A Two-Step Approach to Optimal Selection of Alerts for Investigation in a CSOC

A Two-Step Approach to Optimal Selection of Alerts for Investigation in a CSOC

A Cyber Security Operations Center (CSOC) is responsible for investigating all the alerts generated from the intrusion detection systems to identify suspicious activities in a timely manner. There exists a critical gap between the time needed (demand) and the time available (limited analyst resource...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on information forensics and security 2019-07, Vol.14 (7), p.1857-1870
Hauptverfasser: Shah, Ankit, Ganesan, Rajesh, Jajodia, Sushil, Cam, Hasan
Format: Artikel
Sprache:eng
Schlagworte:
Adaptation models
Alert prioritization
Analytical models
Business metrics
Computational modeling
CSOC
Cybersecurity
Demand
Intrusion detection systems
Measurement
Mission critical systems
Optimization
Organizations
Performance measurement
quantitative value function hierarchy model
risk-score
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Schreiben Sie den ersten Kommentar!
Bitte loggen Sie sich zuerst ein