Enhancing Collaboration Between Security Analysts in Security Operations Centers

被引：3

作者：

Cremilleux, Damien ^{[1
]}

Bidan, Christophe ^{[1
]}

Majorczyk, Fredeic ^{[1
,2
]}

Prigent, Nicolas ^{[3
]}

机构：

[1] Cent Supelec, Rennes, France

[2] DGA MI, Bruz, France

[3] LSTI, St Malo, France

来源：

RISKS AND SECURITY OF INTERNET AND SYSTEMS | 2019年 / 11391卷

关键词：

Security and privacy; Intrusion detection systems; Network security; Collaboration; Security Operations Center;

D O I：

10.1007/978-3-030-12143-3_12

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.

引用

页码：136 / 142

页数：7

共 50 条

[1] Security concerns towards Security Operations centers
Janos, Feher David
Nguyen Huu Phuoc Dai
2018 IEEE 12TH INTERNATIONAL SYMPOSIUM ON APPLIED COMPUTATIONAL INTELLIGENCE AND INFORMATICS (SACI), 2018, : 273 - 278
[2] Security Operations Centers for Information Security Incident Management
Miloslayskaya, Natalia
2016 IEEE 4TH INTERNATIONAL CONFERENCE ON FUTURE INTERNET OF THINGS AND CLOUD (FICLOUD 2016), 2016, : 131 - 138
[3] Analysis of SIEM Systems and Their Usage in Security Operations and Security Intelligence Centers
Miloslavskaya, Natalia
BIOLOGICALLY INSPIRED COGNITIVE ARCHITECTURES (BICA) FOR YOUNG SCIENTISTS, 2018, 636 : 282 - 288
[4] ENHANCING ELEVATOR OPERATIONS FOR SECURITY CONSIDERATIONS.
Strakosch, George R.
Elevator World, 1986, 34 (04):
[5] SECURITY ANALYSTS (CONTD)
FAULKNER, RM
FORTUNE, 1984, 110 (11) : 15 - &
[6] Challenges and performance metrics for security operations center analysts: a systematic review
Agyepong, Enoch
Cherdantseva, Yulia
Reinecke, Philipp
Burnap, Pete
Agyepong, Enoch (agyeponge@cardiff.ac.uk), 1600, Taylor and Francis Ltd. (04): : 125 - 152
[7] A Team-Level Perspective of Human Factors in Cyber Security: Security Operations Centers
Hamornik, Balazs Peter
Krasznay, Csaba
ADVANCES IN HUMAN FACTORS IN CYBERSECURITY, 2018, 593 : 224 - 236
[8] Interdisciplinary Optimization of Security Operations Centers with Digital Assistant
Tureczki, Bence
Szenes, Katalin
IEEE 15TH INTERNATIONAL SYMPOSIUM ON APPLIED COMPUTATIONAL INTELLIGENCE AND INFORMATICS (SACI 2021), 2021, : 397 - 401
[9] SECURITY ANALYSTS AND THE PRICE LEVEL
Horngren, Charles T.
ACCOUNTING REVIEW, 1955, 30 (04): : 575 - 581
[10] A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems
Longo, Giacomo
Lupia, Francesco
Merlo, Alessio
Pagano, Francesco
Russo, Enrico
INFORMATION SCIENCES, 2024, 690

← 1 2 3 4 5 →