Distinguished Paper Award for TPM Cybersecurity researchers

News - 07 December 2023 - Webredactie

Researchers in the TPM Cybersecurity team received a Distinguished Paper Award at the 2023 ACM Conference on Computer and Communications Security (CCS).


The paper addresses the lack of knowledge about how network defense rules within Security Operation Centers (SOCs) are created, evaluated and managed from an organizational standpoint. Through interviews with professionals working within SOCs, numerous critical factors were discovered, such as rule specificity and total number of alerts and false positives, that guide SOCs in their rule management processes. These lower-level aspects of network monitoring processes have generally been regarded as immutable by prior work. The paper includes several recommendations that address these lower-level aspects to help improve alert quality and allow SOCs to better optimize workflows and use of available resources.
First author of the paper is Mathew Vermeer, a final-year PhD researcher in the TPM Cybersecurity team (O&G), who was in Copenhagen to present the paper and receive the award. The research was supervised by Carlos Gañán, Michel van Eeten and Simon Parkin, with additional contributions from Natalia Kadenko (who was formerly a post-doctoral researcher in the team). Read the paper here.

About CCS

CCS is one of the top conferences in the area of cybersecurity, attracting 1222 submissions in 2023 (with an acceptance rate of 19%). CCS 2023 was held in Copenhagen on November 26th-30th.