The project partners are working on a solution in the PA-SIEM project that will extend existing SIEM systems by profile-based anomaly detection.
A novel method is being investigated to detect security-related events quickly and reliably based on behavioral changes - without violating data protection. Both real-time events and large amounts of long-term data must be monitored automatically in order to detect conspicuous behavioral patterns. The primary use case considered is the unauthorized removal of confidential data from a network.
The methods and methods to be developed are integrated into a demonstrator in order to be able to evaluate the applicability of the technically and legally secure procedures in real application scenarios and to demonstrate them to potential customers.