{"id":"https://openalex.org/W2040576886","doi":"https://doi.org/10.1145/2663887.2663904","title":"A Tale of Three Security Operation Centers","display_name":"A Tale of Three Security Operation Centers","publication_year":2014,"publication_date":"2014-11-07","ids":{"openalex":"https://openalex.org/W2040576886","doi":"https://doi.org/10.1145/2663887.2663904","mag":"2040576886"},"language":"en","primary_location":{"id":"doi:10.1145/2663887.2663904","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2663887.2663904","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM Workshop on Security Information Workers","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013192673","display_name":"Sathya Chandran Sundaramurthy","orcid":null},"institutions":[{"id":"https://openalex.org/I189590672","display_name":"Kansas State University","ror":"https://ror.org/05p1j8758","country_code":"US","type":"education","lineage":["https://openalex.org/I189590672"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sathya Chandran Sundaramurthy","raw_affiliation_strings":["Kansas State University, Manhattan, KS, USA","Kansas State University, Manhattan, KS, USA;"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Kansas State University, Manhattan, KS, USA","institution_ids":["https://openalex.org/I189590672"]},{"raw_affiliation_string":"Kansas State University, Manhattan, KS, USA;","institution_ids":["https://openalex.org/I189590672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081559203","display_name":"Jacob P. Case","orcid":"https://orcid.org/0000-0003-4296-6965"},"institutions":[{"id":"https://openalex.org/I189590672","display_name":"Kansas State University","ror":"https://ror.org/05p1j8758","country_code":"US","type":"education","lineage":["https://openalex.org/I189590672"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jacob Case","raw_affiliation_strings":["Kansas State University, Manhattan, KS, USA","Kansas State University, Manhattan, KS, USA;"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Kansas State University, Manhattan, KS, USA","institution_ids":["https://openalex.org/I189590672"]},{"raw_affiliation_string":"Kansas State University, Manhattan, KS, USA;","institution_ids":["https://openalex.org/I189590672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034549420","display_name":"Tony H. Truong","orcid":"https://orcid.org/0000-0002-0991-7961"},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tony Truong","raw_affiliation_strings":["University of Arizona, Tucson, AZ, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024432449","display_name":"Loai Zomlot","orcid":null},"institutions":[{"id":"https://openalex.org/I1324840837","display_name":"Hewlett-Packard (United States)","ror":"https://ror.org/059rn9488","country_code":"US","type":"company","lineage":["https://openalex.org/I1324840837"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Loai Zomlot","raw_affiliation_strings":["HP Labs, Princeton, NJ, USA","HP Labs., Princeton, NJ, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"HP Labs, Princeton, NJ, USA","institution_ids":[]},{"raw_affiliation_string":"HP Labs., Princeton, NJ, USA","institution_ids":["https://openalex.org/I1324840837"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031465537","display_name":"Marcel Hoffmann","orcid":"https://orcid.org/0000-0002-1617-1520"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marcel Hoffmann","raw_affiliation_strings":["HP Global Cyber Security, Palo Alto, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"HP Global Cyber Security, Palo Alto, CA, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":48,"citation_normalized_percentile":{"value":0.1704105,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"43","last_page":"50"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11024","display_name":"Information Systems Theories and Implementation","score":0.9876000285148621,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12221","display_name":"Cybersecurity and Cyber Warfare Studies","score":0.9686999917030334,"subfield":{"id":"https://openalex.org/subfields/3320","display_name":"Political Science and International Relations"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interview","display_name":"Interview","score":0.7985565662384033},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.680526614189148},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.6139019727706909},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5909940600395203},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.5436865091323853},{"id":"https://openalex.org/keywords/reflection","display_name":"Reflection (computer programming)","score":0.4963403344154358},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.4629363417625427},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.39601776003837585},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3786017894744873},{"id":"https://openalex.org/keywords/public-relations","display_name":"Public relations","score":0.37246620655059814},{"id":"https://openalex.org/keywords/sociology","display_name":"Sociology","score":0.2251092493534088},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.15163686871528625},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12202069163322449}],"concepts":[{"id":"https://openalex.org/C24845683","wikidata":"https://www.wikidata.org/wiki/Q178651","display_name":"Interview","level":2,"score":0.7985565662384033},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.680526614189148},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.6139019727706909},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5909940600395203},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.5436865091323853},{"id":"https://openalex.org/C65682993","wikidata":"https://www.wikidata.org/wiki/Q1056451","display_name":"Reflection (computer programming)","level":2,"score":0.4963403344154358},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.4629363417625427},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.39601776003837585},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3786017894744873},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.37246620655059814},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.2251092493534088},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.15163686871528625},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12202069163322449},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C19165224","wikidata":"https://www.wikidata.org/wiki/Q23404","display_name":"Anthropology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2663887.2663904","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2663887.2663904","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM Workshop on Security Information Workers","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4324467992","display_name":null,"funder_award_id":"FA8750-12-2-0258","funder_id":"https://openalex.org/F4320306110","funder_display_name":"U.S. Department of Homeland Security"},{"id":"https://openalex.org/G5216177361","display_name":null,"funder_award_id":"1314925","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306110","display_name":"U.S. Department of Homeland Security","ror":"https://ror.org/00jyr0d86"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W38991701","https://openalex.org/W238041975","https://openalex.org/W1976815164","https://openalex.org/W1981681059","https://openalex.org/W1988453576","https://openalex.org/W2009638102","https://openalex.org/W2060678717","https://openalex.org/W2063466632","https://openalex.org/W2069832094","https://openalex.org/W2070037319","https://openalex.org/W2077721836","https://openalex.org/W4248198585"],"related_works":["https://openalex.org/W2899084033","https://openalex.org/W4235390613","https://openalex.org/W2361278909","https://openalex.org/W2352536444","https://openalex.org/W2349982312","https://openalex.org/W2388605575","https://openalex.org/W3034765317","https://openalex.org/W2369577326","https://openalex.org/W2335190812","https://openalex.org/W4214937936"],"abstract_inverted_index":{"Security":[0],"researchers":[1],"have":[2],"been":[3,61],"trying":[4],"to":[5,53,126],"understand":[6],"functioning":[7],"of":[8,64,90,103,109,170,187],"a":[9,36,81,184,208],"security":[10,16,29,65,147],"operation":[11,150,191],"center":[12],"(SOC)":[13],"and":[14,31,46,83,143,161,207],"how":[15],"analysts":[17,66,78,148],"perform":[18,154],"their":[19,50],"job.":[20],"This":[21],"effort":[22],"is":[23,33,95,99],"motivated":[24],"by":[25,140,179],"the":[26,44,88,107,155,163,167,176,180,188,201],"fact":[27],"that":[28,105],"monitoring":[30],"analysis":[32],"not":[34,73],"just":[35],"technical":[37],"problem.":[38,129],"Researchers":[39],"must":[40],"take":[41,122],"into":[42],"consideration":[43],"human":[45],"organizational":[47],"factors":[48],"for":[49],"research":[51],"ideas":[52],"succeed.":[54],"Much":[55],"work":[56,79],"towards":[57],"this":[58,128,194],"direction":[59],"has":[60],"through":[62,93],"interviews":[63,94],"in":[67,80,137,149,190],"SOCs.":[68],"Interviews,":[69],"however":[70],"useful,":[71],"will":[72],"be":[74],"always":[75],"possible":[76],"as":[77,146,158],"high-stress":[82],"time":[84],"constrained":[85],"environment.":[86],"Thus":[87],"understanding":[89],"operational":[91,164],"challenges":[92,189],"quite":[96],"shallow.":[97],"There":[98],"also":[100],"an":[101,111,115,123,141,159,171],"issue":[102],"trust":[104],"limits":[106],"amount":[108],"information":[110],"analyst":[112,160],"shares":[113],"with":[114,131],"interviewing":[116],"researcher.":[117],"In":[118,193],"our":[119],"work,":[120],"we":[121,182,196],"anthropological":[124,138],"approach":[125],"address":[127],"Students":[130],"Computer":[132],"Science":[133],"background":[134],"get":[135],"trained":[136],"methods":[139],"anthropologist":[142],"are":[144],"embedded":[145],"centers.":[151,192],"Embedded":[152],"students":[153,181],"same":[156],"job":[157],"see":[162],"world":[165],"from":[166],"view":[168],"point":[169],"analyst.":[172],"Through":[173],"reflection":[174],"on":[175,200],"observations":[177],"made":[178],"gain":[183],"holistic":[185],"perspective":[186],"paper":[195],"report":[197],"preliminary":[198],"results":[199],"ongoing":[202],"fieldwork":[203],"at":[204],"two":[205],"corporate":[206],"University":[209],"SOC.":[210]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":8},{"year":2018,"cited_by_count":5}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}