Visible to the public Biblio

Filters: Keyword is cyber situation awareness  [Clear All Filters]
2020-07-06
Mason, Andrew, Zhao, Yifan, He, Hongmei, Gompelman, Raymon, Mandava, Srikanth.  2019.  Online Anomaly Detection of Time Series at Scale. 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–8.
Cyber breaches can result in disruption to business operations, reputation damage as well as directly affecting the financial stability of the targeted corporations, with potential impacts on future profits and stock values. Automatic network-stream monitoring becomes necessary for cyber situation awareness, and time-series anomaly detection plays an important role in network stream monitoring. This study surveyed recent research on time-series analysis methods in respect of parametric and non-parametric techniques, and popular machine learning platforms for data analysis on streaming data on both single server and cloud computing environments. We believe it provides a good reference for researchers in both academia and industry to select suitable (time series) data analysis techniques, and computing platforms, dependent on the data scale and real-time requirements.
2019-01-21
Cho, S., Han, I., Jeong, H., Kim, J., Koo, S., Oh, H., Park, M..  2018.  Cyber Kill Chain based Threat Taxonomy and its Application on Cyber Common Operational Picture. 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–8.

Over a decade, intelligent and persistent forms of cyber threats have been damaging to the organizations' cyber assets and missions. In this paper, we analyze current cyber kill chain models that explain the adversarial behavior to perform advanced persistent threat (APT) attacks, and propose a cyber kill chain model that can be used in view of cyber situation awareness. Based on the proposed cyber kill chain model, we propose a threat taxonomy that classifies attack tactics and techniques for each attack phase using CAPEC, ATT&CK that classify the attack tactics, techniques, and procedures (TTPs) proposed by MITRE. We also implement a cyber common operational picture (CyCOP) to recognize the situation of cyberspace. The threat situation can be represented on the CyCOP by applying cyber kill chain based threat taxonomy.

2015-05-05
Kotenko, I., Novikova, E..  2014.  Visualization of Security Metrics for Cyber Situation Awareness. Availability, Reliability and Security (ARES), 2014 Ninth International Conference on. :506-513.

One of the important direction of research in situational awareness is implementation of visual analytics techniques which can be efficiently applied when working with big security data in critical operational domains. The paper considers a visual analytics technique for displaying a set of security metrics used to assess overall network security status and evaluate the efficiency of protection mechanisms. The technique can assist in solving such security tasks which are important for security information and event management (SIEM) systems. The approach suggested is suitable for displaying security metrics of large networks and support historical analysis of the data. To demonstrate and evaluate the usefulness of the proposed technique we implemented a use case corresponding to the Olympic Games scenario.