Design Considerations for a Case-Based Reasoning Engine for Scenario-Based Cyber Incident Notification

Abstract

Virtually all modern organizations have embedded information systems into their core business processes as a means to increase operational efficiency, improve decision making quality, and minimize costs. Unfortunately, this dependence can place an organization's mission at risk if the confidentiality,integrity, or availability of a critical information resource has been lost or degraded. Within the military, this type of incident could ultimately result in serious consequences including physical destruction and loss of life. To reduce the likelihood of this outcome, personnel must be informed about cyber incidents, and their potential consequences, in a timely and relevant manner so that appropriate contingency actions can be taken. In this paper we identify criteria for improving the relevance of incident notification, propose the use of case-based reasoning (CBR) for contingency decision support, and identify key design considerations for implementing a CBR system used to deliver relevant notification following a cyber incident.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2011
Accession Number
ADA546720

Entities

People

  • Michael R. Grimaila
  • Michael W. Haas
  • Robert F. Mills
  • Stephen M. Woskov

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Counter WMD
  • Cyber

DTIC Thesaurus Topics

  • Acquisition
  • Air Force
  • Artificial Intelligence
  • Availability
  • Commerce
  • Decision Support Systems
  • Expert Systems
  • Information Science
  • Information Systems
  • Lessons Learned
  • Military Operations
  • Network Protocols
  • Personnel Management
  • Reasoning
  • United States

Readers

  • Cybersecurity.
  • Systems Analysis and Design
  • Team-Based Human-Centered Cognitive Task Decision Making and Information Performance.

Technology Areas

  • Cyber