Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
7.3
3.4
Journals
Sensors
Special Issues
The Security Operations Center (SOC): Architectural Challenges and Sensing Futures
sensors-logo
Submit to Sensors Review for Sensors Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

The Security Operations Center (SOC): Architectural Challenges and Sensing Futures

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Sensor Networks".

Deadline for manuscript submissions: closed (30 June 2024) | Viewed by 5128

Special Issue Editors

Prof. Dr. Paul Watters

E-Mail Website
Guest Editor
Department of Security Studies and Criminology, Macquarie University, Sydney, NSW 2109, Australia
Interests: malware sensing; detection and removal; SOC operation
Special Issues, Collections and Topics in MDPI journals
Dr. MingJian Tang

E-Mail Website
Guest Editor
HilstLab, La Trobe University, Melbourne, Australia
Interests: vulnerability sensing, detection and remediation; SOC architecture and design
Dr. Al-Hawawreh Muna

E-Mail Website
Guest Editor
School of Info Technology, Deakin University, Geelong, Australia
Interests: malicious activity sensing; threat intelligence sharing

Special Issue Information

Dear Colleagues,

The security operations center (SOC) is a critical component of any organization’s cybersecurity posture. It is responsible for sensing, monitoring, detecting, and responding to security incidents in real-time. The SOC is made up of various components, including sensors, people, processes, and technologies that work together to protect an organization’s sensitive data and assets. However, the SOC is not without its challenges, and these challenges are becoming more complex as cyber threats become more sophisticated. This Special Issue will explore the architectural challenges facing the SOC, as well as the sensing futures that are emerging to address them.

This Special Issue aims to provide a platform for researchers, practitioners, and experts to share their insights and experiences on the SOC’s architectural challenges and sensing futures. The topics that will be covered in this Special Issue include, but are not limited to:

  • SOC sensor development and innovation;
  • SOC sensing network architectures and design principles;
  • Sensing automation and orchestration in the SOC;
  • Threat intelligence and information sharing in the SOC;
  • SOC sensing network operation and management;
  • SOC performance evaluation and optimization;
  • Machine learning and artificial intelligence in the SOC;
  • Emerging technologies for SOC sensing, such as blockchain, IoT, and cloud computing;
  • SOC use cases and case studies. 

We invite original research articles, review papers, and case studies related to the SOC’s architectural challenges and sensing futures. All submissions will be peer-reviewed, and the accepted papers will be published in the Special Issue. Submissions should follow the journal’s guidelines and format. All submissions should be made online through the journal’s submission system.

The SOC’s architectural challenges and sensing futures are critical topics that require attention from the research and practitioner communities. This Special Issue will provide an excellent opportunity for researchers and practitioners to share their insights and experiences on these topics and to promote further research in this area. We look forward to receiving your submissions.

Prof. Dr. Paul Watters
Dr. MingJian Tang
Dr. Al-Hawawreh Muna
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • threat sensing
  • threat hunting
  • threat intelligence
  • endpoint sensing, detection and response
  • anomaly detection and heuristics
  • forensics
  • incident response
  • event correlation and flow sensing

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (2 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

27 pages, 1525 KiB  
Article
Detection Strategies for COM, WMI, and ALPC-Based Multi-Process Malware
by Radu Marian Portase, Andrei Marius Muntea, Andrei Mermeze, Adrian Colesa and Gheorghe Sebestyen
Sensors 2024, 24(16), 5118; https://doi.org/10.3390/s24165118 - 7 Aug 2024
Viewed by 1523
Abstract
Behavioral malware detection is based on attributing malicious actions to processes. Malicious processes may try to hide by changing the behavior of other benign processes to achieve their goals. We showcase how Component Object Model (COM) and Windows Management Instrumentation (WMI) can be [...] Read more.
Behavioral malware detection is based on attributing malicious actions to processes. Malicious processes may try to hide by changing the behavior of other benign processes to achieve their goals. We showcase how Component Object Model (COM) and Windows Management Instrumentation (WMI) can be used to create such spoofing attacks. We discuss the internals of COM and WMI and Asynchronous Local Procedure Call (ALPC). We present multiple functional monitoring techniques to identify the spoofing and discuss the strong and weak points of each technique. We create a robust process monitoring system that can correctly identify the source of malicious actions spoofed via COM, WMI and ALPC with a low performance impact. Finally, we discuss how malicious actors use COM, WMI and ALPC by examining real-world malware detected by our monitoring system. Full article
(This article belongs to the Special Issue The Security Operations Center (SOC): Architectural Challenges and Sensing Futures)
Show Figures

Figure 1

17 pages, 683 KiB  
Article
Bridging the Gap: Enhancing Maritime Vessel Cyber Resilience through Security Operation Centers
by Allan Nganga, George Nganya, Margareta Lützhöft, Steven Mallam and Joel Scanlan
Sensors 2024, 24(1), 146; https://doi.org/10.3390/s24010146 - 27 Dec 2023
Cited by 6 | Viewed by 2643
Abstract
Increasingly disruptive cyber-attacks in the maritime domain have led to more efforts being focused on enhancing cyber resilience. From a regulatory perspective, there is a requirement that maritime stakeholders implement measures that would enable the timely detection of cyber events, leading to the [...] Read more.
Increasingly disruptive cyber-attacks in the maritime domain have led to more efforts being focused on enhancing cyber resilience. From a regulatory perspective, there is a requirement that maritime stakeholders implement measures that would enable the timely detection of cyber events, leading to the adoption of Maritime Security Operation Centers (M-SOCs). At the same time, Remote Operation Centers (ROCs) are also being discussed to enable increased adoption of highly automated and autonomous technologies, which could further impact the attack surface of vessels. The main objective of this research was therefore to better understand both enabling factors and challenges impacting the effectiveness of M-SOC operations. Semi-structured interviews were conducted with nine M-SOC experts. Informed by grounded theory, incident management emerged as the core category. By focusing on the factors that make M-SOC operations a unique undertaking, the main contribution of this study is that it highlights how maritime connectivity challenges and domain knowledge impact the M-SOC incident management process. Additionally, we have related the findings to a future where M-SOC and ROC operations could be converged. Full article
(This article belongs to the Special Issue The Security Operations Center (SOC): Architectural Challenges and Sensing Futures)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-2
Back to TopTop