UET.SIR: An e-Government Information Security Incident Management Support Solution

Authors

  • Lê Hồng Hải
  • Nguyễn Ngọc Hóa
  • Phùng Văn Ổn
  • Tống Minh Đức
  • Ngô Quang Huy

DOI:

https://doi.org/10.54654/isj.v1i16.267

Keywords:

information security incident, information security incident evidence, information security incident handling

Tóm tắt

Abstract This paper presents the results of research on building solutions to support information security incident handling in organizations. The proposed solution includes both the procedure for information security incident handling, and the UET.SIR system for supporting information security handling. The process is built on a combination of national and international standards, but is customized to suit e-government practices. The UET.SIR system includes a dedicated USB for collecting digital evidence of ATTT incidents and central software with evidence analysis functions to detect the cause and provide support incident handling. The test results of the UET.SIR system at the Ministry of Natural Resources and Environment have initially demonstrated its practical applicability and support for information security incident handling.

Downloads

Download data is not yet available.

References

. T. Sethi and R. Mathew, "A Study on Advancement in Honeypot based Network Security Model," 2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV), 2021, pp. 94-97.

. Ổn, P. V., Hà, L. V., & Hóa, N. N. (2022). Giải pháp đánh giá và quản lý rủi ro an toàn thông tin trong Chính phủ điện tử. Journal of Science and Technology on Information Security, 1(13), 35-48. https://doi.org/10.54654/isj.v1i13.144

. Shiva V. N Parasram (2017): Digital Forensics with Kali Linux. Packt Publisher.

. Ir – Rescue, URL: https://github.com/diogo-fernan/ir-rescue.

. S. B. Deb and A. Chetry, "USB Device Forensics: Insertion and removal timestamps of USB devices in Windows 8," 2015 International Symposium on Advanced Computing and Communication (ISACC), Silchar, 2015, pp. 364-371.

. Sajedul Talukder1 (2020), Tools and Techniques for Malware Detection and Analysis.

. Abhishek Srivastav, Irman Ali (2014), “Network Forensics an emerging approach to an network analysis”, International Journal of Computer Science & Engineering Technology (IJCSET). Vol. 5 No. 02 Feb 2014, pp 118-123.

. Samir Datt (2016), Learning Network Forensics. Packt Publishing, Birmingham, UK

. M. Cohen, "Forensic analysis of windows user space applications through heap allocations," 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 2015, pp. 237-244.

. Y.C. Liao and H. Langweg, "Events and causal factors charting of kernel traces for root cause analysis," 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 2015, pp. 245-250.

. Sajedul Talukder1 and Zahidur Talukder, A survey on malware detection and analysis tools, International Journal of Network Security & Its Applications (IJNSA) Vol. 12, No.2, March 2020, pp 37-57.

. ISO/IEC 27035:2016— Information technology — Security techniques — Information security incident management.

. ISO/IEC 27037:2012 — Information technology — Security techniques — Guidelines for identification, collection, acquisition, and preservation of digital evidence.

. ISO/IEC 27042:2015— Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence.

. Nguyễn Ngọc Hóa, Phùng Văn Ổn (2021): Báo cáo tổng hợp kết quả đề tài nghiên cứu cấp Quốc gia về "Nghiên cứu, xây dựng hệ thống đánh giá, quản lý rủi ro và hỗ trợ xử lý sự cố an toàn thông tin trong chính phủ điện tử", mã số KC01.19/16-20.

. Lê Hồng Hải, Phùng Văn Ổn, Tống Minh Đức, Ngô Quang Huy, Nguyễn Ngọc Hóa, “UET.SIR: Giải pháp hỗ trợ xử lý sự cố an toàn thông tin trong chính phủ điện tử”, kỷ yếu hội thảo Một số vấn đề chọn lọc của Công nghệ thông tin và Truyền thông", 2021.

Downloads

Abstract views: 146 / PDF downloads: 103

Published

2023-02-13

How to Cite

Hải, L. H., Hóa, N. N., Ổn, P. V., Đức, T. M., & Huy, N. Q. (2023). UET.SIR: An e-Government Information Security Incident Management Support Solution. Journal of Science and Technology on Information Security, 2(16), 14-23. https://doi.org/10.54654/isj.v1i16.267

Issue

Section

Papers