SecDOAR: A Software Reference Architecture for Security Data Orchestration, Analysis and Reporting
- URL: http://arxiv.org/abs/2408.12904v2
- Date: Mon, 26 Aug 2024 01:34:17 GMT
- Title: SecDOAR: A Software Reference Architecture for Security Data Orchestration, Analysis and Reporting
- Authors: Muhammad Aufeef Chauhan, Muhammad Ali Babar, Fethi Rabhi,
- Abstract summary: We have presented an SRA for Security Data Orchestration, Analysis and Reporting (SecDOAR)
The SecDOAR SRA has been designed by leveraging existing scientific literature and security data standards.
The proposed SecDOAR SRA can be used by researchers and practitioners as a structured approach for designing and implementing cybersecurity monitoring, analysis and reporting systems.
- Score: 5.161531917413708
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: A Software Reference Architecture (SRA) is a useful tool for standardising existing architectures in a specific domain and facilitating concrete architecture design, development and evaluation by instantiating SRA and using SRA as a benchmark for the development of new systems. In this paper, we have presented an SRA for Security Data Orchestration, Analysis and Reporting (SecDOAR) to provide standardisation of security data platforms that can facilitate the integration of security orchestration, analysis and reporting tools for security data. The SecDOAR SRA has been designed by leveraging existing scientific literature and security data standards. We have documented SecDOAR SRA in terms of design methodology, meta-models to relate to different concepts in the security data architecture, and details on different elements and components of the SRA. We have evaluated SecDOAR SRA for its effectiveness and completeness by comparing it with existing commercial solutions. We have demonstrated the feasibility of the proposed SecDOAR SRA by instantiating it as a prototype platform to support security orchestration, analysis and reporting for a selected set of tools. The proposed SecDOAR SRA consists of meta-models for security data, security events and security data management processes as well as security metrics and corresponding measurement schemes, a security data integration model, and a description of SecDOAR SRA components. The proposed SecDOAR SRA can be used by researchers and practitioners as a structured approach for designing and implementing cybersecurity monitoring, analysis and reporting systems in various domains.
Related papers
- The Architecture Tradeoff and Risk Analysis Framework (ATRAF): A Unified Approach for Evaluating Software Architectures, Reference Architectures, and Architectural Frameworks [0.0]
We introduce the Architecture Tradeoff and Risk Analysis Framework (ATRAF)
ATRAF is a scenario-driven framework for evaluating tradeoffs and risks across architectural levels.
It enables the identification of sensitivities, tradeoffs, and risks while supporting continuous refinement of architectural artifacts.
arXiv Detail & Related papers (2025-05-01T17:48:52Z) - Semi-Automated Design of Data-Intensive Architectures [49.1574468325115]
This paper introduces a development methodology for data-intensive architectures.
It guides architects in (i) designing a suitable architecture for their specific application scenario, and (ii) selecting an appropriate set of concrete systems to implement the application.
We show that the description languages we adopt can capture the key aspects of data-intensive architectures proposed by researchers and practitioners.
arXiv Detail & Related papers (2025-03-21T16:01:11Z) - MES-RAG: Bringing Multi-modal, Entity-Storage, and Secure Enhancements to RAG [65.0423152595537]
We propose MES-RAG, which enhances entity-specific query handling and provides accurate, secure, and consistent responses.
MES-RAG introduces proactive security measures that ensure system integrity by applying protections prior to data access.
Experimental results demonstrate that MES-RAG significantly improves both accuracy and recall, highlighting its effectiveness in advancing the security and utility of question-answering.
arXiv Detail & Related papers (2025-03-17T08:09:42Z) - Building a Cybersecurity Risk Metamodel for Improved Method and Tool Integration [0.38073142980732994]
We report on our experience in applying a model-driven approach on the initial risk analysis step in connection with a later security testing.
