On the Design of a Cyber Security Data Sharing System

Serrano, Oscar Serrano; Dandurand, Luc; Brown, Sarah S.

doi:10.1145/2663876.2663882

Cited by 44 publications

(28 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This actionable information can include rogue IP addresses, malware metadata, and indicators of compromise [13,20]. This information can also be of interest to regional and national Computer Emergency Response Teams [21,27].…”

Section: Related Workmentioning

confidence: 99%

How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations

Grispos¹,

Glisson

Storer

2019

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

An increasing number of cybersecurity incidents prompts organizations to explore alternative security solutions, such as threat intelligence programs. For such programs to succeed, data needs to be collected, validated, and recorded in relevant datastores. One potential source supplying these datastores is an organization's security incident response team. However, researchers have argued that these teams focus more on eradication and recovery and less on providing feedback to enhance organizational security. This prompts the idea that data collected during security incident investigations may be of insufficient quality for threat intelligence analysis.While previous discussions focus on data quality issues from threat intelligence sharing perspectives, minimal research examines the data generated during incident response investigations. This paper presents the results of a case study identifying data quality challenges in a Fortune 500 organization's incident response team. Furthermore, the paper provides the foundation for future research regarding data quality concerns in security incident response.

show abstract

Section: Related Workmentioning

confidence: 99%

How Good is Your Data? Investigating the Quality of Data Generated During Security Incident Response Investigations

Grispos¹,

Glisson

Storer

2019

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…Shodan scans open ports such as HTTP, FTP, and TELNET through the handshake process (Brown et al 2015;Lee et al 2017;Serrano et al 2014). The device information is identified by analyzing with keywords contained in the banner.…”

Section: Scan Technology For Internet Devicesmentioning

confidence: 99%

Management platform of threats information in IoT environment

Kim

2017

J Ambient Intell Human Comput

View full text Add to dashboard Cite

“…Serrano et al [16] focus on the legal aspects of the cyber security data sharing between organisations subject to di erent legal frameworks. They also propose a solution in form of Information Exchange Policy which is set up by the organisations themselves.…”

Section: Legal Aspectsmentioning

confidence: 99%