Exploratory Analysis of File System Metadata for Rapid Investigation of Security Incidents

September 03, 2020 Β· Declared Dead Β· πŸ› Visualization for Computer Security

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Michal Beran, Frantisek Hrdina, Daniel Kouril, Radek Oslejsek, Kristina Zakopcanova arXiv ID 2009.01698 Category cs.HC: Human-Computer Interaction Cross-listed cs.CR Citations 6 Venue Visualization for Computer Security Last Checked 4 months ago
Abstract
Investigating cybersecurity incidents requires in-depth knowledge from the analyst. Moreover, the whole process is demanding due to the vast data volumes that need to be analyzed. While various techniques exist nowadays to help with particular tasks of the analysis, the process as a whole still requires a lot of manual activities and expert skills. We propose an approach that allows the analysis of disk snapshots more efficiently and with lower demands on expert knowledge. Following a user-centered design methodology, we implemented an analytical tool to guide analysts during security incident investigations. The viability of the solution was validated by an evaluation conducted with members of different security teams.
Community shame:
Not yet rated
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Human-Computer Interaction

Died the same way β€” πŸ‘» Ghosted