A Cyber Situational Awareness Model for Network Administrators
Abstract
Although there are many well-established cyber security tools and techniques available to network administrators for managing and defining their systems, attackers still succeed in penetrating their systems. Defending these systems confidentiality, integrity, and availability is the responsibility of network administrators; however, protecting these systems becomes more difficult when one considers the volume and velocity of data provided by many of these cyber security tools. Often this data may actually indicate a cyber-attack, but is hard to discern among the bulk of data provided. The purpose of this research is to propose a cyber situational awareness (CSA) model to provide network administrators with better situational awareness of cyber security threats to their systems. This research examines an established situational awareness model and surveys cyber security practices and tools to extend this knowledge to actual cyber situational awareness. This research further develops a model for CSA in three hierarchical levels: configurational awareness, operational awareness, and special conditions awareness. The research concludes that if network administrators manage their systems with awareness of these three levels, they would be able to decrease the amount of unnecessary data and focus on the most important information that can help them better guarantee cyber security of their systems.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 2017
- Accession Number
- AD1045890
Entities
People
- Huseyin Karaarslan
Organizations
- Naval Postgraduate School