RPD-based hypothesis reasoning for cyber situation awareness

John Yen, Michael McNeese, Tracy Mullen, David Hall, Xiaocong Fan, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingChapter

11 Scopus citations

Abstract

Intelligence workers such as analysts, commanders, and soldiers often need a hypothesis reasoning framework to gain improved situation awareness of the highly dynamic cyber space. The development of such a framework requires the integration of interdisciplinary techniques, including supports for distributed cognition (human-in-the-loop hypothesis generation), supports for team collaboration (identification of information for hypothesis evaluation), and supports for resourceconstrained information collection (hypotheses competing for information collection resources). We here describe a cognitively-inspired framework that is built upon Klein's recognition-primed decision model and integrates the three components of Endsley's situation awareness model. The framework naturally connects the logic world of tools for cyber situation awareness with the mental world of human analysts, enabling the perception, comprehension, and prediction of cyber situations for better prevention, survival, and response to cyber attacks by adapting missions at the operational, tactical, and strategic levels.

Original languageEnglish (US)
Title of host publicationCyber Situational Awareness
Subtitle of host publicationIssues and Research
EditorsSushil Jajodia, Peng Liu, Vipin Swarup, Cliff Wang
Pages39-49
Number of pages11
DOIs
StatePublished - Dec 1 2010

Publication series

NameAdvances in Information Security
Volume46
ISSN (Print)1568-2633

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Networks and Communications

Cite this

Yen, J., McNeese, M., Mullen, T., Hall, D., Fan, X., & Liu, P. (2010). RPD-based hypothesis reasoning for cyber situation awareness. In S. Jajodia, P. Liu, V. Swarup, & C. Wang (Eds.), Cyber Situational Awareness: Issues and Research (pp. 39-49). (Advances in Information Security; Vol. 46). https://doi.org/10.1007/978-1-4419-0140-8_3