Visualisation for Network Situational Awareness in Computer Network Defence
نویسندگان
چکیده
Situational awareness is essential for decision makers to efficiently manage their resources. Situational awareness has historically been associated with aviation security applications, such as air traffic control (ATC), fighter missions, and missile defence. However, the number of studies in the field of situational awareness for new applications has grown significantly in the past fifteen year [4].
منابع مشابه
Sonification of Network Traffic Flow for Monitoring and Situational Awareness
Maintaining situational awareness of what is happening within a computer network is challenging, not least because the behaviour happens within computers and communications networks, but also because data traffic speeds and volumes are beyond human ability to process. Visualisation techniques are widely used to present information about the dynamics of network traffic dynamics. Although they pr...
متن کاملNetSecRadar: A Visualization System for Network Security Situational Awareness
Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...
متن کاملA Proactive Defense Strategy to Enhance Situational Awareness in Computer Network Security
With the development of situational awareness in intrusion defense, a proactive response is a realistic and effective approach against the attackers. It is assumed that each player can update knowledge of the opponent and assess possible future scenarios of the dynamic game based on their previous interactions. Therefore, finding the best current move of the defender is modeled as a discrete-ti...
متن کاملCharacterisation and Showcasing of Network Visualisation Approaches for Command and Control
Network Visualisation technologies are becoming more relevant in Command and Control environments to help cope with the increased complexity of defence operations. A significant number of Network Visualisation technologies are currently available so the choice of a particular approach to support specific C2 tasks can be difficult. This paper describes an approach for characterising Network Visu...
متن کامل