Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A framework to support the development of Cyber Resiliency with Situational Awareness Capability
ITA Instituto Tecnológico de Aeronáutica, Brazil.
ITA Instituto Tecnológico de Aeronáutica, Brazil.
Combitech, Sweden ; Swedish National Defence College ; George Mason University, USA.ORCID iD: 0000-0001-9423-9079
University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. (Information Systems)ORCID iD: 0000-0002-8607-948X
2015 (English)In: 20th ICCRTS Proceedings: C2, Cyber, and Trust, International Command and Control Institute , 2015Conference paper, Published paper (Refereed)
Abstract [en]

Cybersecurity success is essentially the result of an effective risk management process. However, this process is being challenged by the inherent complexity of systems, developed with vulnerable components and protocols, and the crescent sophistication of attackers, now backed by well-resourced criminal organizations and nations. With this scenario of uncertainties and high volume of events, it is essential the ability of cyber resiliency. Cyber resiliency is the ability of a system, organization, mission, or business process to anticipate, withstand, recover from, and adapt capabilities in the face of adversary conditions, stresses, or attacks on the cyber resources it needs to function. In the present work, it is presented a framework for cyber resiliency where a segmentation strategy and the Intrusion Kill Chain (IKC) attack model, developed by Lockheed-Martin, are central elements. Segmentation allows the construction of a layered defense, where the highest-priority assets are in the inner layers and the attackers are forced to surpass several layers to reach them. The IKC attack model is a model of seven phases that the attackers must perform to achieve their goals. Each segment is supposed to be designed with the best efforts to prevent, detect and contain an IKC. According to the Situational Awareness (SA) model of Endsley, the Level of Perception is achieved through sensors connected to the controls of prevention, detection and containment of IKC in different segments. The Level of Understanding is obtained by identifying the segments impacted by the attackers, and the Level of Projection by the identification of the next segments to be attacked and defense actions required to contain this advance. The use of the framework leads to the development of a structured set of defense mechanisms, and supports the development of SA capability to allow defenders to make correct decisions in order to maintain the mission even under a heavy attack

Place, publisher, year, edition, pages
International Command and Control Institute , 2015.
National Category
Computer Sciences
Research subject
Technology; Information Systems
Identifiers
URN: urn:nbn:se:his:diva-11629OAI: oai:DiVA.org:his-11629DiVA, id: diva2:865334
Conference
20th International Command and Control Research and Technology Symposium, June 16-19, Annapolis, Maryland, USA
Available from: 2015-10-27 Created: 2015-10-27 Last updated: 2023-01-03Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Länk till fulltext

Authority records

Gustavsson, Per M.Åhlfeldt, Rose-Mharie

Search in DiVA

By author/editor
Gustavsson, Per M.Åhlfeldt, Rose-Mharie
By organisation
School of InformaticsThe Informatics Research Centre
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 937 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf