3 research outputs found

    Designing a framework for data populating alarms based on MITRE techniques

    Get PDF
    In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

    Designing a framework for data populating alarms based on mitre techniques

    Get PDF
    In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

    Børs Buddi

    No full text
    Dette prosjektet går ut på å lage et IT-system som gir beslutningsstøtte ved kjøp og salg av aksjer på børsen, basert på innsamlede artikler og analyse av tidligere transaksjoner. Ved hjelp av Scrum og designprinsipper for brukervennlighet og kodestruktur har systemet, Børs Buddi blitt konstruert. Systemet er web basert, og inneholder funksjonalitet som analyserer transaksjoner og samler inn artikler fra en nettavis. I rapporten er det redegjort for utviklingsprosessen, teknologier og resultater fra prosjektarbeidet. Resultatene er drøftet, og forslag til forbedringer og videreutvikling er presentert. Gjennom arbeidet med systemet er det lagt til rette for mulig videreutvikling av artikkel-analyser