Name
Abstract | ||
|---|---|---|
Every day, university networks are bombarded with attempts to steal the sensitive data of the various disparate domains and organizations they serve. For this reason, universities form teams of information security specialists called a Security Operations Center (SOC) to manage the complex operations involved in monitoring and mitigating such attacks. When a suspicious event is identified, members of the SOC are tasked to understand the nature of the event in order to respond to any damage the attack might have caused. This process is defined by administrative policies which are often very high-level and rarely systematically defined. This impedes the implementation of generalized and automated event response solutions, leading to specific ad hoc solutions based primarily on human intuition and experience as well as immediate administrative priorities. These solutions are often fragile, highly specific, and more difficult to reuse in other scenarios. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.23919/CNSM46954.2019.9012707 | 2019 15th International Conference on Network and Service Management (CNSM) |
Keywords | DocType | ISSN |
suspicious event,SOC,administrative policies,generalized event response solutions,automated event response solutions,ad hoc solutions,human intuition,WASPP,workflow automation,information security specialists,security operations center,security policy procedures,University networks | Conference | 2165-9605 |
ISBN | Citations | PageRank |
978-1-7281-5396-4 | 0 | 0.34 |
References | Authors | |
10 | 5 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ren Quinn | 1 | 0 | 0.68 |
| Nico Holguin | 2 | 0 | 0.34 |
| Ben Poster | 3 | 0 | 0.34 |
| Corey Roach | 4 | 0 | 0.34 |
| Jacobus Kobus Van der Merwe | 5 | 0 | 0.34 |