Abstract
In this chapter we continue the theme of awareness formation started in the preceding chapter. Here, however, we focus on a particular type of CSA that deals with the holistic, network-wide view of a network. We use the term “macro” CSA to refer to the overall dynamics of the network that is seen as a single organism and where individual elements or events are perceived in aggregate. This contrasts with CSA that focuses on individual atomic elements of the network’s assets or behaviors, such as an individual suspicious packet, an alert of a potential intrusion, or a vulnerable computer. On the other hand, atomic events can have a broad impact on the operation of the entire network. This means that the scope of CSA must accommodate both “micro and “macro” perspectives. The process of gaining network-wide awareness includes discovery and enumeration of assets and of defense capabilities, along with threat and attack awareness. We argue that effective CSA must focus on improved decision-making, collaboration, and resource management, and discuss approaches to achieving effective network-wide SA.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Patent pending on the process of creation and utilization of TAG, NAG, and RAG.
References
Amman, P., Wijesekera, D., & Kaushik, S. (2002). Scalable, graph-based network vulnerability analysis. Proc. of 9th ACM Conference on Computer and Communications Security.
Durumeric, Z., Wustrow, E., & Halderman, J. (2013). ZMap: Fast Internet-wide Scanning and its Security Applications. Proc. of USENIX Security Symposium.
Endsley, M. (1995). Toward a theory of situation awareness in dynamic systems. Human Factors, 32-64.
Force, D. o. (2010). Cyberspace Operations (Topline Coordination Draft v4). Washington: HQ USAF.
Hoogendoorn, M., van Lambalgen, R., & Trur, J. (2011). Modeling Situation Awareness in Human-Like Agents Using Mental Models. Proceeding of International Joint Conference on Artificial Intelligence.
Jajodia, S., Noel, S., & O’Berry, B. (2003). Topological analysis of network attack vulnerability. In Managing Cyber Threats: Issues, Approaches and Challenges. Kluwer Academic.
Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. (2002). Automated generation and analysis of attack graphs. Proc. of the IEEE Symposium on Security and Privacy, (pp. 254–265).
Xie, P., Li, J., Ou, X., Liu, P., & Levy, R. (2010). Using Bayesian Networks for Cyber Security Analysis. Proc of IEEE DSN.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Evancich, N., Lu, Z., Li, J., Cheng, Y., Tuttle, J., Xie, P. (2014). Network-Wide Awareness. In: Kott, A., Wang, C., Erbacher, R. (eds) Cyber Defense and Situational Awareness. Advances in Information Security, vol 62. Springer, Cham. https://doi.org/10.1007/978-3-319-11391-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-11391-3_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11390-6
Online ISBN: 978-3-319-11391-3
eBook Packages: Computer ScienceComputer Science (R0)