Skip to main content
SpringerLink
Log in
Book cover

Theory and Models for Cyber Situation Awareness pp 29–46Cite as

An Integrated Framework for Cyber Situation Awareness

  • Chapter
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10030))

Abstract

In this chapter, we present a framework that integrates an array of techniques and automated tools designed with the objective of drastically enhancing the Cyber Situation Awareness process. This framework incorporates the theory and the tools we developed to answer – automatically and efficiently – some of the fundamental questions security analysts may need to ask in the context of Cyber Situation Awareness. Most of the work presented in this chapter is the result of the research effort conducted by the authors as part of a the Multidisciplinary University Research Initiative project sponsored by the Army Research Office that was mentioned in the introductory chapter. We present the key challenges the research community has been called to address in this space, and describe our major accomplishments in tackling those challenges.

This work was supported in part by the Army Research Office MURI awards number W911NF-09-1-0525 and W911NF-13-1-0421 and by the Office of Naval Research grant number N00014-15-1-2007.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Albanese, M., Jajodia, S.: Formation of awareness. In: Kott, A., Wang, C., Erbacher, R.F. (eds.) Cyber Defense and Situational Awareness. Advances in Information Security, vol. 62, pp. 47–62. Springer, Cham (2014)

    Google Scholar 

  2. Albanese, M., Erbacher, R.F., Jajodia, S., Molinaro, C., Persia, F., Picariello, A., Sperlì, G., Subrahmanian, V.: Recognizing unexplained behavior in network traffic. In: Pino, R.E. (ed.) Network Science and Cybersecurity. Advances in Information Security, vol. 55, pp. 39–62. Springer, New York (2014)

    Chapter  Google Scholar 

  3. Albanese, M., Jajodia, S., Noel, S.: Time-efficient and cost-effective network hardening using attack graphs. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, June 2012

    Google Scholar 

  4. Albanese, M., Jajodia, S., Pugliese, A., Subrahmanian, V.S.: Scalable analysis of attack scenarios. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 416–433. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23822-2_23

    Chapter  Google Scholar 

  5. Albanese, M., Jajodia, S., Singhal, A., Wang, L.: An efficient approach to assessing the risk of zero-day. In: Samarati, P. (ed.) Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), pp. 207–218. SciTePress, Reykjavík (2013)

    Google Scholar 

  6. Jajodia, S., Noel, S.: Topological vulnerability analysis. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness. Advances in Information Security, vol. 46, pp. 139–154. Springer, New York (2010)

    Chapter  Google Scholar 

  7. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron: mission-centric cyber situational awareness with defense in depth. In: Proceedings of the Military Communications Conference (MILCOM 2011), Baltimore, pp. 1339–1344, November 2011

    Google Scholar 

  8. Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches, and Challenges, Massive Computing, vol. 5, pp. 247–266. Springer, New York (2005)

    Chapter  Google Scholar 

  9. Leversage, D.J., Byres, E.J.: Estimating a system’s mean time-to-compromise. IEEE Secur. Priv. 6(1), 52–60 (2008)

    Article  Google Scholar 

  10. McHugh, J.: Quality of protection: measuring the unmeasurable? In: Proceedings of the 2nd ACM Workshop on Quality of Protection (QoP 2006), pp. 1–2. ACM, Alexandria, October 2006

    Google Scholar 

  11. Natrajan, A., Ning, P., Liu, Y., Jajodia, S., Hutchinson, S.E.: NSDMine: automated discovery of network service dependencies. In: Proceedings of the 31st Annual International Conference on Computer Communications (INFOCOM 2012), Orlando, pp. 2507–2515, March 2012

    Google Scholar 

  12. Nazzicari, N., Almillategui, J., Stavrou, A., Jajodia, S.: Switchwall: automated topology fingerprinting and behavior deviation identification. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 161–176. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38004-4_11

    Chapter  Google Scholar 

  13. Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the ACM CCS Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC 2004), pp. 109–118. ACM, Fairfax, October 2004

    Google Scholar 

  14. Wang, L., Jajodia, S., Singhal, A., Noel, S.: k-zero day safety: measuring the security risk of networks against unknown attacks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 573–587. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15497-3_35

    Chapter  Google Scholar 

  15. Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Comput. Commun. 29(18), 3812–3824 (2006)

    Article  Google Scholar 

  16. Wang, L., Zhang, M., Jajodia, S., Singhal, A., Albanese, M.: Modeling network diversity for evaluating the robustness of networks against zero-day attacks. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 494–511. Springer, Cham (2014). doi:10.1007/978-3-319-11212-1_28

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030, USA

    Sushil Jajodia & Massimiliano Albanese

Authors
  1. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Massimiliano Albanese
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimiliano Albanese .

Editor information

Editors and Affiliations

  1. Pennsylvania State University, University Park, Pennsylvania, USA

    Peng Liu

  2. George Mason University, Fairfax, Virginia, USA

    Sushil Jajodia

  3. Army Research Office, Research Triangle Park, North Carolina, USA

    Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Jajodia, S., Albanese, M. (2017). An Integrated Framework for Cyber Situation Awareness. In: Liu, P., Jajodia, S., Wang, C. (eds) Theory and Models for Cyber Situation Awareness. Lecture Notes in Computer Science(), vol 10030. Springer, Cham. https://doi.org/10.1007/978-3-319-61152-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-61152-5_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-61151-8

  • Online ISBN: 978-3-319-61152-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation