Abstract
An ever increasing number of critical missions rely today on complex Information Technology infrastructures, making such missions vulnerable to a wide range of potentially devastating cyber-attacks. Attackers can exploit network configurations and vulnerabilities to incrementally penetrate a network and compromise critical systems, thus rendering security monitoring and intrusion detection much more challenging. It is also evident from the ever growing number of high-profile cyber-attacks reported in the news that not only are cyber-attacks growing in sophistication but also in numbers. For these reasons, cyber-security analysts need to continuously monitor large amounts of alerts and data from a multitude of sensors in order to detect attacks in a timely manner and mitigate their impact. However—given the inherent complexity of the problem—manual analysis is labor-intensive and error-prone, and distracts the analyst from getting the “big picture” of the cyber situation.
The work of Sushil Jajodia and Massimiliano Albanese was supported in part by the Army Research Office under awards W911NF-13-1-0421, W911NF-09-1-0525, and W911NF-13-1-0317, and by the Office of Naval Research under awards N00014-12-1-0461 and N00014-13-1-0703.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
M. Albanese, S. Jajodia, and S. Noel. “Time-Efficient and Cost-Effective Network Hardening Using Attack Graphs”. In Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, Massachusetts, USA, June 25-28, 2012.
M. Albanese, S. Jajodia, A. Pugliese, and V. S. Subrahmanian. “Scalable Analysis of Attack Scenarios”. In Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS 2011), pages 416-433, Leuven, Belgium, September 12-14, 2011.
M. Albanese, A. Pugliese, and V. S. Subrahmanian. “Fast Activity Detection: Indexing for Temporal Stochastic Automaton based Activity Models”. IEEE Transactions on Knowledge and Data Engineering, 2013.
“Cyber Situational Awareness: Issues and Research”. S. Jajodia, P. Liu, V. Swarup, and C. Wang (Eds.), Vol. 46 of Advances in Information Security, Springer, 2010.
H. Gardner. “The Mind’s New Science: A History of the Cognitive Revolution”, Basic Books, 1987.
P. Johnson-Laird, “How We Reason”, Oxford University Press, 2006.
M. Endsley. “Toward a theory of situation awareness in dynamic systems”. In Human Factors Journal, volume 37(1), pages 32–64, March 1995.
D. S. Alberts, J. J. Garstka, R. E. Hayes, and D. A. Signori. “Understanding information age warfare”. In DoD Command and Control Research Program Publication Series, 2001.
P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, graph-based network vulnerability analysis,” in Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), pp. 217–224, Washington, DC, USA, November 2002.
C. Phillips and L. P. Swiler, “A graph-based system for network-vulnerability analysis,” in Proceedings of the New Security Paradigms Workshop (NSPW 1998), pp. 71–79, Charlottesville, VA, USA, September 1998.
S. Jajodia, S. Noel, P. Kalapa, M. Albanese, and J. Williams, “Cauldron: Mission-centric cyber situational awareness with defense in depth,” in Proceedings of the Military Communications Conference (MILCOM 2011), Baltimore, MD, USA, November 2011.
L. Wang, A. Liu, and S. Jajodia, “Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts,” Computer Communications, vol. 29, no. 15, pp. 2917–2933, September 2006.
M. Albanese, S. Jajodia, A. Singhal, and L. Wang. “An Efficient Approach to Assessing the Risk of Zero-Day Vulnerabilities”. In Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), Reykjavìk, Iceland, July 29-31, 2013.
H. Cam, P. Mouallem, Y. Mo, B. Sinopoli, and B. Nkrumah, “Modeling Impact of Attacks, Recovery, and Attackability Conditions for Situational Awareness”, Proc. of 2014 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), March 3-6, 2014, San Antonio, TX, USA.
P. Xie, J.H. Li, X. Ou, P. Liu, and R. Levy, “Using Bayesian Networks for Cyber Security Analysis,” Proc. of 2010 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2010.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Albanese, M., Cam, H., Jajodia, S. (2014). Automated Cyber Situation Awareness Tools and Models for Improving Analyst Performance. In: Pino, R., Kott, A., Shevenell, M. (eds) Cybersecurity Systems for Human Cognition Augmentation. Advances in Information Security, vol 61. Springer, Cham. https://doi.org/10.1007/978-3-319-10374-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-10374-7_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10373-0
Online ISBN: 978-3-319-10374-7
eBook Packages: Computer ScienceComputer Science (R0)