|
¡¡
|
¡¡
|
¡¡
|
2015 Research Review
Presentations
2014 Research Review
Presentations
2013 Research Review
Presentations
Problems with Today¡¯s
Cyber Situation Awareness
|
|
Today¡¯s cyber
situation awareness (C-SA) has two fundamental limitations:
- Existence of huge gap between
human cognition and C-SA algorithms (and tools): The amount of
information contained in ¡°raw¡± situation data collected by C-SA
tools is several orders of magnitude greater than the ¡°cognition
throughput¡± of human analysts; Critical links from data to decision
are missing.
- Existence of
big ¡°blind spots¡±: existing cyber SA tools and systems,
including auditing, vulnerability scanners, attack graph tools,
intrusion detection systems, damage assessment tools, and forensics
tools, still have big ¡°blind spots¡± in their ¡°views¡± of the cyber
situation in concern.
¡¡
|
|
Cyber-SA Vision
|
- Solve the
first problem by building the missing links through innovations in
C-SA specific information and knowledge fusion, cognition
automation, artificial intelligence, and visual analytics.
- Solve the
second problem through awareness-driven cyber defense instead of
malware behavior dependent defense. Automatic blind spot
identification and monitoring techniques will be developed.
¡¡
|
|
Acknowledgement
|
- This
project is a DoD Multidisciplinary University Research Initiative
(MURI) program project, funded through Army Research Office.
|
¡¡
¡¡
¡¡
¡¡
¡¡
|
¡¡
|
|
