Shaked, Avraham, Cherdantseva, Yulia  ORCID: https://orcid.org/0000-0002-3527-1121 and Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X
2022.
Model-based incident response playbooks.
Presented at: 17th International Conference on Availability, Reliability and Security,
Vienna, Austia,
23-26 August 2022.
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security.
ACM,
pp. 1-7.
10.1145/3538969.3538976
|
Preview |
PDF
- Published Version
Download (560kB) | Preview |
Abstract
Inevitably, all systems are vulnerable, and none are impervious to attack. Incident response is an important element in maintaining the cyber security posture of organizations. Incident response practitioners often rely on process descriptions in the form of playbooks as recipes for handling incidents as they occur. However, current practices and mechanisms do not offer a disciplined approach to designing and representing playbooks, risking the effectiveness of the playbooks in directing and coordinating incident response. In this paper, we propose a formal, model-based design approach to designing cyber security incident response playbooks. We provide a tool prototype for the approach, developed using the Eclipse framework, and demonstrate how it can accommodate playbooks. Finally, we discuss how the approach can improve aspects of incident response throughout its lifecycle, by correctly prescribing and coordinating response actions as well as supporting organizational learning.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Date Type: | Published Online |
| Status: | Published |
| Schools: | Computer Science & Informatics |
| Publisher: | ACM |
| Funders: | EPSRC Grant number EP/V038710/1 |
| Date of First Compliant Deposit: | 8 February 2024 |
| Date of Acceptance: | 1 June 2022 |
| Last Modified: | 15 Feb 2024 11:39 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/166210 |
Actions (repository staff only)
 |
Edit Item |
Dimensions
Dimensions
Cardiff University Information Services