A comprehensive research on Cyber Security Operations System (SOC): Modeling, Architectures and Classifications

The cyber safety threats can be caused due to viruses, hackers, identifying thieves, spyware. The virus infects the computer through the email attachment and file sharing. One infected computer can cause problems to all the computer networks. A people who trespass the computer from a remote location are considered as Hackers. These people use a computer to send spam or viruses or do other activities that cause computer malfunction. In the case of identifying thieves, the people who obtain unauthorized access to the personal information like social security, and financial account numbers are considered. Spyware is software that piggybacks on programs that are downloaded and gathers information about online habits and transmits personal information without the user’s knowledge.Cyber security operations Centre (CSOC) is an essential business control aimed to protect ICT systems and support an organization’s Cyber Defense Strategy. Its overarching purpose is to ensure that incidents are identified and managed to resolution swiftly, and to maintain safe & secure business operations and services for the organization. A CSOC framework is proposed comprising Log Collection, Analysis, Incident Response, Reporting, Personnel and Continuous Monitoring.