University of Jyväskylä | JYX Digital Repository

 
View Item 

Show simple item record

Technical Performance Metrics of a Security Operations Center

dc.contributor.authorForsberg, Joonas
dc.contributor.authorFrantti, Tapio
dc.date.accessioned2023-10-18T10:05:31Z
dc.date.available2023-10-18T10:05:31Z
dc.date.issued2023
dc.identifier.citationForsberg, J., & Frantti, T. (2023). Technical Performance Metrics of a Security Operations Center. <i>Computers and Security</i>, <i>135</i>, Article 103529. <a href="https://doi.org/10.1016/j.cose.2023.103529" target="_blank">https://doi.org/10.1016/j.cose.2023.103529</a>
dc.identifier.otherCONVID_193402946
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/90111
dc.description.abstractThis research introduces a novel framework for creating metrics intended for security operations centers (SOCs). The framework is developed using the design science research methodology and has been validated by generating four novel metrics to assess the technical performance of a SOC. Additionally, the study examines the existing landscape of metrics for SOCs and concludes that a majority of the metrics discussed in the literature primarily focus on operational aspects rather than technical performance. The absence of adequate technical performance metrics makes it challenging to accurately evaluate the tangible impact of a SOC on overall cyber defense capabilities. The research also highlights the insufficiency of current methods in constructing metrics and frameworks tailored for measuring SOCs' technical performance. The resulting framework offers SOCs means to create high-quality metrics for performance evaluation. Furthermore, the metrics the framework was validated with offer SOCs an opportunity to enhance their ability to quantify their threat detection capabilities.en
dc.format.mimetypeapplication/pdf
dc.language.isoeng
dc.publisherElsevier
dc.relation.ispartofseriesComputers and Security
dc.rightsCC BY 4.0
dc.subject.othersecurity operations center
dc.subject.othersoc
dc.subject.othercsoc
dc.subject.othercyber security operations center
dc.subject.othermetric
dc.subject.othermeasurement
dc.subject.othertechnical performance
dc.subject.othercyber defense
dc.subject.otherperformance indicator
dc.titleTechnical Performance Metrics of a Security Operations Center
dc.typearticle
dc.identifier.urnURN:NBN:fi:jyu-202310186149
dc.contributor.laitosInformaatioteknologian tiedekuntafi
dc.contributor.laitosFaculty of Information Technologyen
dc.type.urihttp://purl.org/eprint/type/JournalArticle
dc.type.coarhttp://purl.org/coar/resource_type/c_2df8fbb1
dc.description.reviewstatuspeerReviewed
dc.relation.issn0167-4048
dc.relation.volume135
dc.type.versionpublishedVersion
dc.rights.copyright© 2023 The Author(s). Published by Elsevier Ltd.
dc.rights.accesslevelopenAccessfi
dc.relation.grantnumber10/31/2022
dc.subject.ysomittaus
dc.subject.ysokyberturvallisuus
dc.subject.ysomittausmenetelmät
dc.subject.ysomittarit (mittaus)
dc.format.contentfulltext
jyx.subject.urihttp://www.yso.fi/onto/yso/p4794
jyx.subject.urihttp://www.yso.fi/onto/yso/p26189
jyx.subject.urihttp://www.yso.fi/onto/yso/p20083
jyx.subject.urihttp://www.yso.fi/onto/yso/p21210
dc.rights.urlhttps://creativecommons.org/licenses/by/4.0/
dc.relation.doi10.1016/j.cose.2023.103529
dc.relation.funderBusiness Finlanden
dc.relation.funderBusiness Finlandfi
jyx.fundingprogramCo-Innovation, BFen
jyx.fundingprogramCo-Innovation, BFfi
jyx.fundinginformationThe research was supported by Business Finland (grant number 10/31/2022) and the University of Jyväskylä.
dc.type.okmA1


Files in this item

Thumbnail
Name:
1-s2.0-S016740482300439X-main.pdf
Size:
1.885Mb
Format:
PDF
Description:
publishedVersion
View/Open

This item appears in the following Collection(s)

Show simple item record

CC BY 4.0
Except where otherwise noted, this item's license is described as CC BY 4.0
Data Protection Description

Accessibility Statement

Unless otherwise specified, publicly available JYX metadata (excluding abstracts) may be freely reused under the CC0 waiver.