Situational Awareness in Computer Network Defense: Principles, Methods and Applications

Worldwide computer crimes cost organizations and governments billions of dollars each year. In response, organizations use a plethora of heterogeneous security devices and software such as firewalls, Intrusion Detection Systems (IDS), and Security Information and Event Management (SIEM) to monitor networks in conjunction with Computer Security Incident Response Teams (CSIRT) that are responsible for ensuring availability, integrity, and confidentiality of network services.Situational Awareness in Computer Network Defense: Principles, Methods and Applications provides academia and organizations insights into practical and applied solutions, frameworks, technologies, and implementations for situational awareness in computer networks. This book presents situational awareness solutions in Computer Network Defense (CND) currently being researched or deployed. The key objective is to fill a gap that exists in the way CND and security are being approached by formalizing the use of situational awareness in computer network security and defense.

[1]  R. Hertwig,et al.  Decisions from Experience and the Effect of Rare Events in Risky Choice , 2004, Psychological science.

[2]  A. Tversky Features of Similarity , 1977 .

[3]  Bruce Schneier,et al.  Toward a secure system engineering methodolgy , 1998, NSPW '98.

[4]  P. Johnson-Laird How We Reason , 2006 .

[5]  Cleotilde Gonzalez,et al.  Cyber Situation Awareness: Modeling the Security Analyst in a Cyber-Attack Scenario through Instance-Based Learning , 2011, DBSec.

[6]  A. Ortony,et al.  Similarity and Analogical Reasoning , 1991 .

[7]  C. Lebiere,et al.  The Atomic Components of Thought , 1998 .

[8]  Christian Lebiere,et al.  The Newell Test for a Theory of Mind , 2002 .

[9]  John J. Salerno,et al.  Realizing situation awareness within a cyber environment , 2006, SPIE Defense + Commercial Sensing.

[10]  Cleotilde Gonzalez,et al.  Modeling a robotics operator manager in a tactical battlefield , 2011, 2011 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA).

[11]  Mica R. Endsley,et al.  Toward a Theory of Situation Awareness in Dynamic Systems , 1995, Hum. Factors.

[12]  Xinming Ou,et al.  Uncertainty and Risk Management in Cyber Situational Awareness , 2010, Cyber Situational Awareness.

[13]  Cleotilde Gonzalez,et al.  Instance-based learning in dynamic decision making , 2003, Cogn. Sci..

[14]  R. Shepard The analysis of proximities: Multidimensional scaling with an unknown distance function. II , 1962 .

[15]  Peng Liu,et al.  Using Bayesian networks for cyber security analysis , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[16]  Cleotilde Gonzalez,et al.  Instance-based Learning Models of Training , 2010 .

[17]  H. Gardner The mind's new science: a history of the cognitive revolution , 1985 .

[18]  John Yen,et al.  R-CAST: Integrating Team Intelligence for Human-Centered Teamwork , 2007, AAAI.

[19]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[20]  John McCumber Assessing and Managing Security Risk in IT Systems: A Structured Methodology , 2004 .