Theory And Models For Cyber Situation Awareness

Today, when a security incident happens, the top three questions a cyber operation center would ask are: What has happened? Why did it happen? What should I do? Answers to the first two questions form the core of Cyber Situation Awareness (SA). Whether the last question can be satisfactorily addressed is largely dependent upon the cyber situation awareness capability of an enterprise. The goal of this book is to present a summary of recent research advances in the development of highly desirable Cyber Situation Awareness capabilities. The 8 invited full papers presented in this volume are organized around the following topics: computer-aided human centric cyber situation awareness; computer and information science aspects of the recent advances in cyber situation awareness; learning and decision making aspects of the recent advances in cyber situation awareness; cognitive science aspects of the recent advances in cyber situation awareness

This book reports on the latest research and developments in the field of cybersecurity, particularly focusing on personal security and new methods for reducing human error and increasing cyber awareness, as well as innovative solutions for increasing the security of advanced Information Technology (IT) infrastructures. It covers a broad range of topics, including methods for human training; novel cyber-physical and process-control systems; social, economic, and behavioral aspects of cyberspace; issues concerning the cybersecurity index; security metrics for enterprises; and risk evaluation. Based on the AHFE 2018 International Conference on Human Factors in Cybersecurity, held on July 21–25, 2018, in Orlando, Florida, USA, the book not only presents innovative cybersecurity technologies, but also discusses emerging threats, current gaps in the available systems, and future challenges that can be successfully overcome with the help of human factors research.

Motivation for the Book This book seeks to establish the state of the art in the cyber situational awareness area and to set the course for future research. A multidisciplinary group of leading researchers from cyber security, cognitive science, and decision science areas elab orate on the fundamental challenges facing the research community and identify promising solution paths. Today, when a security incident occurs, the top three questions security admin istrators would ask are in essence: What has happened? Why did it happen? What should I do? Answers to the ?rst two questions form the core of Cyber Situational Awareness. Whether the last question can be satisfactorily answered is greatly de pendent upon the cyber situational awareness capability of an enterprise. A variety of computer and network security research topics (especially some sys tems security topics) belong to or touch the scope of Cyber Situational Awareness. However, the Cyber Situational Awareness capability of an enterprise is still very limited for several reasons: • Inaccurate and incomplete vulnerability analysis, intrusion detection, and foren sics. • Lack of capability to monitor certain microscopic system/attack behavior. • Limited capability to transform/fuse/distill information into cyber intelligence. • Limited capability to handle uncertainty. • Existing system designs are not very “friendly” to Cyber Situational Awareness.

This two-volume set addresses a variety of human factors issues and engineering concerns across various real-world applications such as aviation and driving, cybersecurity, and healthcare systems. The contents of these books also present recent theories and methods related to human performance, workload and usability assessment in automated and autonomous systems. In this set, the authors discuss both current and developing topics of advanced automation technologies and present emerging practical challenges. Topics covered include unmanned aerial systems and self-driving cars, individual and team performance, human-robot interaction, and operator selection and training. Both practical and theoretical discussions of modern automated and autonomous systems are provided throughout each of the volumes. These books are suitable for those first approaching the issues to those well versed in these fast-moving areas, including students, teachers, researchers, engineers, and policy makers alike. Volume 1 - Human Performance in Automated and Autonomous Systems: Current Theory and Methods Volume 2 - Human Performance in Automated and Autonomous Systems: Emerging Issues and Practical Perspectives

With the increased dependence on digital and internet technologies, cyber security has come to be regarded as a national security issue, and the number of countries with a published cyber security strategy continues to rise. But these national cyber security strategies often run the risk of failing to address all the cyber security requirements of the many institutions within a given country, and the complex nature of the stakeholders involved and the networks formed by them means that the problem requires an interdisciplinary approach. This book presents papers from the NATO Advanced Research Workshop (ARW) entitled “A Framework for a Military Cyber Defense Strategy”, held in Norfolk, Virginia, USA, in April 2016. The workshop focused on key priority areas for cyber defense along with NATO’s cyber defense policy implementation and brought together experts with an eclectic mix of backgrounds and specialties from a group of NATO member states and partner countries. The participants considered not only the technical implications of cyber security efforts, but also the legal, strategic, educational and organizational aspects, and the book reflects this wide view of the field and its intricacies, highlighting the complexity of cyber security and the many challenges it presents. This overview of cyber security offers state-of-the-art approaches from a multidisciplinary standpoint, and will be of interest to all those working in the field.

These proceedings represent the work of contributors to the 16th International Conference on Cyber Warfare and Security (ICCWS 2021), hosted by joint collaboration of Tennessee Tech Cybersecurity Education, Research and Outreach Center (CEROC), Computer Science department and the Oak Ridge National Laboratory, Tennessee on 25-26 February 2021. The Conference Co-Chairs are Dr. Juan Lopez Jr, Oak Ridge National Laboratory, Tennessee, and Dr. Ambareen Siraj, Tennessee Tech’s Cybersecurity Education, Research and Outreach Center (CEROC), and the Program Chair is Dr. Kalyan Perumalla, from Oak Ridge National Laboratory, Tennessee.

This book constitutes the refereed proceedings on the 23rd Nordic Conference on Secure IT Systems, NordSec 2018, held in Oslo, Norway, in November 2018. The 29 full papers presented in this volume were carefully reviewed and selected from 81 submissions. They are organized in topical sections named: privacy; cryptography; network and cloud security; cyber security and malware; and security for software and software development.

Our cyber defenses are static and are governed by lengthy processes, e.g., for testing and security patch deployment. Adversaries could plan their attacks carefully over time and launch attacks at cyber speeds at any given moment. We need a new class of defensive strategies that would force adversaries to continually engage in reconnaissance and re-planning of their cyber operations. One such strategy is to present adversaries with a moving target where the attack surface of a system keeps changing. Moving Target Defense II: Application of Game Theory and Adversarial Modeling includes contributions from world experts in the cyber security field. In the first volume of MTD, we presented MTD approaches based on software transformations, and MTD approaches based on network and software stack configurations. In this second volume of MTD, a group of leading researchers describe game theoretic, cyber maneuver, and software transformation approaches for constructing and analyzing MTD systems. Designed as a professional book for practitioners and researchers working in the cyber security field, advanced -level students and researchers focused on computer science will also find this book valuable as a secondary text book or reference.