{"id":"https://openalex.org/W3207310711","doi":"https://doi.org/10.1145/3491266","title":"<tt>SAIBERSOC</tt> : A Methodology and Tool for Experimenting with Security Operation Centers","display_name":"<tt>SAIBERSOC</tt> : A Methodology and Tool for Experimenting with Security Operation Centers","publication_year":2021,"publication_date":"2021-10-15","ids":{"openalex":"https://openalex.org/W3207310711","doi":"https://doi.org/10.1145/3491266","mag":"3207310711"},"language":"en","primary_location":{"id":"doi:10.1145/3491266","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491266","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491266","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3491266","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075851883","display_name":"Martin Rosso","orcid":null},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Martin Rosso","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, The Netherlands","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014328930","display_name":"Michele Campobasso","orcid":"https://orcid.org/0000-0002-5247-7711"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Michele Campobasso","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, The Netherlands","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000308195","display_name":"Ganduulga Gankhuyag","orcid":null},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Ganduulga Gankhuyag","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, The Netherlands","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047635330","display_name":"Luca Allodi","orcid":"https://orcid.org/0000-0003-1600-0868"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Luca Allodi","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, The Netherlands","institution_ids":["https://openalex.org/I83019370"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5075851883"],"corresponding_institution_ids":["https://openalex.org/I83019370"],"apc_list":null,"apc_paid":null,"fwci":0.4801,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.67745606,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"3","issue":"2","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.792994499206543},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.774437665939331},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.7408981919288635},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.444252073764801},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3827762007713318},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.32572996616363525},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.26885032653808594},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1694544553756714},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1244342029094696},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.07352229952812195},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.06846392154693604}],"concepts":[{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.792994499206543},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.774437665939331},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.7408981919288635},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.444252073764801},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3827762007713318},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.32572996616363525},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.26885032653808594},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1694544553756714},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1244342029094696},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.07352229952812195},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.06846392154693604},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3491266","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491266","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491266","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},{"id":"pmh:oai:pure.tue.nl:openaire_cris_publications/b2efc7a0-a710-4b61-9dc2-2084841a8297","is_oa":true,"landing_page_url":"https://research.tue.nl/en/publications/b2efc7a0-a710-4b61-9dc2-2084841a8297","pdf_url":"https://pure.tue.nl/ws/files/236483089/3491266.pdf","source":{"id":"https://openalex.org/S4406922641","display_name":"TU/e Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Rosso, M, Campobasso, M, Gankhuyag, G & Allodi, L 2022, 'SAIBERSOC: A Methodology and Tool for Experimenting with Security Operation Centers', Digital Threats: Research and Practice, vol. 3, no. 2, 14. https://doi.org/10.1145/3491266","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:tue:oai:pure.tue.nl:publications/b2efc7a0-a710-4b61-9dc2-2084841a8297","is_oa":true,"landing_page_url":"https://research.tue.nl/nl/publications/b2efc7a0-a710-4b61-9dc2-2084841a8297","pdf_url":null,"source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Digital Threats: Research and Practice, 3(2):14. Association for Computing Machinery, Inc","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1145/3491266","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491266","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491266","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.6299999952316284}],"awards":[{"id":"https://openalex.org/G5994511833","display_name":null,"funder_award_id":"628.001.032","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G620320933","display_name":null,"funder_award_id":"ITEA191010","funder_id":"https://openalex.org/F4320314237","funder_display_name":"Rijksdienst voor Ondernemend Nederland"}],"funders":[{"id":"https://openalex.org/F4320313144","display_name":"ITEA","ror":null},{"id":"https://openalex.org/F4320314237","display_name":"Rijksdienst voor Ondernemend Nederland","ror":null},{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320325600","display_name":"ITEA3","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3207310711.pdf","grobid_xml":"https://content.openalex.org/works/W3207310711.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W290488650","https://openalex.org/W1516506771","https://openalex.org/W1971741211","https://openalex.org/W1984464777","https://openalex.org/W2037640035","https://openalex.org/W2040576886","https://openalex.org/W2089020037","https://openalex.org/W2089241088","https://openalex.org/W2130596812","https://openalex.org/W2337825783","https://openalex.org/W2546579087","https://openalex.org/W2561957589","https://openalex.org/W2588452010","https://openalex.org/W2593932391","https://openalex.org/W2679033717","https://openalex.org/W2808451969","https://openalex.org/W2889665541","https://openalex.org/W2893240802","https://openalex.org/W2910238433","https://openalex.org/W2911497405","https://openalex.org/W2954272346","https://openalex.org/W2984363868","https://openalex.org/W2986291326","https://openalex.org/W3000845437","https://openalex.org/W3008494645","https://openalex.org/W3024503976","https://openalex.org/W3040658903","https://openalex.org/W3120092047","https://openalex.org/W3128155874","https://openalex.org/W4230311321","https://openalex.org/W4246939875"],"related_works":["https://openalex.org/W1485630101","https://openalex.org/W2498017833","https://openalex.org/W112744582","https://openalex.org/W2966858528","https://openalex.org/W3192902148","https://openalex.org/W2965980968","https://openalex.org/W2151687600","https://openalex.org/W1920259731","https://openalex.org/W3113318878","https://openalex.org/W3207310711"],"abstract_inverted_index":{"In":[0],"this":[1],"article,":[2],"we":[3,87],"introduce":[4],"SAIBERSOC":[5,145],"(Synthetic":[6],"Attack":[7],"Injection":[8],"to":[9,28,53,57,68,111],"Benchmark":[10],"and":[11,21,26,34,59,108,150],"Evaluate":[12],"the":[13,30,49,81,84,95,124,144],"Performance":[14],"of":[15,32,73,83,97],"Security":[16,36],"Operation":[17,37],"Centers),":[18],"a":[19,55,104,113,116],"tool":[20,146],"methodology":[22,46,126],"enabling":[23],"security":[24,42],"researchers":[25],"operators":[27],"evaluate":[29,69,80],"performance":[31,134],"deployed":[33],"operational":[35,66],"Centers":[38],"(SOC)\u2014or":[39],"any":[40,70],"other":[41],"monitoring":[43],"infrastructure.":[44],"The":[45,100],"relies":[47,102],"on":[48,103],"MITRE":[50],"ATT&amp;CK":[51],"Framework":[52],"define":[54],"procedure":[56],"generate":[58],"automatically":[60],"inject":[61],"synthetic":[62],"attacks":[63],"in":[64,129,132,139],"an":[65,89],"SOC":[67,98,106,133,140],"output":[71],"metric":[72],"interest":[74],"(e.g.,":[75],"detection":[76],"accuracy,":[77],"time-to-investigation).":[78],"To":[79],"effectiveness":[82],"proposed":[85,125],"methodology,":[86],"devise":[88],"experiment":[90,101],"with":[91],"n=124":[92],"students":[93,110],"playing":[94],"role":[96],"analysts.":[99],"real":[105],"infrastructure":[107],"assigns":[109],"either":[112],"BADSOC":[114],"or":[115],"GOODSOC":[117],"experimental":[118],"condition.":[119],"Our":[120],"results":[121],"show":[122],"that":[123],"is":[127],"effective":[128],"identifying":[130],"variations":[131],"caused":[135],"by":[136],"(minimal)":[137],"changes":[138],"configuration.":[141],"We":[142],"release":[143],"implementation":[147],"as":[148],"free":[149],"open":[151],"source":[152],"software.":[153]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}