Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications

Georgi Nikolov, Axelle Perez, Wim Mees

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In recent years the technology field has grown exponentially, bringing with it new possibilities, but also new threats. This rapid advancement has created fertile grounds for new sophisticated cyber attacks, exhibiting a high degree of complexity. In an ever evolving cyber landscape, organizations need to dedicate valuable resources in enhancing their understanding of emergent threats for the purposes of identification, analysis and mitigation. To accomplish this task, they rely on Cyber Situation Awareness (CSA), a framework designed for the purposes of managing the virtual environment. This is achieved through the perception and comprehension of the behaviors therein, be that benign or malicious, followed by modeling the future state of the environment based on the gathered information. In this paper, we will discuss how exactly the theory of Situation Awareness has been applied to the cyber domain. Further on, we will present various techniques used for handling the large quantity of complex data and managing the dynamic nature of the environment by Cyber Situation Operation Centers (CSOC) and discuss in detail a number of methodologies that have been designed for the evaluation of the level of CSA. Finally, we will provide specific examples of simulated scenarios for the application of the CSA assessment techniques.

Original languageEnglish
Title of host publicationARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings
PublisherAssociation for Computing Machinery
ISBN (Electronic)9798400717185
DOIs
Publication statusPublished - 30 Jul 2024
Event19th International Conference on Availability, Reliability and Security, ARES 2024 - Vienna, Austria
Duration: 30 Jul 20242 Aug 2024

Publication series

NameACM International Conference Proceeding Series

Conference

Conference19th International Conference on Availability, Reliability and Security, ARES 2024
Country/TerritoryAustria
CityVienna
Period30/07/242/08/24

Keywords

  • Assessment
  • Cyber Situation Awareness
  • Evaluation Methodologies
  • Visualization

Fingerprint

Dive into the research topics of 'Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications'. Together they form a unique fingerprint.

Cite this