An Infrastructure for Deploying and Testing Comprehensive Cyber Situational Awareness Solutions

Abstract

Major Goals: Under the ARO funded MURI project entitled Computer-Aided Human Centric Cyber Situation Awareness, we at George Mason University developed an integrated Cyber Situation Awareness (CSA) solution to support cyber security analysts and fill the semantic gap between available monitoring data and the analysts mental processes. The comprehensive CSA framework we defined has the capability of automatically answering a number of questions that analysts may ask about current situation, impact and evolution of attacks, behavior of attackers, quality of available information and models, and possible future attacks. With this DURIP award, our goal was to build a computing infrastructure that includes (i) highly available servers for deploying the monitoring systems and the novel components of the framework; (ii) redundant storage to reliably maintain all relevant information and data structures; and (ii) analyst workstations equipped with multiple large displays. This infrastructure was fundamental to demonstrate the feasibility of our approach by allowing the large scale implementation needed to thoroughly vet the proposed framework and direct our research and development towards demonstrating enterprise-wide scalability of our solutions. This infrastructure enabled us to realistically assess the effectiveness and efficiency of our approach and get valuable feedback from analysts. Additionally, it provided our students with the opportunity to gain valuable hands-on experience. Accomplishments: We used the equipment acquired through this grant to build an infrastructure for deploying our CSA framework and test its scalability. While a prototypal implementation of the framework was fundamental to demonstrate the feasibility of our approach, a larger scale implementation was needed to thoroughly vet it and demonstrate scalability of our solution. The infrastructure was configured as depicted in Figure 2.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 16, 2019
Accession Number
AD1079623

Entities

People

  • Kun Sun
  • Massimiliano Albanese
  • Sushil Jajodia

Organizations

  • George Mason University

Tags

DTIC Thesaurus Topics

  • Computer Network Security
  • Computer Security Techniques
  • Computers
  • Cyber Deception
  • Cyber Defense Techniques
  • Cybersecurity
  • Data Centers
  • Detectors
  • Information Security
  • Intelligent Systems
  • Intrusion Detection
  • Intrusion Detectors
  • Mental Processes
  • Moving Target Defense
  • Moving Targets
  • Security
  • Situational Awareness

Fields of Study

  • Computer science

Readers

  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Research Science/Academic Research
  • Systems Analysis and Design

Technology Areas

  • Cyber