All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

On the Provision of Network-Wide Cyber Situational Awareness via Graph-Based Analytics

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F23%3A00130688" target="_blank" >RIV/00216224:14610/23:00130688 - isvavai.cz</a>

  • Result on the web

    <a href="https://link.springer.com/chapter/10.1007/978-3-031-44355-8_12" target="_blank" >https://link.springer.com/chapter/10.1007/978-3-031-44355-8_12</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-031-44355-8_12" target="_blank" >10.1007/978-3-031-44355-8_12</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    On the Provision of Network-Wide Cyber Situational Awareness via Graph-Based Analytics

  • Original language description

    In this paper, we posit how semi-static (i.e., not changing very often) complex computer network-based intelligence using graphbased analytics can become enablers of Cyber Situational Awareness (CSA) (i.e., perception, comprehension, and projection of situations in a cyber environment). A plethora of newly surfaced cyber security researchers have used graph-based analytics to facilitate particular down tasks in dynamic complex cyber environments. This includes graph-, node- and edge-level detection, classification, and others (e.g., credit card fraudulent transactions as an edge classification problem). To the best of our knowledge, very limited efforts have consolidated the outputs of heterogeneous computer network monitoring and reconnaissance tools (e.g., Nmap) in enabling actionable CSA. As such, in this work, we address this literature gap while describing several use cases of graph traversal, graph measures, and subgraph mining in vulnerability and security state assessment, attack projection and mitigation, and device criticality estimation. We highlight the benefits of the graph-based approaches compared to traditional methods. Finally, we postulate open research and application challenges in graph-based analytics for CSA to prompt promising research directions and operational capabilities.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

    <a href="/en/project/EH22_010%2F0003229" target="_blank" >EH22_010/0003229: MSCAfellow5_MUNI</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2023

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Complex Computational Ecosystems

  • ISBN

    9783031443541

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    13

  • Pages from-to

    167-179

  • Publisher name

    Springer Nature

  • Place of publication

    Cham, Switzerland

  • Event location

    Baku

  • Event date

    Apr 25, 2023

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Cyber Situation Awareness via IP Flow MonitoringSurvey of Attack Projection, Prediction, and Forecasting in Cyber SecurityA Graph-based Representation of Relations in Network Security Alert Sharing Platforms