TY - GEN
T1 - Enhancing Cyber Situation Awareness
T2 - International Workshops on Availability, Reliability and Security, held under the umbrella of the 20th International conference on Availability, Reliability and Security, ARES 2025
AU - Nikolov, Georgi
AU - Varga, Margaret
AU - Panganiban, April Rose
AU - Kullman, Kaur
AU - Lavigne, Valérie
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.
PY - 2025
Y1 - 2025
N2 - In recent years the field of Information Technologies has become ubiquitous, it is used to implement and manage private, public, government and military installations. This has led to massive growth in the threat landscape, attackers have ample time, resources, technologies and tools to design highly sophisticated attacks implementing Zero-Day Vulnerabilities and complex algorithms using polymorphic behaviour, putting a major strain on defenders. Rapid advancement of Advanced Persistent Threats (APT) poses a major security risk for online services, but even more so for critical government, financial, healthcare and military infrastructures. The difficulty in counteracting APTs is amplified by the increasing challenge of identifying and preparing countermeasures in time. There is ample research and documentation available, describing the life-cycle of various APTs and their Tactics Techniques and Practices (TTPs), but a lack of deeper understanding hinders timely detection to halt the attack. To better understand APTs and how they function, we propose addressing emergent cyber attacks from the perspective of Complex Systems and the application of Visual Analytics and visualization to enhance the level of understanding and Situation Awareness. In this paper, we discuss how we can analyse APTs from a Complex System perspective, the visualization techniques and visual analytics approaches used and how they can be applied for better detection, understanding and management.
AB - In recent years the field of Information Technologies has become ubiquitous, it is used to implement and manage private, public, government and military installations. This has led to massive growth in the threat landscape, attackers have ample time, resources, technologies and tools to design highly sophisticated attacks implementing Zero-Day Vulnerabilities and complex algorithms using polymorphic behaviour, putting a major strain on defenders. Rapid advancement of Advanced Persistent Threats (APT) poses a major security risk for online services, but even more so for critical government, financial, healthcare and military infrastructures. The difficulty in counteracting APTs is amplified by the increasing challenge of identifying and preparing countermeasures in time. There is ample research and documentation available, describing the life-cycle of various APTs and their Tactics Techniques and Practices (TTPs), but a lack of deeper understanding hinders timely detection to halt the attack. To better understand APTs and how they function, we propose addressing emergent cyber attacks from the perspective of Complex Systems and the application of Visual Analytics and visualization to enhance the level of understanding and Situation Awareness. In this paper, we discuss how we can analyse APTs from a Complex System perspective, the visualization techniques and visual analytics approaches used and how they can be applied for better detection, understanding and management.
KW - Advanced Persistent Threat
KW - Complex Systems
KW - Visual Analytics
KW - Visual Hierarchy
KW - Visualization
UR - https://www.scopus.com/pages/publications/105015520765
U2 - 10.1007/978-3-032-00633-2_6
DO - 10.1007/978-3-032-00633-2_6
M3 - Conference contribution
AN - SCOPUS:105015520765
SN - 9783032006325
T3 - Lecture Notes in Computer Science
SP - 90
EP - 107
BT - Availability, Reliability and Security - ARES 2025 International Workshops, Proceedings
A2 - Coppens, Bart
A2 - Volckaert, Bruno
A2 - De Sutter, Bjorn
A2 - Naessens, Vincent
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 11 August 2025 through 14 August 2025
ER -