Authors : Archana PS; Christan Jose; Albin Biju; Aromal Dileep; Aswanth G Pillai

Volume/Issue : Volume 9 - 2024, Issue 12 - December

Google Scholar : https://tinyurl.com/5cjzhkxa

Scribd : https://tinyurl.com/5yhabfx2

DOI : https://doi.org/ 10.5281/zenodo. 14557505

Abstract : This paper reviews current SOC tools to identify the deficiencies encountered as well as analyses the emerging requirements of modern SOC environments. It means the use of automation, machine learning and visualization in SOC environ- ments is very important in order to increase speed and efficiency. This survey compiles the recent advances in SOC architecture, automation interfaces and real-time data processing. After going through the paper, the following significant observations can be made: Firstly, there is a lack of coordination in linking numerous tools collectively; secondly, when it comes to the enhancement of the detection rate , the engagement of the machine learning algorithm; and thirdly, rising automation trends that help to minimize a huge amount of manual work. Challenges that have kept SOC from gaining widespread acceptance are discussed including cost, technical expertise, and privacy issues, followed by strategies of how an improved SOC tool can be created to overcome the drawbacks of existing solutions.

References :

1. Hayeri Khyavi and M. Rahimi, “Conceptual Model for Security in Next Generation Network,” in Proceedings of the 2021 IEEE Interna- tional Conference on Computer and Communication Systems (ICCCS), 2021, pp. 123-128.
2. Q. Yang, “Computer Network Security Evaluation Method Based on GABP Model,” Journal of Computer Networks and Communications, vol. 2020, pp. 1-9, 2020.
3. Z. Lina and Z. Dongzhao, “A New Network Security Architecture Based on SDN/NFV Technology,” in Proceedings of the 2021 IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), 2021, pp. 98-103.
4. Vielberth, F. Bo¨hm, I. Fichtinger, and G. Pernu, “Security Operations Center: A Systematic Study and Open Challenges,” IEEE Access, vol. 8, pp. 211407-211420, 2020.
5. Elsadig, A. Altigani, and M. A. A. Baraka, “Security Issues and Challenges on Wireless Sensor Networks,” International Journal of Information Security, vol. 18, no. 4, pp. 305-319, 2019.
6. Pautasso, “RESTful Web Services: Principles and Best Practices,” IEEE Internet Computing, vol. 17, no. 4, pp. 79-82, 2013.
7. Islam, M. A. Babar, and S. Nepal, “Building a SOAR Platform: Design Considerations and Technical Challenges,” in Proceedings of the 2021 IEEE International Conference on Cybersecurity and Privacy (ICCP), 2021, pp. 50-55.
8. Pinto, L.-C. Herrera, Y. Donoso, and J. A. Gutierrez, “Microservices: A Flexible Model for SOC Tool Development,” in Proceedings of the 2021 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), 2021, pp. 209-216.
9. Gonza´lez-Granadillo and S. Gonza´lez-Zarzosa, “Next-Generation SIEM: From Monitoring to Detection and Response,” Journal of Cy- bersecurity and Privacy, vol. 1, no. 3, pp. 322-339, 2021.
10. Moustafa and A. Anjum, “Data Fusion in Cybersecurity: Techniques, Tools, and Applications,” IEEE Communications Surveys Tutorials, vol. 21, no. 3, pp. 2345-2372, 2019.
11. Laska, S. Herle, R. Klamma, and J. Blankenbach, “Designing Scal- able APIs for Real-Time Data Processing in SOC Tools,” in Proceedings of the 2021 IEEE Global Communications Conference (GLOBECOM), 2021, pp. 1-6.
12. Pinto, L.-C. Herrera, Y. Donoso, and J. A. Gutierrez, “Machine Learn- ing for Security Incident Detection: A Survey,” Journal of Information Security and Applications, vol. 58, 2021.