SoK: Contemporary Issues and Challenges to Enable Cyber
Situational Awareness for Network Security

D 2020

SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

HUSÁK, Martin, Tomáš JIRSÍK a Shanchieh Jay YANG

Základní údaje

Originální název

SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

Autoři

HUSÁK, Martin (203 Česká republika, garant, domácí), Tomáš JIRSÍK (203 Česká republika, domácí) a Shanchieh Jay YANG

Vydání

New York, NY, United States, Proceedings of the 15th International Conference on Availability, Reliability and Security, od s. 1-10, 10 s. 2020

Nakladatel

Association for Computing Machinery

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10200 1.2 Computer and information sciences

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Odkazy

URL

Kód RIV

RIV/00216224:14610/20:00115826

Organizační jednotka

Ústav výpočetní techniky

ISBN

978-1-4503-8833-7

DOI

http://dx.doi.org/10.1145/3407023.3407062

Klíčová slova anglicky

Cyber situational awareness;network security;taxonomy

Štítky

core_B, rivok

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 2. 9. 2024 14:38, RNDr. Pavel Šmerk, Ph.D.

Anotace

V originále

Cyber situational awareness is an essential part of cyber defense that allows the cybersecurity operators to cope with the complexity of today's networks and threat landscape. Perceiving and comprehending the situation allow the operator to project upcoming events and make strategic decisions. In this paper, we recapitulate the fundamentals of cyber situational awareness and highlight its unique characteristics in comparison to generic situational awareness known from other fields. Subsequently, we provide an overview of existing research and trends in publishing on the topic, introduce front research groups, and highlight the impact of cyber situational awareness research. Further, we propose an updated taxonomy and enumeration of the components used for achieving cyber situational awareness. The updated taxonomy conforms to the widely-accepted three-level definition of cyber situational awareness and newly includes the projection level. Finally, we identify and discuss contemporary research and operational challenges, such as the need to cope with rising volume, velocity, and variety of cybersecurity data and the need to provide cybersecurity operators with the right data at the right time and increase their value through visualization.

Návaznosti

EF16_019/0000822, projekt VaV

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Přiložené soubory

2020-ARES-SoK-cyber-situational-awareness-video.mp4

Vyhledat podobné dokumenty

2020-ARES-SoK-cyber-situational-awareness-paper.pdf

Vyhledat podobné dokumenty

2020-ARES-SoK-cyber-situational-awareness-slides.pdf

Vyhledat podobné dokumenty

Citovat

HUSÁK, Martin, Tomáš JIRSÍK a Shanchieh Jay YANG. SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security. Online. In Proceedings of the 15th International Conference on Availability, Reliability and Security. New York, NY, United States: Association for Computing Machinery, 2020, s. 1-10. ISBN 978-1-4503-8833-7. Dostupné z: https://dx.doi.org/10.1145/3407023.3407062.

@inproceedings{1663145,
   author = {Husák, Martin and Jirsík, Tomáš and Yang, Shanchieh Jay},
   address = {New York, NY, United States},
   booktitle = {Proceedings of the 15th International Conference on Availability, Reliability and Security},
   doi = {http://dx.doi.org/10.1145/3407023.3407062},
   keywords = {Cyber situational awareness;network security;taxonomy},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {New York, NY, United States},
   isbn = {978-1-4503-8833-7},
   pages = {1-10},
   publisher = {Association for Computing Machinery},
   title = {SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security},
   url = {https://dl.acm.org/doi/abs/10.1145/3407023.3407062},
   year = {2020}
}

TY  - JOUR
ID  - 1663145
AU  - Husák, Martin - Jirsík, Tomáš - Yang, Shanchieh Jay
PY  - 2020
TI  - SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security
PB  - Association for Computing Machinery
CY  - New York, NY, United States
SN  - 9781450388337
KW  - Cyber situational awareness;network security;taxonomy
UR  - https://dl.acm.org/doi/abs/10.1145/3407023.3407062
N2  - Cyber situational awareness is an essential part of cyber defense that allows the cybersecurity operators to cope with the complexity of today's networks and threat landscape. Perceiving and comprehending the situation allow the operator to project upcoming events and make strategic decisions. In this paper, we recapitulate the fundamentals of cyber situational awareness and highlight its unique characteristics in comparison to generic situational awareness known from other fields. Subsequently, we provide an overview of existing research and trends in publishing on the topic, introduce front research groups, and highlight the impact of cyber situational awareness research. Further, we propose an updated taxonomy and enumeration of the components used for achieving cyber situational awareness. The updated taxonomy conforms to the widely-accepted three-level definition of cyber situational awareness and newly includes the projection level. Finally, we identify and discuss contemporary research and operational challenges, such as the need to cope with rising volume, velocity, and variety of cybersecurity data and the need to provide cybersecurity operators with the right data at the right time and increase their value through visualization.
ER  -

HUSÁK, Martin, Tomáš JIRSÍK a Shanchieh Jay YANG. SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security. Online. In \textit{Proceedings of the 15th International Conference on Availability, Reliability and Security}. New York, NY, United States: Association for Computing Machinery, 2020, s.~1-10. ISBN~978-1-4503-8833-7. Dostupné z: https://dx.doi.org/10.1145/3407023.3407062.

Podrobný výpis o publikaci