Security Incident Response Automation for xPON Networks

Thumbnail
View/Open
Date
2022-04-25
Author
Altmetrics
10.24138/jcomss-2022-0033
Metadata
Show full item record
Abstract
This paper presents a developed tool for automated security incident reporting in passive optical networks. This tool interacts with our programmable development card, developed detection modules, and TheHive project. The custom implementation of the solution has resulted in anomaly reporting templates for xPON networks that can be universally applied and new definitions of indicators of compromise. The custom implementation consists of a collector and middleware layer between the programmable card and Apache Kafka.
Keywords
Automation, CERT, Incidents, Reports, SIRAP, Tool
Persistent identifier
http://hdl.handle.net/11012/204170
Document type
Peer reviewed
Document version
Final PDF
Source
Journal of Communications Software and Systems. 2022, vol. 18, issue 2, p. 144-152.
https://jcoms.fesb.unist.hr/10.24138/jcomss-2022-0033/
DOI
10.24138/jcomss-2022-0033
Collections
Citace PRO
Creative Commons Attribution-NonCommercial 4.0 International
Except where otherwise noted, this item's license is described as Creative Commons Attribution-NonCommercial 4.0 International