{"title":"基于Splunk的云威胁建模和威胁情报系统","authors":"Ananthapadmanabhan A, K. Achuthan","doi":"10.1109/ISDFS55398.2022.9800787","DOIUrl":null,"url":null,"abstract":"Threat modeling is one of the traditional mechanisms used for finding the potential threats in a system. Majority of the existing threat models rely on the possible ways of modeling attacks. This work proposes a combination of both threat modeling and threat intelligence for cloud systems using Splunk towards developing a comprehensive model. The existing cloud threat models rely on the types of attacks that are possible at certain phases of the system. The combined system proposed here is a granular model, that helps in capturing the potential threats based on the attacker's behavior after a data breach. The threat intelligence module existing in the system will help identify live threats. The integrated plugin which combines both the adversarial threat model and threat monitoring dashboard were able to categorise and monitor the activities happening in the cloud using Splunk.","PeriodicalId":114335,"journal":{"name":"2022 10th International Symposium on Digital Forensics and Security (ISDFS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Threat Modeling and Threat Intelligence System for Cloud using Splunk\",\"authors\":\"Ananthapadmanabhan A, K. Achuthan\",\"doi\":\"10.1109/ISDFS55398.2022.9800787\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Threat modeling is one of the traditional mechanisms used for finding the potential threats in a system. Majority of the existing threat models rely on the possible ways of modeling attacks. This work proposes a combination of both threat modeling and threat intelligence for cloud systems using Splunk towards developing a comprehensive model. The existing cloud threat models rely on the types of attacks that are possible at certain phases of the system. The combined system proposed here is a granular model, that helps in capturing the potential threats based on the attacker's behavior after a data breach. The threat intelligence module existing in the system will help identify live threats. The integrated plugin which combines both the adversarial threat model and threat monitoring dashboard were able to categorise and monitor the activities happening in the cloud using Splunk.\",\"PeriodicalId\":114335,\"journal\":{\"name\":\"2022 10th International Symposium on Digital Forensics and Security (ISDFS)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 10th International Symposium on Digital Forensics and Security (ISDFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISDFS55398.2022.9800787\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 10th International Symposium on Digital Forensics and Security (ISDFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISDFS55398.2022.9800787","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Threat Modeling and Threat Intelligence System for Cloud using Splunk
Threat modeling is one of the traditional mechanisms used for finding the potential threats in a system. Majority of the existing threat models rely on the possible ways of modeling attacks. This work proposes a combination of both threat modeling and threat intelligence for cloud systems using Splunk towards developing a comprehensive model. The existing cloud threat models rely on the types of attacks that are possible at certain phases of the system. The combined system proposed here is a granular model, that helps in capturing the potential threats based on the attacker's behavior after a data breach. The threat intelligence module existing in the system will help identify live threats. The integrated plugin which combines both the adversarial threat model and threat monitoring dashboard were able to categorise and monitor the activities happening in the cloud using Splunk.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
