IoTBlockSIEM for information security incident management in the internet of things ecosystem

被引:6
作者
Miloslavskaya, Natalia [1 ]
Tolstoy, Alexander [1 ]
机构
[1] Natl Res Nucl Univ MEPhI, Moscow Engn Phys Inst, 31 Kashirskoye Shosse, Moscow 115409, Russia
来源
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS | 2020年 / 23卷 / 03期
关键词
Internet of things; IoT ecosystem; Security information and event management; SIEM system; Blockchain technology; Information security incident management; Information security incident; Information security event; Transaction; CHALLENGES;
D O I
10.1007/s10586-020-03110-5
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The Internet unfolded enormous opportunities to the modern computing world where not only humans but also computers and machines, as well as any tiny sensing devices, can communicate and collaborate. The Internet of Things (IoT) is still a new concept in its early stages after 20 years of successful usage in various application domains. Nowadays, the "Internet of Things Ecosystem" term is being used more often that emphasizes its complex internal structure and functionality. Based on the available standards on the IoT's generalized architecture and reference model, the IoT ecosystem is presented as a security object to be protected. Numerous security controls, collecting raw data for complex and multi-stage processing and further detection of events related to information security (IS), are located on its layers. The IS incident management process with different routine actions for the IoT ecosystems needs automation, for which Security Information and Event Management (SIEM) systems are the best applicable solutions. But modern challenges require modifying two previously known generations of these systems, especially for the IoT ecosystems. A new blockchain-based system called the IoTBlockSIEM is proposed to solve this problem. An example of constructing transactions in the IoTBlockSIEM for the case of its use in managing IS incidents in the IoT ecosystem is provided. Further research concludes the article.
引用
收藏
页码:1911 / 1925
页数:15
相关论文
共 48 条
[1]  
Al-Kasassbeh M., 2020, Handbook of Computer Networks and Cyber Security, P889
[2]  
Alloghani M., 2020, HDB COMPUTER NETWORK, P585
[3]  
[Anonymous], 20924 ISOIEC
[4]  
[Anonymous], 2012, NIST SP
[5]  
[Anonymous], 8222 NISTIR
[6]  
[Anonymous], 2703512016 ISOIEC
[7]  
[Anonymous], 270002018 ISOIEC
[8]  
[Anonymous], 2019, Natl Inst Stand Technol, P8228, DOI DOI 10.6028/NIST.IR.8228
[9]  
[Anonymous], 301412018 ISOIEC
[10]  
[Anonymous], 270432015 ISOIEC