{"title":"Architecture of Anomaly Detection Module for the Security Operations Center","authors":"P. Bienias, G. Kolaczek, A. Warzyński","doi":"10.1109/WETICE.2019.00035","DOIUrl":null,"url":null,"abstract":"The paper presents the preliminary results of the research undertaken within RegSOC project. The goal of the project is initiate a prototype instance of the model Regional Center for Cybersecurity (RegSOC) and to facilitate to the public entities. The outcomes of this project will allow to raise levels of security protection and to present procedures, which can reduce the probability of unwanted events and methods of lowering their consequences. The project aims at developing a comprehensive cybersecurity monitoring platform which will be the software and organizational solution (management models and organizational procedures). The software part of the platform will constitute several modules specialized in various types of security level evaluation. The paper focuses on the module integrated with the RegSOC platform which will support security-related events detection by detecting anomalies. The architecture of the anomaly detection module has been introduced and the functional and non-functional requirements related to this module have been discussed. Also, the role and the way of integrating the module with the general RegSOC architecture has been demonstrate.","PeriodicalId":116875,"journal":{"name":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE.2019.00035","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
The paper presents the preliminary results of the research undertaken within RegSOC project. The goal of the project is initiate a prototype instance of the model Regional Center for Cybersecurity (RegSOC) and to facilitate to the public entities. The outcomes of this project will allow to raise levels of security protection and to present procedures, which can reduce the probability of unwanted events and methods of lowering their consequences. The project aims at developing a comprehensive cybersecurity monitoring platform which will be the software and organizational solution (management models and organizational procedures). The software part of the platform will constitute several modules specialized in various types of security level evaluation. The paper focuses on the module integrated with the RegSOC platform which will support security-related events detection by detecting anomalies. The architecture of the anomaly detection module has been introduced and the functional and non-functional requirements related to this module have been discussed. Also, the role and the way of integrating the module with the general RegSOC architecture has been demonstrate.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
