Demo: Akatosh: Automated cyber incident verification and impact analysis

Jared M. Smith; Elliot Greenlee; Aaron Ferber

doi:10.1145/3133956.3138854

Demo: Akatosh: Automated cyber incident verification and impact analysis

Jared M. Smith, Elliot Greenlee, Aaron Ferber

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Akatosh, a U.S. Department of Homeland Security Transition to Practice Program (TTP) project developed by Oak Ridge National Laboratory with industry and academic partnership, enables automated, real-time forensic analysis of endpoints a.er malwarea .acks and other cyber security incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. It achieves this by integrating intrusion detection systems (IDS) with forensic tools. .e combination allows Akatosh to collect vast amounts of endpoint data and assists in verifying, tracking, and analyzing endpoints in real time. .is provides operations personnel and analysts as well as managers and executives with continuous feedback on the impact of malicious so.ware and other security incidents on endpoints in their network.

Original language	English
Title of host publication	CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	2463-2465
Number of pages	3
ISBN (Electronic)	9781450349468
DOIs	https://doi.org/10.1145/3133956.3138854
State	Published - Oct 30 2017
Externally published	Yes
Event	24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 - Dallas, United States Duration: Oct 30 2017 → Nov 3 2017

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
Country/Territory	United States
City	Dallas
Period	10/30/17 → 11/3/17

Keywords

Breach Remediation
Endpoint Security
Forensic Analysis
Incident Response

Access to Document

10.1145/3133956.3138854

Cite this

Smith, J. M., Greenlee, E., & Ferber, A. (2017). Demo: Akatosh: Automated cyber incident verification and impact analysis. In CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 2463-2465). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3133956.3138854

@inproceedings{fb437a01e00043caa20cbdaad2c069d0,

title = "Demo: Akatosh: Automated cyber incident verification and impact analysis",

abstract = "Akatosh, a U.S. Department of Homeland Security Transition to Practice Program (TTP) project developed by Oak Ridge National Laboratory with industry and academic partnership, enables automated, real-time forensic analysis of endpoints a.er malwarea .acks and other cyber security incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. It achieves this by integrating intrusion detection systems (IDS) with forensic tools. .e combination allows Akatosh to collect vast amounts of endpoint data and assists in verifying, tracking, and analyzing endpoints in real time. .is provides operations personnel and analysts as well as managers and executives with continuous feedback on the impact of malicious so.ware and other security incidents on endpoints in their network.",

keywords = "Breach Remediation, Endpoint Security, Forensic Analysis, Incident Response",

author = "Smith, \{Jared M.\} and Elliot Greenlee and Aaron Ferber",

note = "Publisher Copyright: {\textcopyright} 2017 author(s).; 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 ; Conference date: 30-10-2017 Through 03-11-2017",

year = "2017",

month = oct,

day = "30",

doi = "10.1145/3133956.3138854",

language = "English",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "2463--2465",

booktitle = "CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security",

}

Smith, JM, Greenlee, E & Ferber, A 2017, Demo: Akatosh: Automated cyber incident verification and impact analysis. in CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 2463-2465, 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, United States, 10/30/17. https://doi.org/10.1145/3133956.3138854

Demo: Akatosh: Automated cyber incident verification and impact analysis. / Smith, Jared M.; Greenlee, Elliot; Ferber, Aaron.
CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2017. p. 2463-2465 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Demo

T2 - 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017

AU - Smith, Jared M.

AU - Greenlee, Elliot

AU - Ferber, Aaron

PY - 2017/10/30

Y1 - 2017/10/30

N2 - Akatosh, a U.S. Department of Homeland Security Transition to Practice Program (TTP) project developed by Oak Ridge National Laboratory with industry and academic partnership, enables automated, real-time forensic analysis of endpoints a.er malwarea .acks and other cyber security incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. It achieves this by integrating intrusion detection systems (IDS) with forensic tools. .e combination allows Akatosh to collect vast amounts of endpoint data and assists in verifying, tracking, and analyzing endpoints in real time. .is provides operations personnel and analysts as well as managers and executives with continuous feedback on the impact of malicious so.ware and other security incidents on endpoints in their network.

AB - Akatosh, a U.S. Department of Homeland Security Transition to Practice Program (TTP) project developed by Oak Ridge National Laboratory with industry and academic partnership, enables automated, real-time forensic analysis of endpoints a.er malwarea .acks and other cyber security incidents by automatically maintaining detailed snapshots of host-level activity on endpoints over time. It achieves this by integrating intrusion detection systems (IDS) with forensic tools. .e combination allows Akatosh to collect vast amounts of endpoint data and assists in verifying, tracking, and analyzing endpoints in real time. .is provides operations personnel and analysts as well as managers and executives with continuous feedback on the impact of malicious so.ware and other security incidents on endpoints in their network.

KW - Breach Remediation

KW - Endpoint Security

KW - Forensic Analysis

KW - Incident Response

UR - https://www.scopus.com/pages/publications/85041437490

U2 - 10.1145/3133956.3138854

DO - 10.1145/3133956.3138854

M3 - Conference contribution

AN - SCOPUS:85041437490

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 2463

EP - 2465

BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

Y2 - 30 October 2017 through 3 November 2017

ER -

Demo: Akatosh: Automated cyber incident verification and impact analysis

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this