A Data-driven Approach for Risk Exposure Analysis in Enterprise Security | IEEE Conference Publication | IEEE Xplore

A Data-driven Approach for Risk Exposure Analysis in Enterprise Security


Abstract:

For several years, Security Operation Centers (SOCs) have relied on tools such as Security Information and Event Management (SIEM) and Intrusion Detection Systems (IDS) f...Show More

Abstract:

For several years, Security Operation Centers (SOCs) have relied on tools such as Security Information and Event Management (SIEM) and Intrusion Detection Systems (IDS) for reactive threat detection and risk management. However, these tools are becoming inadequate in detecting the current threat landscape, which is continuously increasing in terms of volume and variety, and targeting the most vulnerable component in the kill-chain, the human actor. This manuscript presents a novel data-driven approach that models user and entity behaviour in the early stages of the kill-chain. The proposed system estimates the probability of an entity being exposed by a threat actor during the delivery stage, thereby providing better anticipation time allowing the end-user to undertake mitigation focusing on concrete entities. Moreover, the framework has been tested in a real-life scenario executing different realistic phishing simulations and achieving successful results.
Date of Conference: 09-13 October 2023
Date Added to IEEE Xplore: 06 November 2023
ISBN Information:
Conference Location: Thessaloniki, Greece

Contact IEEE to Subscribe

References

References is not available for this document.