SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F20%3A00115826" target="_blank" >RIV/00216224:14610/20:00115826 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1145/3407023.3407062" target="_blank" >http://dx.doi.org/10.1145/3407023.3407062</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3407023.3407062" target="_blank" >10.1145/3407023.3407062</a>

Jazyk výsledku

angličtina

Název v původním jazyce

SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

Popis výsledku v původním jazyce

Cyber situational awareness is an essential part of cyber defense that allows the cybersecurity operators to cope with the complexity of today's networks and threat landscape. Perceiving and comprehending the situation allow the operator to project upcoming events and make strategic decisions. In this paper, we recapitulate the fundamentals of cyber situational awareness and highlight its unique characteristics in comparison to generic situational awareness known from other fields. Subsequently, we provide an overview of existing research and trends in publishing on the topic, introduce front research groups, and highlight the impact of cyber situational awareness research. Further, we propose an updated taxonomy and enumeration of the components used for achieving cyber situational awareness. The updated taxonomy conforms to the widely-accepted three-level definition of cyber situational awareness and newly includes the projection level. Finally, we identify and discuss contemporary research and operational challenges, such as the need to cope with rising volume, velocity, and variety of cybersecurity data and the need to provide cybersecurity operators with the right data at the right time and increase their value through visualization.

Název v anglickém jazyce

SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

Popis výsledku anglicky

Cyber situational awareness is an essential part of cyber defense that allows the cybersecurity operators to cope with the complexity of today's networks and threat landscape. Perceiving and comprehending the situation allow the operator to project upcoming events and make strategic decisions. In this paper, we recapitulate the fundamentals of cyber situational awareness and highlight its unique characteristics in comparison to generic situational awareness known from other fields. Subsequently, we provide an overview of existing research and trends in publishing on the topic, introduce front research groups, and highlight the impact of cyber situational awareness research. Further, we propose an updated taxonomy and enumeration of the components used for achieving cyber situational awareness. The updated taxonomy conforms to the widely-accepted three-level definition of cyber situational awareness and newly includes the projection level. Finally, we identify and discuss contemporary research and operational challenges, such as the need to cope with rising volume, velocity, and variety of cybersecurity data and the need to provide cybersecurity operators with the right data at the right time and increase their value through visualization.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2020

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 15th International Conference on Availability, Reliability and Security

ISBN

9781450388337

ISSN

—

e-ISSN

—

Počet stran výsledku

10

Strana od-do

1-10

Název nakladatele

Association for Computing Machinery

Místo vydání

New York, NY, United States

Místo konání akce

Virtual Event Ireland

Datum konání akce

25. 8. 2020

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—