Empirical framework for situation awareness measurement techniques in network defense

Maria Evangelopoulou; Christopher W. Johnson

doi:10.1109/CyberSA.2015.7166132

Empirical framework for situation awareness measurement techniques in network defense

Maria Evangelopoulou, Christopher W. Johnson

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

4 Citations (Scopus)

Abstract

This paper presents an empirical framework for implementing Situation Awareness Measurement Techniques in a Network Defense environment. Bearing in mind the rise of Cyber-crime and the importance of Cyber security, the role of the security analyst (or as this paper will refer to them, defenders) is critical. In this paper the role of Situation Awareness Measurement Techniques will be presented and explained briefly. Input from previous studies will be given and an empirical framework of how to measure Situation Awareness in a computing network environment will be offered in two main parts. The first one will include the networking infrastructure of the system. The second part will be focused on specifying which Situation Awareness Techniques are going to be used and which Situation Awareness critical questions need to be asked to improve future decision making in cyber-security. Finally, a discussion will take place concerning the proposed approach, the chosen methodology and further validation.

Original language	English
Title of host publication	2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015
Editors	Cyril Onwubiko
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9780993233807
DOIs	https://doi.org/10.1109/CyberSA.2015.7166132
Publication status	Published - 23 Jul 2015
Externally published	Yes
Event	International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015 - London, United Kingdom Duration: 8 Jun 2015 → 9 Jun 2015

Publication series

Name	2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015

Conference

Conference	International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015
Country/Territory	United Kingdom
City	London
Period	8/06/15 → 9/06/15

Access to Document

10.1109/CyberSA.2015.7166132

Cite this

Evangelopoulou, M., & Johnson, C. W. (2015). Empirical framework for situation awareness measurement techniques in network defense. In C. Onwubiko (Ed.), 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015 Article 7166132 (2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CyberSA.2015.7166132

Evangelopoulou, Maria ; Johnson, Christopher W. / Empirical framework for situation awareness measurement techniques in network defense. 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015. editor / Cyril Onwubiko. Institute of Electrical and Electronics Engineers Inc., 2015. (2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015).

@inproceedings{8e3c9b82202e4f6f98e3ab183711273e,

title = "Empirical framework for situation awareness measurement techniques in network defense",

abstract = "This paper presents an empirical framework for implementing Situation Awareness Measurement Techniques in a Network Defense environment. Bearing in mind the rise of Cyber-crime and the importance of Cyber security, the role of the security analyst (or as this paper will refer to them, defenders) is critical. In this paper the role of Situation Awareness Measurement Techniques will be presented and explained briefly. Input from previous studies will be given and an empirical framework of how to measure Situation Awareness in a computing network environment will be offered in two main parts. The first one will include the networking infrastructure of the system. The second part will be focused on specifying which Situation Awareness Techniques are going to be used and which Situation Awareness critical questions need to be asked to improve future decision making in cyber-security. Finally, a discussion will take place concerning the proposed approach, the chosen methodology and further validation.",

keywords = "Cyber Security, CyberSA, Decision Making, Intrusion Detection, Network Defense, Situation Awareness, Situation Awareness Measurement Techniques",

author = "Maria Evangelopoulou and Johnson, {Christopher W.}",

note = "Publisher Copyright: {\textcopyright} 2015 Centre for Multidisciplinary Research, Innovation and Collaboration (C-MRiC.ORG).; International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015 ; Conference date: 08-06-2015 Through 09-06-2015",

year = "2015",

month = jul,

day = "23",

doi = "10.1109/CyberSA.2015.7166132",

language = "English",

series = "2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

editor = "Cyril Onwubiko",

booktitle = "2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015",

address = "United States",

}

Evangelopoulou, M & Johnson, CW 2015, Empirical framework for situation awareness measurement techniques in network defense. in C Onwubiko (ed.), 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015., 7166132, 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015, Institute of Electrical and Electronics Engineers Inc., International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015, London, United Kingdom, 8/06/15. https://doi.org/10.1109/CyberSA.2015.7166132

Empirical framework for situation awareness measurement techniques in network defense. / Evangelopoulou, Maria; Johnson, Christopher W.
2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015. ed. / Cyril Onwubiko. Institute of Electrical and Electronics Engineers Inc., 2015. 7166132 (2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Empirical framework for situation awareness measurement techniques in network defense

AU - Evangelopoulou, Maria

AU - Johnson, Christopher W.

PY - 2015/7/23

Y1 - 2015/7/23

N2 - This paper presents an empirical framework for implementing Situation Awareness Measurement Techniques in a Network Defense environment. Bearing in mind the rise of Cyber-crime and the importance of Cyber security, the role of the security analyst (or as this paper will refer to them, defenders) is critical. In this paper the role of Situation Awareness Measurement Techniques will be presented and explained briefly. Input from previous studies will be given and an empirical framework of how to measure Situation Awareness in a computing network environment will be offered in two main parts. The first one will include the networking infrastructure of the system. The second part will be focused on specifying which Situation Awareness Techniques are going to be used and which Situation Awareness critical questions need to be asked to improve future decision making in cyber-security. Finally, a discussion will take place concerning the proposed approach, the chosen methodology and further validation.

AB - This paper presents an empirical framework for implementing Situation Awareness Measurement Techniques in a Network Defense environment. Bearing in mind the rise of Cyber-crime and the importance of Cyber security, the role of the security analyst (or as this paper will refer to them, defenders) is critical. In this paper the role of Situation Awareness Measurement Techniques will be presented and explained briefly. Input from previous studies will be given and an empirical framework of how to measure Situation Awareness in a computing network environment will be offered in two main parts. The first one will include the networking infrastructure of the system. The second part will be focused on specifying which Situation Awareness Techniques are going to be used and which Situation Awareness critical questions need to be asked to improve future decision making in cyber-security. Finally, a discussion will take place concerning the proposed approach, the chosen methodology and further validation.

KW - Cyber Security

KW - CyberSA

KW - Decision Making

KW - Intrusion Detection

KW - Network Defense

KW - Situation Awareness

KW - Situation Awareness Measurement Techniques

UR - http://www.scopus.com/inward/record.url?scp=84963746836&partnerID=8YFLogxK

U2 - 10.1109/CyberSA.2015.7166132

DO - 10.1109/CyberSA.2015.7166132

M3 - Conference contribution

T3 - 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015

BT - 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015

A2 - Onwubiko, Cyril

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015

Y2 - 8 June 2015 through 9 June 2015

ER -

Evangelopoulou M, Johnson CW. Empirical framework for situation awareness measurement techniques in network defense. In Onwubiko C, editor, 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015. Institute of Electrical and Electronics Engineers Inc. 2015. 7166132. (2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, CyberSA 2015). doi: 10.1109/CyberSA.2015.7166132

Empirical framework for situation awareness measurement techniques in network defense

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this