Category Archives: Publication

APIRO: A Framework for Automated Security Tools API Recommendation

Journal: ACM Transaction of Software Engineering and Methodology Authors: Zarrin Tasnim Sworna, Chadni Islam, and Muhammad Ali Babar. Year: 2022 Abstract: Security Orchestration, Automation, and Response (SOAR) platforms integrate and orchestrate a wide variety of security tools to accelerate the operational activities of Security Operation Center (SOC). Integration of security tools in a SOAR platformContinue reading “APIRO: A Framework for Automated Security Tools API Recommendation”

Architecture-centric Support for Integrating Security Tools in a Security Orchestration Platform

Conference: 14th European Conference on Software Architecture (ECSA), 14-18 September 2020, L’Aquila, Italy. Authors: Chadni Islam, Muhammad Ali Babar and Surya Nepal. Year: 2020 Abstract: Security Operation Centers (SOC) leverage a number of tools to detect, thwart and deal with security attacks. One of the key challenges of SOC is to quickly integrate security tools andContinue reading “Architecture-centric Support for Integrating Security Tools in a Security Orchestration Platform”

Automated Interpretation and Integration of Security Tools Using Semantic Knowledge

Conference: 31st International Conference on Advanced Information Systems Engineering (CAiSE 2019), Rome, Italy. Authors: Chadni Islam, Muhammad Ali Babar and Surya Nepal. Year: 2019 Abstract: A security orchestration platform aims at integrating the activities performed by multi-vendor security tools to streamline the required incident response process. To make such a platform useful in practice inContinue reading “Automated Interpretation and Integration of Security Tools Using Semantic Knowledge”

A Multi-Vocal Review of Security Orchestration

Journal: ACM Computing Survey Authors: Chadni Islam, Muhammad Ali Babar and Surya Nepal. Year: 2019 Abstract: Organizations use diverse types of security solutions to prevent cyber-attacks. Multiple vendors provide security solutions developed using heterogeneous technologies and paradigms. Hence, it is a challenging rather impossible to easily make security solutions to work an integrated fashion. SecurityContinue reading “A Multi-Vocal Review of Security Orchestration”