Wait, What Does a SOC Do? - NDSS Symposium

Joe Nehila, Drew Walsh (Deloitte And Touche)

Security Operation Centers (SOCs) are a common and critical piece of an organization’s cybersecurity strategy to prevent, monitor, detect, mitigate, and respond to cybersecurity incidents; but these aren’t the metrics a SOC analyst is measured against: they are measured against volume and time. This talk will discuss the current challenges SOC analysts face with alert fatigue against an ever-growing number of alerts and the need to manage the scale by scaling the analyst.

View More Papers

EnclaveFuzz: Finding Vulnerabilities in SGX Applications

Liheng Chen (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Institute for Network Science and Cyberspace of Tsinghua University), Zheming Li (Institute for Network Science and Cyberspace of Tsinghua University), Zheyu Ma (Institute for Network Science and Cyberspace of Tsinghua University), Yuan Li (Tsinghua University),…

A Unified Symbolic Analysis of WireGuard

Pascal Lafourcade (Universite Clermont Auvergne), Dhekra Mahmoud (Universite Clermont Auvergne), Sylvain Ruhault (Agence Nationale de la Sécurité des Systèmes d'Information)

Parrot-Trained Adversarial Examples: Pushing the Practicality of Black-Box Audio...

Rui Duan (University of South Florida), Zhe Qu (Central South University), Leah Ding (American University), Yao Liu (University of South Florida), Zhuo Lu (University of South Florida)