A Cyber Security Situational Awareness Framework to Track and Project Multistage Cyber Attacks
2014 (English)In: Proceedings of the 9Th International Conference on Cyber Warfare and Security (ICCWS-2014) / [ed] S. Liles, Reading: Academic Conferences Limited, 2014, p. 356-360Conference paper, Published paper (Refereed)
Abstract [en]
In Security Operations Center there is a need to perceive, comprehend and project cyber activities. Therefore it requires developing Cyber Situational Awareness (CSA) capability that involves perception of different security events, comprehension of the meaning of the current cyber security situation in the organization, and the projection of future status in order to select better positioning of security mechanisms. Current techniques of CSA are limited by the high speed of events generation, large volume of information from multiple sensors, and the complexity of interactions of highly automated services that shape the Cyberspace. This study presents a framework to track and project multistage cyber-attacks supporting CSA activities and enables a faster correlation of event logs using Big Data Technologies.
Place, publisher, year, edition, pages
Reading: Academic Conferences Limited, 2014. p. 356-360
Series
The Proceedings of the International Conference on Information Warfare and Security, ISSN 2048-9870, E-ISSN 2048-9889
Keywords [en]
Hadoop, Security log analysis, multistage cyber-attacks detection, Intrusion Kill-Chain, Cyber Situational Awareness
National Category
Information Systems
Research subject
Distributed Real-Time Systems
Identifiers
URN: urn:nbn:se:his:diva-23867ISI: 000340523900043Scopus ID: 2-s2.0-84931089844ISBN: 978-1-909507-11-1 (print)ISBN: 9781632660626 (print)ISBN: 978-1-909507-05-0 (print)OAI: oai:DiVA.org:his-23867DiVA, id: diva2:1859746
Conference
9Th International Conference on Cyber Warfare and Security (ICCWS-2014), Purdue Univ, West Lafayette, IN, March 24-25, 2014
2024-05-222024-05-222024-05-23Bibliographically approved