Enabling trustworthy spaces via orchestrated analytical security

Joshua Howes, James Solderitsch, Ignatius Chen, Jonté Craighead
2013 Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop on - CSIIRW '13  
Cyberspaces require both the implementation of customized functional requirements and the enforcement of policy constraints to be trustworthy. In tailored, distributed and adaptive environments (spaces), monitoring to ensure this enforcement is especially difficult given the wide spectrum of activities performed and the evolving range of threats. Spaces must be monitored from a multitude of perspectives, each of which will generate a vast quantity of disparate information, including structured,
more » ... semi-structured and unstructured data. However, existing security toolsets and offerings are not yet well equipped to analyze these kinds of data with the necessary speed and agility. Big Data technologies, such as Hadoop, enable the analysis of large and unstructured data sources. We propose security operations teams extend their existing security infrastructure with emerging Big Data analytics and Complex Event Processing platforms. To help them do so, we introduce a conceptual blueprint for the analytics solution. We also present an Orchestrated Analytical Security operational and organizational framework that helps organizations understand how analytical security not only provides monitoring but also creates actionable intelligence from data.
doi:10.1145/2459976.2459991 dblp:conf/csiirw/HowesSCC13 fatcat:7hl3mtawpng7lidpmb7jutxmi4