Management of events and incidents is one of the cornerstones for any service.
The SIEM (Security Information and Event Management) approach enables near-real time event management as well as proactive management of security incidents and events for IT infrastructures.
RaSIEM 2014 addresses research topics in SIEM and related methods and technologies.
This workshop will be supported by the project ACCEPT (http://accept-projekt.de/) which
considers in particular the special threats for SIEM in virtualized computer systems.

Topics of interest include, but are not limited to:
• Recognition, analysis and treatment of safety-relevant anomalies in virtualized computer systems
• Adequate sensors in the hypervisor, VMs and in run-time environments for applications
• Case study of SIEM in operational scenarios
• Protection of critical infrastructures against (targeted) cyber attacks
• Recognizing real threats in the multitude of daily alerts
• Predictive security analysis
• Ensuring data source reliability
• Managing data from heterogeneous devices and networks
• Correlation of highly heterogeneous data to identify threats
• SIEM for distributed computing
• Fault tolerance and resilience for SIEM architectures
• Real-time security analysis for SIEM
• SIEM for process monitoring and control
• Decision systems in SIEM
• Event translation and complex event processing for SIEM
• Big data approaches of mapping and reducing problem sets with regard to security
information to help create meaning and structure from myriad data sources
• Visualization of security events