FIELD: information security.
SUBSTANCE: invention relates to information security. Technical result is achieved by obtaining, by means of correlation means, an event from at least one event generation means; for events, the creation time of which lies within a given period of time, setting, using the correlation means, at least one order of events; using correlation means of correlation rule for obtained events with due allowance for each specified sequence; when performing at least one detection correlation rule using the information security incident correlation means.
EFFECT: technical result consists in improvement of accuracy of detection of information security incidents in cyber-physical systems.
4 cl, 8 dwg, 2 tbl
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD OF STAGED INCREASE OF INFORMATION SAFETY OF ELEMENTS OF PROCESS SYSTEM | 2019 |
|
RU2728504C1 |
| SYSTEM AND METHOD OF NETWORK UNIT DEFINITION USING RULES OF INVENTORY | 2019 |
|
RU2746101C2 |
| METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
| METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
| SYSTEM AND METHOD OF CONTROLLING ACCESS TO CYBER PHYSICAL SYSTEM | 2019 |
|
RU2726884C1 |
| METHOD FOR FILTERING EVENTS FOR TRANSMISSION TO REMOTE DEVICE | 2022 |
|
RU2813239C1 |
| METHOD FOR DIAGNOSING AND MONITORING ANOMALIES IN A CYBER-PHYSICAL SYSTEM | 2021 |
|
RU2784981C1 |
| METHOD OF DETERMINING ANOMALY SOURCES IN A CYBER-PHYSICAL SYSTEM | 2020 |
|
RU2749252C1 |
| SYSTEM AND METHOD OF GENERATING DATA FOR MONITORING CYBER-PHYSICAL SYSTEM FOR PURPOSE OF EARLY DETECTION OF ANOMALIES IN GRAPHICAL USER INTERFACE | 2018 |
|
RU2724716C1 |
| INFORMATION SECURITY INCIDENT RESPONSE SYSTEM AND METHOD | 2023 |
|
RU2824732C1 |
