Attack Tree Visualization for Cyber Security Situational Awareness
نویسندگان
چکیده
Situational awareness in cyber domain is one of the key features for quick and accurate decision making and anomaly detection. In order to provide situational awareness, certain methods have been introduced so far and attack graph is one of them. Attack graphs help the security analyst to visualize the network topology and understand typical vulnerability and exploit behaviors in cyber domain (e.g., IT asset and the network). They provide more proactive view compared to other reactive views; hence risk management and evaluation can be done in an efficient and interactive fashion. Attack trees can be used for various purposes since they can map network assets, network attacks and possible vulnerabilities which may exist in the IT assets. This study introduces an integrated cyber security capability called, BSGS, which can help analysts to create attack trees, identify vulnerabilities and have effective risk assessment procedures. In this way, the cyber security specialists will have a more efficient and holistic way to assess their environments and take the most effective precautions to minimize cyber risks.
منابع مشابه
A Public-Private-Partnership Model for Na- tional Cyber Situational Awareness
The information age has led to the merger of various infrastructures, from both business and governmental sectors and their functions, such as information technology, communication and transport systems, banking and finance, energy supply and process control systems. The protection of these systems is essential to resilience and reliability of critical infrastructures and their key resources, c...
متن کاملDesigning a Cyber Attack Information System for National Situational Awareness
Information and communication technology (ICT) systems underpin many of today’s societal functions and economic development. Consequently, protecting a nation’s ICT infrastructure from deliberate cyber attacks and unintentional disruptions is of paramount importance. Collaboration among all parties across all domains of cyberspace is the key to effective and coordinated effort to cope with cybe...
متن کاملAnalysis and Assessment of Situational Awareness Models for National Cyber Security Centers
National cyber security centers (NCSCs) are gaining more and more importance to ensure the security and proper operations of critical infrastructures (CIs). As a prerequisite, NCSCs need to collect, analyze, process, assess and share security-relevant information from infrastructure operators. A vital capability of mentioned NCSCs is to establish Cyber Situational Awareness (CSA) as a precondit...
متن کاملCyber situational awareness through network anomaly detection: state of the art and new approaches
With a major change in the attack landscape, away from well known attack vectors towards unique and highly tailored attacks, limitations of common ruleand signature-based security systems become more and more obvious. Novel security mechanisms can provide the means to extend existing solutions in order to provide a more sophisticated security approach. As critical infrastructures get increasing...
متن کاملNetSecRadar: A Visualization System for Network Security Situational Awareness
Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...
متن کامل