Enhancing Collaboration between Security Analysts in Security Operations Centers - Archive ouverte HAL Access content directly
Conference Papers Year :

Enhancing Collaboration between Security Analysts in Security Operations Centers

(1) , (1) , (2, 1) , (3)
1
2
3

Abstract

Security Operations Centers (SOCs) collect data related to the information systems they protect and process it to detect suspicious activities. In this paper we explain how a SOC is organized, we highlight the current limitations of SOCs and their consequences regarding the performance of the detection service. We propose a new collaboration process to enhance the cooperation between security analysts in order to quickly process security events and define a better workflow that enables them to efficiently exchange feedback. Finally, we design a prototype corresponding to this new model.

Domains

Computer Science [cs] Cryptography and Security [cs.CR]
Fichier principal
Vignette du fichier
paperSOC.pdf (295.62 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Guillaume Piolle  : Connect in order to contact the contributor

https://hal.inria.fr/hal-01992346

Submitted on : Thursday, January 24, 2019-1:41:36 PM

Last modification on : Friday, August 5, 2022-2:54:52 PM

Long-term archiving on: Thursday, April 25, 2019-1:51:07 PM

Download

Dates and versions

hal-01992346 , version 1 (24-01-2019)

Identifiers

Cite

Damien Crémilleux, Christophe Bidan, Frédéric Majorczyk, Nicolas Prigent. Enhancing Collaboration between Security Analysts in Security Operations Centers. CRISIS 2018 - 13th International Conference on Risks and Security of Internet and Systems, Oct 2018, Arcachon, France. pp.1-6, ⟨10.1007/978-3-030-12143-3_12⟩. ⟨hal-01992346⟩

Export

BibTeX TEI Dublin Core DC Terms EndNote Datacite

Collections

UNIV-RENNES1 CNRS INRIA INSA-RENNES IRISA SUP_CIDRE CENTRALESUPELEC INRIA2 UR1-MATH-STIC UR1-UFR-ISTIC UNIV-RENNES UR1-MATH-NUM
76 View
205 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More