论文信息 - Cyber SA: Situational Awareness for Cyber Defense

Cyber SA: Situational Awareness for Cyber Defense

1. Be aware of the current situation. This aspect can also be called situation perception. Situation perception includes both situation recognition and identification. Situation identification can include identifying the type of attack (recognition is only recognizing that an attack is occurring), the source (who, what) of an attack, the target of an attack, etc. Situation perception is beyond intrusion detection. Intrusion detection is a very primitive element of this aspect. An IDS (intrusion detection system) is usually only a sensor, it neither identifies nor recognizes an attack but simply identifies an event that may be part of an attack once that event adds to a recognition or identification activity.

[1] H. Gardner. The mind's new science: a history of the cognitive revolution , 1985 .

[2] Ian Lewis,et al. Proceedings of the SPIE , 2012 .

[3] John J. Salerno,et al. Realizing situation awareness within a cyber environment , 2006, SPIE Defense + Commercial Sensing.

[4] Andrew McCallum,et al. Piecewise training for structured prediction , 2009, Machine Learning.

[5] Daniel E. Geer,et al. Information Security: Why the Future Belongs to the Quants , 2003, IEEE Secur. Priv..

[6] P. Johnson-Laird. How We Reason , 2006 .