SIEM for mobile devices
Patrick Burkard, Master thesis
The kind of devices, that are used in the information technology of enterprises, has changed in the last years. From classical desktop systems the trend is developing to mobile working. Starting with the usage of Laptops, and today the use of smartphones and tabets. The risks for IT-Systems that enterprises experience have changed through this trend.
Within the thesis the risks will be analyzed and a platform independant concept to deal with these risks, using a Security Information an Event Managament System, in short SIEM-System, will be developed. Questions about security will be considered within the concept, details to optimize the storage while collecting Log-Data on the device and proposals to optimize the data transfer to a SIEM-System will be given.
To proof the possibility to realize the concept some experiments, on the basis of the Android operating system, are realised and discussed. Those experiments show the capability of the methods that are discussed in the concept. It was ascertained that Android is applicable for an integration into a SIEM-System, because it was possible to deal with the existing risks by only using simple instruments.