Architecture for the Cyber Security Situational Awareness System

Kokkonen, Tero

doi:10.1007/978-3-319-46301-8_24

Cited by 5 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kokkonen applied situational awareness to a cyber security system in an attempt to mitigate damage done by attacks. 5 This system required situational awareness of system security infrastructure and assets to estimate what future assets would be required. Data fusion algorithms consume information and make recommendations based on estimated requirements.…”

Section: Situational Awareness Systemsmentioning

confidence: 99%

Situational awareness on a graph: towards graph neural networks for spectrum analysis and battlefield management

Anderson

2024

Disruptive Technologies in Information Sciences VIII

View full text Add to dashboard Cite

Graph Neural Networks (GNN) were originally developed to infer relationships between objects in complex graph environments such as social networks. However, they have recently been applied to other domains which naturally support graph expression, such as hardware and software analysis. We propose to extend the application of GNNs to datasets which contain a temporal component, thus enabling GNN inference of event-driven situations involving the radio frequency (RF) spectrum. Post-battle analysis can train a GNN to identify individual subgraphs representing sequences of events. Trained GNNs can then be used in war time to infer a larger situation as a series of subgraphs are identified.

show abstract

Section: Situational Awareness Systemsmentioning

confidence: 99%

Situational awareness on a graph: towards graph neural networks for spectrum analysis and battlefield management

Anderson

2024

Disruptive Technologies in Information Sciences VIII

View full text Add to dashboard Cite

show abstract

“…There are already some approaches to network security SA: In the research of network security SA architecture, Kokkonen proposed in 2016 a network security SA architecture, which mainly includes information exchange module and emphasizes standardized information format [4]. In 2017, Eiseler proposed a network security SA architecture from the perspective of IT complexity [5]. The main idea is to abstract a layer of operation (decision) and the result of decision for decision makers from non-technical background.…”

Section: Related Workmentioning

confidence: 99%

Evaluation of Botnet Threats Based on Evidence Chain

Liu¹,

Yi-mu²

2020

Computer Security Threats

View full text Add to dashboard Cite

The current network security faces a serious threat, which has been brought about by the large-scale proliferation of botnet, and its detection has become one of the important tasks of the existing cyberspace security. At present, although network administrators have firewalls, intrusion detection systems, intrusion prevention systems, and other technical means to achieve partial network protection, they are still confronted with severe challenges in the detection and prevention of a botnet known as a threatening attack platform. The new botnet is characterized by its large scale and multifunction. Further, it is hard to detect, and it may cause a sharp decline in the normal defense level of the protected object in a short period of time. In this chapter, we propose a method of botnet threat assessment based on evidence chain. The DS evidence theory is used for network security situational awareness. On the basis of determining the recognition framework, all possible results are considered, and each evidence is assigned a basic credibility, and the final credibility of the target is fused by using the composition rule. The experiments show that this method can work efficiently and detect the major threats in the protected network in time.

show abstract

“…Researchers have proposed various solutions to address these challenges to improve SMEs' cybersecurity posture. These include investing in essential security measures such as firewalls and antivirus software, implementing employee training programs to improve cybersecurity awareness, and developing incident response plans to ensure businesses are prepared to respond to cyber-attacks [5].…”

Section: Introductionmentioning

confidence: 99%

Implementation of Cybersecurity Situation Awareness Model in Saudi SMEs

Almoaigel,

Abuabid

2023

IJACSA

View full text Add to dashboard Cite

Saudi Small and Medium-sized Enterprises (SMEs) are witnessing rapid growth in technology and innovation. However, this growth is accompanied by increased cybersecurity threats, which pose significant challenges for SMEs. Cyber threats are becoming more complex and sophisticated, with SMEs becoming prime targets due to their weaker cybersecurity defenses. Hence, there exists a rich literature on critical challenges facing SMEs. Existing literature on these challenges addresses many research issues (e.g., finance, technology adoption, and management) associated with SMEs. However, one critical issue that has so far received no rigorous attention is cybersecurity situation awareness for research in the SME context. Thus, this study used a quantitative approach aiming to empirically test a model of cybersecurity situational awareness that can support SMEs in Saudi Arabia to implement cybersecurity measures and precautions with efficacy. An online survey of 350 participants was conducted to collect the research data. The study identified a significant positive relationship between Cyber Situational Awareness (Csa) and Implementation of Cybersecurity Controls (Icsc), suggesting that enhancing awareness can contribute to better control implementation. The study identified a significant positive relationship between Cyber Situational Awareness (Csa) and Implementation of Cybersecurity Controls (Icsc), suggesting that enhancing awareness can contribute to better control implementation. Finally, the paper provides several interesting findings and outlines future research directions.

show abstract

Architecture for the Cyber Security Situational Awareness System

Abstract: This is an electronic reprint of the original article. This version may differ from the original in pagination and typographic detail.

Cited by 5 publications

References 19 publications

Situational awareness on a graph: towards graph neural networks for spectrum analysis and battlefield management

Situational awareness on a graph: towards graph neural networks for spectrum analysis and battlefield management

Evaluation of Botnet Threats Based on Evidence Chain

Implementation of Cybersecurity Situation Awareness Model in Saudi SMEs

Contact Info

Product

Resources

About