Chapter

Cybersecurity Systems for Human Cognition Augmentation

Volume 61 of the series Advances in Information Security pp 47-60

Date:

Automated Cyber Situation Awareness Tools and Models for Improving Analyst Performance

  • Massimiliano AlbaneseAffiliated withCenter for Secure Information Systems, George Mason University Email author 
  • , Hasan CamAffiliated withNetwork Science Division, U.S. Army Research Laboratory
  • , Sushil JajodiaAffiliated withCenter for Secure Information Systems, George Mason University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

An ever increasing number of critical missions rely today on complex Information Technology infrastructures, making such missions vulnerable to a wide range of potentially devastating cyber-attacks. Attackers can exploit network configurations and vulnerabilities to incrementally penetrate a network and compromise critical systems, thus rendering security monitoring and intrusion detection much more challenging. It is also evident from the ever growing number of high-profile cyber-attacks reported in the news that not only are cyber-attacks growing in sophistication but also in numbers. For these reasons, cyber-security analysts need to continuously monitor large amounts of alerts and data from a multitude of sensors in order to detect attacks in a timely manner and mitigate their impact. However—given the inherent complexity of the problem—manual analysis is labor-intensive and error-prone, and distracts the analyst from getting the “big picture” of the cyber situation.