Please use this identifier to cite or link to this item:
https://rda.sliit.lk/handle/123456789/2076
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Chamiekara, G. W. P | - |
dc.contributor.author | Cooray, M. I. M | - |
dc.contributor.author | Wickramasinghe, L. S. A. M | - |
dc.contributor.author | Koshila, Y. M. S | - |
dc.contributor.author | Abeywardhana, K. Y | - |
dc.contributor.author | Senarathna, A. N | - |
dc.date.accessioned | 2022-04-26T10:20:27Z | - |
dc.date.available | 2022-04-26T10:20:27Z | - |
dc.date.issued | 2017-09-14 | - |
dc.identifier.citation | G. W. P. Chamiekara, M. I. M. Cooray, L. S. A. M. Wickramasinghe, Y. M. S. Koshila, K. Y. Abeywardhana and A. N. Senarathna, "AutoSOC: A low budget flexible security operations platform for enterprises and organizations," 2017 National Information Technology Conference (NITC), 2017, pp. 100-105, doi: 10.1109/NITC.2017.8285644. | en_US |
dc.identifier.isbn | 978-1-5386-2425-8 | - |
dc.identifier.uri | http://rda.sliit.lk/handle/123456789/2076 | - |
dc.description.abstract | Most of today's existing Security Operations Center (SOC) platforms follow a hybrid methodology in Security operations execution. However, these systems consist of a number of drawbacks. As there is a human component, there is a possibility of identification of false positives as true threat alerts. This will impact inversely towards the overall system. Currently there exists some automated SOCs as well, however their cost is considerably high for most small and medium scale companies. That is why we propose AutoSOC, a fully automated security operations center platform except for the Forensic investigation system, which requires a ticket to be generated with the approval of the user. This low budget enterprise solution comprises of an Intelligent Intrusion Detection and Prevention System (IIDPS), a Security Incident and Event Management System (SIEM), a Malware Analysis System and a Simple Forensic Investigation System. The Intelligent IIDPS contains an Intelligent Intrusion Detection System (IIDS) and an Intelligent Intrusion Prevention System (IIPS). IIDS is an alert system, which comprises components that notify and communicate in between integrated components when an attack or a breach occurs. The IIPS will understand the behavior of applications, and protocols are supposed to be according to their published standards. The SIEM is responsible for analyzing security event data, and it collects logs, stores, analyzes and reports on log data for incident response, forensics and regulatory compliance. The malware analysis process runs parallel to a forensic toolkit in order to accurately predict possible root causes for a certain incident. The forensic toolkit targets on the key components of analysis including processes running, packets captured etc. Therefore, the suggested solution will be able to reduce the cost of security implementations, increase the efficiency and accuracy of analysis results by eliminating false positives or the reporting of incorrect vulnerabilities by learning about the SOC network and environment. | en_US |
dc.language.iso | en | en_US |
dc.publisher | IEEE | en_US |
dc.relation.ispartofseries | 2017 National Information Technology Conference (NITC);Pages 100-105 | - |
dc.subject | AutoSOC | en_US |
dc.subject | low budget | en_US |
dc.subject | flexible security | en_US |
dc.subject | operations platform | en_US |
dc.subject | enterprises | en_US |
dc.subject | organizations | en_US |
dc.title | Autosoc: A low budget flexible security operations platform for enterprises and organizations | en_US |
dc.type | Article | en_US |
dc.identifier.doi | 10.1109/NITC.2017.8285644 | en_US |
Appears in Collections: | Department of Computer Systems Engineering-Scopes Research Papers - Dept of Computer Systems Engineering Research Papers - IEEE Research Papers - SLIIT Staff Publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
AutoSOC_A_low_budget_flexible_security_operations_platform_for_enterprises_and_organizations.pdf Until 2050-12-31 | 381.23 kB | Adobe PDF | View/Open Request a copy |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.