TY - GEN
T1 - Towards efficient collaboration in cyber security
AU - Hui, Peter
AU - Bruce, Joe
AU - Fink, Glenn
AU - Gregory, Michelle
AU - Best, Daniel
AU - McGrath, Liam
AU - Endert, Alex
PY - 2010
Y1 - 2010
N2 - Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently - for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and consequently, no such framework exists to support these efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.
AB - Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently - for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and consequently, no such framework exists to support these efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.
KW - Collaborative security frameworks
KW - Collaborative software frameworks
KW - Computer security
KW - Cyber-security systems
UR - http://www.scopus.com/inward/record.url?scp=77954501870&partnerID=8YFLogxK
U2 - 10.1109/CTS.2010.5478473
DO - 10.1109/CTS.2010.5478473
M3 - Contribución a la conferencia
AN - SCOPUS:77954501870
SN - 9781424466191
T3 - 2010 International Symposium on Collaborative Technologies and Systems, CTS 2010
SP - 489
EP - 498
BT - 2010 International Symposium on Collaborative Technologies and Systems, CTS 2010
T2 - 2010 International Symposium on Collaborative Technologies and Systems, CTS 2010
Y2 - 17 May 2010 through 21 May 2010
ER -