Our work rely on a common metamodel which is used to map, synchronise and ensure information traceability across different tools.
arXiv Detail & Related papers (2024-09-12T10:18:26Z) - InsightBench: Evaluating Business Analytics Agents Through Multi-Step Insight Generation [79.09622602860703]
We introduce InsightBench, a benchmark dataset with three key features.
It consists of 100 datasets representing diverse business use cases such as finance and incident management.
Unlike existing benchmarks focusing on answering single queries, InsightBench evaluates agents based on their ability to perform end-to-end data analytics.
arXiv Detail & Related papers (2024-07-08T22:06:09Z) - SETC: A Vulnerability Telemetry Collection Framework [0.0]
This paper introduces the Security Exploit Telemetry Collection (SETC) framework.
SETC generates reproducible vulnerability exploit data at scale for robust defensive security research.
This research enables scalable exploit data generation to drive innovations in threat modeling, detection methods, analysis techniques, and strategies.
arXiv Detail & Related papers (2024-06-10T00:13:35Z) - Model-Driven Security Analysis of Self-Sovereign Identity Systems [2.5475486924467075]
We propose a model-driven security analysis framework for analyzing architectural patterns of SSI systems.
Our framework mechanizes a modeling language to formalize patterns and threats with security properties in temporal logic.
We present typical vulnerable patterns verified by SecureSSI.
arXiv Detail & Related papers (2024-06-02T05:44:32Z) - Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems.
We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z) - An Extensible Framework for Architecture-Based Data Flow Analysis for Information Security [1.7749883815108154]
Security-related properties are often analyzed based on data flow diagrams (DFDs)
We present an open and framework for data flow analysis.
The framework is compatible with DFDs and can also extract data flows from the Palladio architectural description language.
arXiv Detail & Related papers (2024-03-14T13:52:41Z) - An Empirically Grounded Reference Architecture for Software Supply Chain Metadata Management [2.1574657220935602]
Adopting SSC metadata requires organisations to procure or develop a Software Supply Chain Metadata Management system (SCM2)
SCM2 is a suite of software tools for performing life cycle activities of SSC metadata documents such as creation, signing, distribution, and consumption.
This paper presents an empirically grounded Reference Architecture (RA) comprising of a domain model and an architectural blueprint for SCM2 systems.
arXiv Detail & Related papers (2023-10-10T04:25:30Z) - Serving Deep Learning Model in Relational Databases [70.53282490832189]
Serving deep learning (DL) models on relational data has become a critical requirement across diverse commercial and scientific domains.
We highlight three pivotal paradigms: The state-of-the-art DL-centric architecture offloads DL computations to dedicated DL frameworks.
The potential UDF-centric architecture encapsulates one or more tensor computations into User Defined Functions (UDFs) within the relational database management system (RDBMS)
arXiv Detail & Related papers (2023-10-07T06:01:35Z) - Leveraging Traceability to Integrate Safety Analysis Artifacts into the
Software Development Process [51.42800587382228]
Safety assurance cases (SACs) can be challenging to maintain during system evolution.
We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models.
We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
arXiv Detail & Related papers (2023-07-14T16:03:27Z) - SMT-Based Safety Verification of Data-Aware Processes under Ontologies
(Extended Version) [71.12474112166767]
We introduce a variant of one of the most investigated models in this spectrum, namely simple artifact systems (SASs)
This DL, enjoying suitable model-theoretic properties, allows us to define SASs to which backward reachability can still be applied, leading to decidability in PSPACE of the corresponding safety problems.
arXiv Detail & Related papers (2021-08-27T15:04:11Z) - Symbolic Reinforcement Learning for Safe RAN Control [62.997667081978825]
We show a Symbolic Reinforcement Learning (SRL) architecture for safe control in Radio Access Network (RAN) applications.
In our tool, a user can select a high-level safety specifications expressed in Linear Temporal Logic (LTL) to shield an RL agent running in a given cellular network.
We demonstrate the user interface (UI) helping the user set intent specifications to the architecture and inspect the difference in allowed and blocked actions.
arXiv Detail & Related papers (2021-03-11T10:56:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.