From detection to reaction - A holistic approach to cyber defense

Klein, Gabriel; Tölle, Jens; Martini, Peter

doi:10.1109/dsr.2011.6026824

Cited by 9 publications

(4 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Klein, Tolle, and Martini proposed a "holistic approach to Cyber Defense" based on the well-known OODA loop (Observe, Orient, Decide, Act). Cyber defense should align all activities of the organization, and by applying the OODA loop, a continuous process ensues, constantly updating the data and its processing (Klein et al, 2011). The research in this paper supports this goal by providing methods to identify relevant data to be observed and acted on.…”

Section: Manual and Automated Analysis For Situational Awarenesssupporting

confidence: 48%

Towards Network Science Enhanced Cyber Situational Awareness

Dobson¹,

Shimeall²,

Carley³

2017

IJCSA

View full text Add to dashboard Cite

A dynamic network analysis is conducted on network flow data to demonstrate an improvement in cyber situational awareness. The analysis begins by collecting network-level data (density, network centralization total degree, and fragmentation) on samples of network flow data using the SiLK collection and analysis suite. The next phase categorized the data into four types: autonomic inflow, autonomic outflow, human inflow, and human outflow. Using the CASOS tool ORA, a series of dynamic network analyses were performed on each hour of the data. The results showed variations between the autonomic and human traffic that can be used by firms to gain more detailed understanding on how traffic behaves on their computer networks. The more granular profiles of operations permit separate understanding of automated and manual processes. The network science techniques provide a basis for providing these improvements in a systematic and repeatable manner.

show abstract

Section: Manual and Automated Analysis For Situational Awarenesssupporting

confidence: 48%

Towards Network Science Enhanced Cyber Situational Awareness

Dobson¹,

Shimeall²,

Carley³

2017

IJCSA

View full text Add to dashboard Cite

show abstract

“…model is the OODA loop. Originally developed for the military context [11], the OODA loop has been applied in many different areas, including cyber defence [31]. The OODA loop method represents the behaviour of agents in adversarial interactions as a continuous cycle through a four-stage loop in a shared environment, the four stages of the loop being observation (Observe), orientation (Orientation), decision (Decide) and action (Act).…”

Section: Attack and Defence Modelling Frameworkmentioning

confidence: 99%

The Security of the Speech Interface: A Modelling Framework and Proposals for New Defence Mechanisms

Bispham

Agrafiotis

Goldsmith

2020

Communications in Computer and Information Science

View full text Add to dashboard Cite

This paper presents an attack and defence modelling framework for conceptualising the security of the speech interface. The modelling framework is based on the Observe-Orient-Decide-Act (OODA) loop model, which has been used to analyse adversarial interactions in a number of other areas. We map the different types of attacks that may be executed via the speech interface to the modelling framework, and present a critical analysis of the currently available defences for countering such attacks, with reference to the modelling framework. The paper then presents proposals for the development of new defence mechanisms that are grounded in the critical analysis of current defences. These proposals envisage a defence capability that would enable voice-controlled systems to detect potential attacks as part of their dialogue management functionality. In accordance with this high-level defence concept, the paper presents two specific proposals for defence mechanisms to be implemented as part of dialogue management functionality to counter attacks that exploit unintended functionality in speech recognition functionality and natural language understanding functionality. These defence mechanisms are based on the novel application of two existing technologies for security purposes. The specific proposals include the results of two feasibility tests that investigate the effectiveness of the proposed mechanisms in defending against the relevant type of attack.

show abstract

“…Besides, the spontaneous and continuous attention of many researchers to this field has made the researches on cybersecurity the top hot issue. In order to fully understand the research status of network security situational awareness, this paper firstly searched and reviewed articles on this topic in the past 10 years in the core database in September 2017, and sorted out a total of 10 large citations of review literature [16,[37][38][39][40][41][42][43][44][45]. Based on the actor-network theory, Kopylec et al [37] explored the critical relationship between physical and network infrastructure, and demonstrated the results of situational awareness through visual cascading.…”

Section: Status Of Foreign Researchmentioning

confidence: 99%

“…Tadda and Salerno [16], Giacobe [40], and Schreiber-Ehle and Koch [42] inquired into the application process of JDL model in the field of situational awareness, especially in literature [40] for the favorable induction and summary of the data source information at level 0/1 in JDL model. In addition, Klein et al [41] and Vincent [45] et al applied the OODA loop model [15] to the network situational awareness and some stages in the model are prerequisites for others. Through such a class decision paradigm, the various activities in network defense are integrated.…”

Section: Status Of Foreign Researchmentioning

confidence: 99%

Analysis framework of network security situational awareness and comparison of implementation methods

Huang

Wang

et al. 2019

J Wireless Com Network

View full text Add to dashboard Cite

Information technology has penetrated into all aspects of politics, economy, and culture of the whole society. The information revolution has changed the way of communication all over the world, promoted the giant development of human society, and also drawn unprecedented attention to network security issues. Studies, focusing on network security, have experienced four main stages: idealized design for ensuring security, auxiliary examination and passive defense, active analysis and strategy formulation, and overall perception and trend prediction. Under the background of the new strategic command for the digital control that all countries are scrambled for, the discussion of network security situational awareness presents new characteristics both in the academic study and industrialization. In this regard, a thorough investigation has been made in the present paper into the literature of network security situational awareness. Firstly, the research status both at home and abroad is introduced, and then, the logical analysis framework is put forward concerning the network security situational awareness from the perspective of the data value chain. The whole process is composed of five successive stages: factor acquisition, model representation, measurement establishment, solution analysis, and situation prediction. Subsequently, the role of each stage and the mainstream methods are elaborated, and the application results on the experimental objects and the horizontal comparison between the methods are explained. In an attempt to provide a panoramic recognition of network security situational awareness, and auxiliary ideas for the industrialization of network security, this paper aims to provide some references for the scientific research and engineering personnel in this field.

show abstract

From detection to reaction - A holistic approach to cyber defense

Cited by 9 publications

References 11 publications

Towards Network Science Enhanced Cyber Situational Awareness

Towards Network Science Enhanced Cyber Situational Awareness

The Security of the Speech Interface: A Modelling Framework and Proposals for New Defence Mechanisms

Analysis framework of network security situational awareness and comparison of implementation methods

Contact Info

Product

Resources

About