet | Natalia G. Miloslavskaya Mark Karapetyans Vladimir А. Cheverkalov |
author_sort | Natalia G. Miloslavskaya |
collection | DOAJ |
description | The paper is dedicated to the problem of choosing a SIEM system for use in the Network Security Center (NSC) of the critical information infrastructure (CII) information and telecommunications system (ITCS) entities. The security information and event management system is a central element of any NSC architecture, directly affecting the effectiveness of detecting cybersecurity incidents in the CII ITCS. Consequently, the problem of a well-founded choice of a SIEM system for NSC operations is relevant. It is proposed to solve this problem using the Analytic Hierarchy Process (AHP) method, which has proven itself in solving multi-criteria selection tasks. Based on the systemic approach and mathematical apparatus of AHP, it allows for a quantitative assessment of selection criteria and considered alternatives and to choose the preferred option from a set of possibilities. The aim of the study is to demonstrate the applicability of the AHP method for a well-founded choice of a system. The following tasks were addressed within the framework of the study: to describe the stages of the considered method and to present an algorithm for selecting a SIEM system consisting of stages of constructing a hierarchy reflecting the goal of the choice, evaluation criteria of alternatives, determination of weights of selection criteria and alternative systems for each criterion by means of pairwise comparison matrices, identification of the preferred SIEM system based on the sorting of overall priorities for all. The obtained results have practical significance for various NSCs implementing the SIEM system, including the ITCS of a CII entity. |
first_indexed | 2024-03-12T01:26:11Z |
format | Article |
id | doaj.art-535812ef2150462684489c354589d9d2 |
institution | Directory Open Access Journal |
issn | 2074-7128 2074-7136 |
language | English |
last_indexed | 2024-03-12T01:26:11Z |
publishDate | 2023-09-01 |
publisher | Joint Stock Company "Experimental Scientific and Production Association SPELS |
record_format | Article |
series | Безопасность информационных технологий |
spelling | doaj.art-535812ef2150462684489c354589d9d22023-09-12T18:13:24ZengJoint Stock Company "Experimental Scientific and Production Association SPELSБезопасность информационных технологий2074-71282074-71362023-09-01303162910.26583/bit.2023.3.011327Study of the applicability of the hierarchy analysis method for choosing a SIEM systemNatalia G. Miloslavskaya0Mark Karapetyans1Vladimir А. Cheverkalov2National Research Nuclear University MEPhI (Moscow Engineering Physics Institute)National Research Nuclear University MEPhI (Moscow Engineering Physics Institute)National Research Nuclear University MEPhI (Moscow Engineering Physics Institute)The paper is dedicated to the problem of choosing a SIEM system for use in the Network Security Center (NSC) of the critical information infrastructure (CII) information and telecommunications system (ITCS) entities. The security information and event management system is a central element of any NSC architecture, directly affecting the effectiveness of detecting cybersecurity incidents in the CII ITCS. Consequently, the problem of a well-founded choice of a SIEM system for NSC operations is relevant. It is proposed to solve this problem using the Analytic Hierarchy Process (AHP) method, which has proven itself in solving multi-criteria selection tasks. Based on the systemic approach and mathematical apparatus of AHP, it allows for a quantitative assessment of selection criteria and considered alternatives and to choose the preferred option from a set of possibilities. The aim of the study is to demonstrate the applicability of the AHP method for a well-founded choice of a system. The following tasks were addressed within the framework of the study: to describe the stages of the considered method and to present an algorithm for selecting a SIEM system consisting of stages of constructing a hierarchy reflecting the goal of the choice, evaluation criteria of alternatives, determination of weights of selection criteria and alternative systems for each criterion by means of pairwise comparison matrices, identification of the preferred SIEM system based on the sorting of overall priorities for all. The obtained results have practical significance for various NSCs implementing the SIEM system, including the ITCS of a CII entity.https://bit.spels.ru/index.php/bit/article/view/1526hierarchy analysis method (ham), critical information infrastructure (cii), siem system, network security centers (nsc), information security incident (is incident). |
spellingShingle | Natalia G. Miloslavskaya Mark Karapetyans Vladimir А. Cheverkalov Study of the applicability of the hierarchy analysis method for choosing a SIEM system Безопасность информационных технологий hierarchy analysis method (ham), critical information infrastructure (cii), siem system, network security centers (nsc), information security incident (is incident). |
title | Study of the applicability of the hierarchy analysis method for choosing a SIEM system |
title_full | Study of the applicability of the hierarchy analysis method for choosing a SIEM system |
title_fullStr | Study of the applicability of the hierarchy analysis method for choosing a SIEM system |
title_full_unstemmed | Study of the applicability of the hierarchy analysis method for choosing a SIEM system |
title_short | Study of the applicability of the hierarchy analysis method for choosing a SIEM system |
title_sort | study of the applicability of the hierarchy analysis method for choosing a siem system |
topic | hierarchy analysis method (ham), critical information infrastructure (cii), siem system, network security centers (nsc), information security incident (is incident). |
url | https://bit.spels.ru/index.php/bit/article/view/1526 |
work_keys_str_mv | AT nataliagmiloslavskaya studyoftheapplicabilityofthehierarchyanalysismethodforchoosingasiemsystem AT markkarapetyans studyoftheapplicabilityofthehierarchyanalysismethodforchoosingasiemsystem AT vladimiracheverkalov studyoftheapplicabilityofthehierarchyanalysismethodforchoosingasiemsystem |