Skip to Main content Skip to Navigation
Conference papers

Enhancing Collaboration between Security Analysts in Security Operations Centers

Abstract : Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.
Complete list of metadatas

Cited literature [10 references]  Display  Hide  Download

https://hal.inria.fr/hal-01992346
Contributor : Guillaume Piolle <>
Submitted on : Thursday, January 24, 2019 - 1:41:36 PM
Last modification on : Wednesday, April 8, 2020 - 3:44:59 PM
Document(s) archivé(s) le : Thursday, April 25, 2019 - 1:51:07 PM

File

paperSOC.pdf
Files produced by the author(s)

Identifiers

Citation

Damien Crémilleux, Christophe Bidan, Frédéric Majorczyk, Nicolas Prigent. Enhancing Collaboration between Security Analysts in Security Operations Centers. CRISIS 2018 - 13th International Conference on Risks and Security of Internet and Systems, Oct 2018, Arcachon, France. pp.1-6, ⟨10.1007/978-3-030-12143-3_12⟩. ⟨hal-01992346⟩

Share

Metrics

Record views

423

Files downloads

410