his.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A framework to support the development of Cyber Resiliency with Situational Awareness Capability
ITA Instituto Tecnológico de Aeronáutica, Brazil.
ITA Instituto Tecnológico de Aeronáutica, Brazil.
Combitech, Sweden / Swedish National Defence College / George Mason University, USA.
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningscentrum för Informationsteknologi. (Information Systems)ORCID-id: 0000-0002-8607-948X
2015 (engelsk)Inngår i: 20th ICCRTS Proceedings: C2, Cyber, and Trust, International Command and Control Institute , 2015Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Cybersecurity success is essentially the result of an effective risk management process. However, this process is being challenged by the inherent complexity of systems, developed with vulnerable components and protocols, and the crescent sophistication of attackers, now backed by well-resourced criminal organizations and nations. With this scenario of uncertainties and high volume of events, it is essential the ability of cyber resiliency. Cyber resiliency is the ability of a system, organization, mission, or business process to anticipate, withstand, recover from, and adapt capabilities in the face of adversary conditions, stresses, or attacks on the cyber resources it needs to function. In the present work, it is presented a framework for cyber resiliency where a segmentation strategy and the Intrusion Kill Chain (IKC) attack model, developed by Lockheed-Martin, are central elements. Segmentation allows the construction of a layered defense, where the highest-priority assets are in the inner layers and the attackers are forced to surpass several layers to reach them. The IKC attack model is a model of seven phases that the attackers must perform to achieve their goals. Each segment is supposed to be designed with the best efforts to prevent, detect and contain an IKC. According to the Situational Awareness (SA) model of Endsley, the Level of Perception is achieved through sensors connected to the controls of prevention, detection and containment of IKC in different segments. The Level of Understanding is obtained by identifying the segments impacted by the attackers, and the Level of Projection by the identification of the next segments to be attacked and defense actions required to contain this advance. The use of the framework leads to the development of a structured set of defense mechanisms, and supports the development of SA capability to allow defenders to make correct decisions in order to maintain the mission even under a heavy attack

sted, utgiver, år, opplag, sider
International Command and Control Institute , 2015.
HSV kategori
Forskningsprogram
Teknik; Informationssystem (IS)
Identifikatorer
URN: urn:nbn:se:his:diva-11629OAI: oai:DiVA.org:his-11629DiVA, id: diva2:865334
Konferanse
20th International Command and Control Research and Technology Symposium, June 16-19, Annapolis, Maryland, USA
Tilgjengelig fra: 2015-10-27 Laget: 2015-10-27 Sist oppdatert: 2019-01-23bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Länk till fulltext

Personposter BETA

Åhlfeldt, Rose-Mharie

Søk i DiVA

Av forfatter/redaktør
Åhlfeldt, Rose-Mharie
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 866 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf