From scattered data to actionable knowledge: flexible cyber security reporting in the military domain-Reference-Cited by-同舟云学术

From scattered data to actionable knowledge: flexible cyber security reporting in the military domain

Published:2022-09-14 Issue:6 Volume:21 Page:1323-1347
ISSN:1615-5262
Container-title:International Journal of Information Security
language:en
Short-container-title:Int. J. Inf. Secur.

Author:

Skopik Florian^ORCID,Bonitz Arndt,Grantz Volker,Göhler Günter

Abstract

AbstractNumerous cyber situational awareness models have been proposed in recent years. Yet, one of the main challenges still remains mostly unsolved, which is what information sources contribute to the process for establishing cyber situational awareness and how is relevant information collected. While previous scientific works focused on situational awareness models and decision support based on common operating pictures, ingesting and maintaining a consistent data basis for the cyber domain has rarely been studied in detail. However, this is crucial when data distributed across different systems need to be collected, vetted, correlated, de-duplicated, enriched and finally stored as a basis for flexible cyber security reporting. In this paper, we design an approach and a data model that enable to ingest and store the essential information from disparate organizational units and act as a basis for the flexible creation of cyber security reports. We describe the application of this approach and model in a case study together with the Austrian Ministry of Defense (MoD), in which we surveyed existing data sources and transfer paths and rated the applicability of the CCOP data model and accompanying processes in course of a proof-of-concept implementation.

Funder

Österreichische Forschungsförderungsgesellschaft

Publisher

Springer Science and Business Media LLC

Subject

Computer Networks and Communications,Safety, Risk, Reliability and Quality,Information Systems,Software

Link

https://link.springer.com/content/pdf/10.1007/s10207-022-00613-7.pdf

Reference48 articles.

1. Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Proceedings of the Human Factors Society annual meeting, vol. 32, pp. 97–101. Sage Publications Sage CA: Los Angeles, CA (1988)

2. Pahi, T., Leitner, M., Skopik, F.: Analysis and assessment of situational awareness models for national cyber security centers. In: International Conference on Information Systems Security and Privacy, vol. 2, pp. 334–345. SCITEPRESS (2017)

3. Varga, S., Brynielsson, J., Franke, U.: Information requirements for national level cyber situational awareness. In: 2018 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 774–781. IEEE (2018)

4. Conti, G., Nelson, J., Raymond, D.: Towards a cyber common operating picture. In: 2013 5th International Conference on Cyber Conflict (CYCON 2013), pp. 1–17. IEEE (2013)

5. Danielsson, E., Alvinius, A., Larsson, G.: From common operating picture to situational awareness. Int. J. Emerg. Manag. 10(1), 28–47 (2014)

Cited by 4 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Military Computing Security: Insights and Implications;Journal of The Institution of Engineers (India): Series B;2024-08-21

2. The awareness of operators: a goal-directed task analysis in SOCs for critical infrastructure;International Journal of Information Security;2024-07-19

3. Explainable AI in Military Training Applications;Advances in Computational Intelligence and Robotics;2024-01-18

4. Chaining Digital Services: Challenges to Investigate Cyber-Attacks at Run-Time;IEEE Communications Magazine;2023