Gaining big picture awareness through an interconnected cross-layer situation knowledge reference model

Jun Dai, Xiaoyan Sun, Peng Liu, Nicklaus Giacobe

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Scopus citations

Abstract

In both military operations and the commercial world, cyber situation awareness (SA) is a key element of mission assurance. Due to the needs for mission damage and impact assessment and asset identification (and prioritization), cyber SA is beyond intrusion detection and attack graph analysis. In this paper, we propose a cross-layer situation knowledge reference model (SKRM) to address the unique cyber SA needs of real-world missions. SKRM provides new insight on how to break the 'stovepipes' created by isolated situation knowledge collectors and gain comprehensive level big picture awareness. Through a concrete case study, we show that SKRM is the key enabler for two SA capabilities beyond intrusion detection and attack graph analysis. The potentials and the current limitations of SKRM and SKRM-enabled analysis are also discussed.

Original languageEnglish (US)
Title of host publicationProceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012
PublisherIEEE Computer Society
Pages83-92
Number of pages10
ISBN (Print)9780769550145
DOIs
StatePublished - Jan 1 2012
Event2012 ASE International Conference on Cyber Security, CyberSecurity 2012 - Washington, D.C., United States
Duration: Dec 14 2012Dec 16 2012

Publication series

NameProceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012

Other

Other2012 ASE International Conference on Cyber Security, CyberSecurity 2012
CountryUnited States
CityWashington, D.C.
Period12/14/1212/16/12

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Gaining big picture awareness through an interconnected cross-layer situation knowledge reference model'. Together they form a unique fingerprint.

Cite this