Arnau Erola
RicherPicture: Semi-automated cyber defence using context-aware data analytics
Erola, Arnau; Agrafiotis, Ioannis; Happa, Jassim; Goldsmith, Michael; Creese, Sadie; Legg, Philip
Authors
Ioannis Agrafiotis
Jassim Happa
Michael Goldsmith
Sadie Creese
Professor Phil Legg Phil.Legg@uwe.ac.uk
Professor in Cyber Security
Abstract
In a continually evolving cyber-threat landscape, the detection and prevention of cyber attacks has become a complex task. Technological developments have led organisations to digitise the majority of their operations. This practice, however, has its perils, since cybespace offers a new attack-surface. Institutions which are tasked to protect organisations from these threats utilise mainly network data and their incident response strategy remains oblivious to the needs of the organisation when it comes to protecting operational aspects. This paper presents a system able to combine threat intelligence data, attack-trend data and organisational data (along with other data sources available) in order to achieve automated network-defence actions. Our approach combines machine learning, visual analytics and information from business processes to guide through a decision- making process for a Security Operation Centre environment. We test our system on two synthetic scenarios and show that correlating network data with non-network data for automated network defences is possible and worth investigating further.
Citation
Erola, A., Agrafiotis, I., Happa, J., Goldsmith, M., Creese, S., & Legg, P. (2017, June). RicherPicture: Semi-automated cyber defence using context-aware data analytics. Paper presented at International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA 2017), London
Presentation Conference Type | Conference Paper (unpublished) |
---|---|
Conference Name | International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA 2017) |
Conference Location | London |
Start Date | Jun 19, 2017 |
End Date | Jun 20, 2017 |
Acceptance Date | Mar 30, 2017 |
Publication Date | Jun 19, 2017 |
Publicly Available Date | Mar 29, 2024 |
Peer Reviewed | Peer Reviewed |
Public URL | https://uwe-repository.worktribe.com/output/885894 |
Additional Information | Title of Conference or Conference Proceedings : International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA 2017) |
You might also like
Analyst-driven XAI for time series forecasting: Analytics for telecoms maintenance
(2024)
Conference Proceeding
Improving search space analysis of fuzzing mutators using cryptographic structures
(2023)
Conference Proceeding
Longitudinal risk-based security assessment of docker software container images
(2023)
Journal Article
Teaching offensive and defensive cyber security in schools using a Raspberry Pi Cyber Range
(2023)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search