his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A framework to support the development of Cyber Resiliency with Situational Awareness Capability
ITA Instituto Tecnológico de Aeronáutica, Brazil.
ITA Instituto Tecnológico de Aeronáutica, Brazil.
Combitech, Sweden / Swedish National Defence College / George Mason University, USA.
University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. (Information Systems)ORCID iD: 0000-0002-8607-948X
2015 (English)In: 20th ICCRTS Proceedings: C2, Cyber, and Trust, International Command and Control Institute , 2015Conference paper, Published paper (Refereed)
Abstract [en]

Cybersecurity success is essentially the result of an effective risk management process. However, this process is being challenged by the inherent complexity of systems, developed with vulnerable components and protocols, and the crescent sophistication of attackers, now backed by well-resourced criminal organizations and nations. With this scenario of uncertainties and high volume of events, it is essential the ability of cyber resiliency. Cyber resiliency is the ability of a system, organization, mission, or business process to anticipate, withstand, recover from, and adapt capabilities in the face of adversary conditions, stresses, or attacks on the cyber resources it needs to function. In the present work, it is presented a framework for cyber resiliency where a segmentation strategy and the Intrusion Kill Chain (IKC) attack model, developed by Lockheed-Martin, are central elements. Segmentation allows the construction of a layered defense, where the highest-priority assets are in the inner layers and the attackers are forced to surpass several layers to reach them. The IKC attack model is a model of seven phases that the attackers must perform to achieve their goals. Each segment is supposed to be designed with the best efforts to prevent, detect and contain an IKC. According to the Situational Awareness (SA) model of Endsley, the Level of Perception is achieved through sensors connected to the controls of prevention, detection and containment of IKC in different segments. The Level of Understanding is obtained by identifying the segments impacted by the attackers, and the Level of Projection by the identification of the next segments to be attacked and defense actions required to contain this advance. The use of the framework leads to the development of a structured set of defense mechanisms, and supports the development of SA capability to allow defenders to make correct decisions in order to maintain the mission even under a heavy attack

Place, publisher, year, edition, pages
International Command and Control Institute , 2015.
National Category
Computer Science
Research subject
Technology
Identifiers
URN: urn:nbn:se:his:diva-11629OAI: oai:DiVA.org:his-11629DiVA: diva2:865334
Conference
20th International Command and Control Research and Technology Symposium, June 16-19, Annapolis, Maryland, USA
Available from: 2015-10-27 Created: 2015-10-27 Last updated: 2016-01-27Bibliographically approved

Open Access in DiVA

No full text

Other links

Länk till fulltext

Authority records BETA

Åhlfeldt, Rose-Mharie

Search in DiVA

By author/editor
Åhlfeldt, Rose-Mharie
By organisation
School of InformaticsThe Informatics Research Centre
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 526 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf