| Veröffentlichte Version Download ( PDF | 2MB) | Lizenz: Creative Commons Namensnennung 4.0 International |
Formalizing and Integrating User Knowledge into Security Analytics
Böhm, Fabian
, Vielberth, Manfred und Pernul, Günther
(2022)
Formalizing and Integrating User Knowledge into Security Analytics.
SN Computer Science 3 (347), S. 1-17.
Veröffentlichungsdatum dieses Volltextes: 27 Jun 2022 11:43
Artikel
DOI zum Zitieren dieses Dokuments: 10.5283/epub.52510
Zusammenfassung
The Internet-of-Things and ubiquitous cyber-physical systems increase the attack surface for cyber-physical attacks. They exploit technical vulnerabilities and human weaknesses to wreak havoc on organizations’ information systems, physical machines, or even humans. Taking a stand against these multi-dimensional attacks requires automated measures to be com- bined with people as their knowledge ...
The Internet-of-Things and ubiquitous cyber-physical systems increase the attack surface for cyber-physical attacks. They exploit technical vulnerabilities and human weaknesses to wreak havoc on organizations’ information systems, physical machines, or even humans. Taking a stand against these multi-dimensional attacks requires automated measures to be com- bined with people as their knowledge has proven critical for security analytics. However, there is no uniform understanding of information security knowledge and its integration into security analytics activities. With this work, we structure and formalize the crucial notions of knowledge that we deem essential for holistic security analytics. A corresponding knowledge model is established based on the Incident Detection Lifecycle, which summarizes the security analytics activities. This idea of knowledge-based security analytics highlights a dichotomy in security analytics. Security experts can operate security mechanisms and thus contribute their knowledge. However, security novices often cannot operate security mechanisms and, therefore, cannot make their highly-specialized domain knowledge available for security analytics. This results in several severe knowledge gaps. We present a research prototype that shows how several of these knowledge gaps can be overcome by simplifying the interaction with automated security analytics techniques.
Alternative Links zum Volltext
Beteiligte Einrichtungen
Details
| Dokumentenart | Artikel | ||||
| Titel eines Journals oder einer Zeitschrift | SN Computer Science | ||||
| Verlag: | Springer | ||||
|---|---|---|---|---|---|
| Band: | 3 | ||||
| Nummer des Zeitschriftenheftes oder des Kapitels: | 347 | ||||
| Seitenbereich: | S. 1-17 | ||||
| Datum | 24 Juni 2022 | ||||
| Institutionen | Wirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatik und Data Science > Fachbereich Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) | ||||
| Identifikationsnummer |
| ||||
| Stichwörter / Keywords | Security analytics, Domain knowledge, Visual analytics, Security Awareness, Security operations | ||||
| Dewey-Dezimal-Klassifikation | 000 Informatik, Informationswissenschaft, allgemeine Werke > 004 Informatik | ||||
| Status | Veröffentlicht | ||||
| Begutachtet | Ja, diese Version wurde begutachtet | ||||
| An der Universität Regensburg entstanden | Ja | ||||
| URN der UB Regensburg | urn:nbn:de:bvb:355-epub-525108 | ||||
| Dokumenten-ID | 52510 |
Bibliographische Daten exportieren
Nur für Besitzer und Autoren: Kontrollseite des Eintrags
Downloadstatistik
Downloadstatistik