Humans and automation: Augmenting security operation centers
Background: Open Access Systematic Review Humans and Automation: Augmenting
Security Operation Centers by Jack Tilbury and Stephen Flowerday* School of Cyber …
Security Operation Centers by Jack Tilbury and Stephen Flowerday* School of Cyber …
Security operations center: A systematic study and open challenges
Since the introduction of Security Operations Centers (SOCs) around 15 years ago, their
importance has grown significantly, especially over the last five years. This is mainly due to …
importance has grown significantly, especially over the last five years. This is mainly due to …
99% false positives: A qualitative study of {SOC} analysts' perspectives on security alarms
In this work, we focus on the prevalence of False Positive (FP) alarms produced by security
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
Integrated network and security operation center: A systematic analysis
D Shahjee, N Ware - IEEE Access, 2022 - ieeexplore.ieee.org
Traditionally, network and security operation center teams have worked in silos despite
commonalities. The network operating center (NOC) team is to provide operationality and …
commonalities. The network operating center (NOC) team is to provide operationality and …
Deepcase: Semi-supervised contextual analysis of security events
Security monitoring systems detect potentially malicious activities in IT infrastructures, by
either looking for known signatures or for anomalous behaviors. Security operators …
either looking for known signatures or for anomalous behaviors. Security operators …
A different cup of {TI}? the added value of commercial threat intelligence
Commercial threat intelligence is thought to provide unmatched coverage on attacker
behavior, but it is out of reach for many organizations due to its hefty price tag. This paper …
behavior, but it is out of reach for many organizations due to its hefty price tag. This paper …
Measuring and visualizing cyber threat intelligence quality
The very raison d'être of cyber threat intelligence (CTI) is to provide meaningful knowledge
about cyber security threats. The exchange and collaborative generation of CTI by the …
about cyber security threats. The exchange and collaborative generation of CTI by the …
Examining the efficacy of decoy-based and psychological cyber deception
KJ Ferguson-Walter, MM Major, CK Johnson… - 30th USENIX security …, 2021 - usenix.org
The threat of cyber attacks is a growing concern across the world, leading to an increasing
need for sophisticated cyber defense techniques. Attackers often rely on direct observation …
need for sophisticated cyber defense techniques. Attackers often rely on direct observation …
Point cloud analysis for ML-based malicious traffic detection: Reducing majorities of false positive alarms
As an emerging security paradigm, machine learning (ML) based malicious traffic detection
is an essential part of automatic defense against network attacks. Powered by dedicated …
is an essential part of automatic defense against network attacks. Powered by dedicated …
Towards human-ai teaming to mitigate alert fatigue in security operations centres
Security Operations Centres (SOCs) play a pivotal role in defending organisations against
evolving cyber threats. They function as central hubs for detecting, analysing, and …
evolving cyber threats. They function as central hubs for detecting, analysing, and …