| Presentation | 2019-03-08 A Trouble Ticket System Specialized for Incident Response Yu Tsuda, Takashi Tomine, Masato Jingu, Keisuke Iwasaki, Kenjiro Terada, Daisuke Inoue, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In case that an organization has damaged by a cyberattack, it is crucial to minimize the damage by rapid security incident response. On the other hand, a trouble ticket system is typically leveraged for managing a business control (e.g. issue tracking for software development, troubleshooting on networks, etc). In this paper, we present a trouble ticket system, which enables us to rapidly respond to security incidents and to accumulateknowledge of security incident response. Our system can visualize current progress status of each security incident response and real-time chatting messages among security operators. Our system also finds similar incidents on own networks from past security incident responses. In addition, security operators can see configuration on networks and cyber threat intelligences. Hereby our system encourages security operators to start rapid triage for security incidents. At the last part of this paper, we deploy the system on our network, then we discuss the system as case study. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | trouble ticket system / security incident response / security operation |
| Paper # | ICSS2018-92 |
| Date of Issue | 2019-02-28 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2019/3/7(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | NICT Okinawa Electromagnetic Technology Center |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, etc. |
| Chair | Yoshiaki Shiraishi(Kobe Univ.) |
| Vice Chair | Hiroki Takakura(NII) / Katsunari Yoshioka(Yokohama National Univ.) |
| Secretary | Hiroki Takakura(NTT) / Katsunari Yoshioka(NICT) |
| Assistant | Akira Yamada(KDDI labs.) / Keisuke Kito(Mitsubishi Electric) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Trouble Ticket System Specialized for Incident Response |
| Sub Title (in English) | |
| Keyword(1) | trouble ticket system |
| Keyword(2) | security incident response |
| Keyword(3) | security operation |
| 1st Author's Name | Yu Tsuda |
| 1st Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| 2nd Author's Name | Takashi Tomine |
| 2nd Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| 3rd Author's Name | Masato Jingu |
| 3rd Author's Affiliation | National Institute of Information and Communications Technology/Hitachi Systems, Ltd.(NICT/HISYS) |
| 4th Author's Name | Keisuke Iwasaki |
| 4th Author's Affiliation | NTT Advanced Technology Corporation(NTT-AT) |
| 5th Author's Name | Kenjiro Terada |
| 5th Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| 6th Author's Name | Daisuke Inoue |
| 6th Author's Affiliation | National Institute of Information and Communications Technology(NICT) |
| Date | 2019-03-08 |
| Paper # | ICSS2018-92 |
| Volume (vol) | vol.118 |
| Number (no) | ICSS-486 |
| Page | pp.pp.197-202(ICSS), |
| #Pages | 6 |
| Date of Issue | 2019-02-28 (ICSS) |