Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications

Georgi Nikolov, Axelle Perez, Wim Mees

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

Abstract

In recent years the technology field has grown exponentially, bringing with it new possibilities, but also new threats. This rapid advancement has created fertile grounds for new sophisticated cyber attacks, exhibiting a high degree of complexity. In an ever evolving cyber landscape, organizations need to dedicate valuable resources in enhancing their understanding of emergent threats for the purposes of identification, analysis and mitigation. To accomplish this task, they rely on Cyber Situation Awareness (CSA), a framework designed for the purposes of managing the virtual environment. This is achieved through the perception and comprehension of the behaviors therein, be that benign or malicious, followed by modeling the future state of the environment based on the gathered information. In this paper, we will discuss how exactly the theory of Situation Awareness has been applied to the cyber domain. Further on, we will present various techniques used for handling the large quantity of complex data and managing the dynamic nature of the environment by Cyber Situation Operation Centers (CSOC) and discuss in detail a number of methodologies that have been designed for the evaluation of the level of CSA. Finally, we will provide specific examples of simulated scenarios for the application of the CSA assessment techniques.

OriginalspracheEnglisch
TitelARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings
Herausgeber (Verlag)Association for Computing Machinery
ISBN (elektronisch)9798400717185
DOIs
PublikationsstatusVeröffentlicht - 30 Juli 2024
Veranstaltung19th International Conference on Availability, Reliability and Security, ARES 2024 - Vienna, Österreich
Dauer: 30 Juli 20242 Aug. 2024

Publikationsreihe

NameACM International Conference Proceeding Series

Konferenz

Konferenz19th International Conference on Availability, Reliability and Security, ARES 2024
Land/GebietÖsterreich
OrtVienna
Zeitraum30/07/242/08/24

Fingerprint

Untersuchen Sie die Forschungsthemen von „Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren