Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications

Georgi Nikolov, Axelle Perez, Wim Mees

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdragepeer review

Samenvatting

In recent years the technology field has grown exponentially, bringing with it new possibilities, but also new threats. This rapid advancement has created fertile grounds for new sophisticated cyber attacks, exhibiting a high degree of complexity. In an ever evolving cyber landscape, organizations need to dedicate valuable resources in enhancing their understanding of emergent threats for the purposes of identification, analysis and mitigation. To accomplish this task, they rely on Cyber Situation Awareness (CSA), a framework designed for the purposes of managing the virtual environment. This is achieved through the perception and comprehension of the behaviors therein, be that benign or malicious, followed by modeling the future state of the environment based on the gathered information. In this paper, we will discuss how exactly the theory of Situation Awareness has been applied to the cyber domain. Further on, we will present various techniques used for handling the large quantity of complex data and managing the dynamic nature of the environment by Cyber Situation Operation Centers (CSOC) and discuss in detail a number of methodologies that have been designed for the evaluation of the level of CSA. Finally, we will provide specific examples of simulated scenarios for the application of the CSA assessment techniques.

Originele taal-2Engels
TitelARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings
UitgeverijAssociation for Computing Machinery
ISBN van elektronische versie9798400717185
DOI's
StatusGepubliceerd - 30 jul. 2024
Evenement19th International Conference on Availability, Reliability and Security, ARES 2024 - Vienna, Oostenrijk
Duur: 30 jul. 20242 aug. 2024

Publicatie series

NaamACM International Conference Proceeding Series

Congres

Congres19th International Conference on Availability, Reliability and Security, ARES 2024
Land/RegioOostenrijk
StadVienna
Periode30/07/242/08/24

Vingerafdruk

Duik in de onderzoeksthema's van 'Evaluation of Cyber Situation Awareness - Theory, Techniques and Applications'. Samen vormen ze een unieke vingerafdruk.

Citeer dit