A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights
Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) syste...
Gespeichert in:
| Veröffentlicht in: | ACM computing surveys 2022-12, Vol.55 (5), p.1-37, Article 107 |
|---|---|
| Hauptverfasser: | , , , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 37 |
|---|---|
| container_issue | 5 |
| container_start_page | 1 |
| container_title | ACM computing surveys |
| container_volume | 55 |
| creator | Alavizadeh, Hooman Jang-Jaccard, Julian Enoch, Simon Yusuf Al-Sahaf, Harith Welch, Ian Camtepe, Seyit A. Kim, Dan Dongseong |
| description | Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system needs to be developed that has the ability of monitoring and capturing various types of threats, analyzing, and devising a plan to avoid further attacks. This article provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, analysis of the techniques, and evaluation methods. Last, we highlight misconceptions, insights, and limitations of this study and suggest some future work directions to address the limitations. |
| doi_str_mv | 10.1145/3530809 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2817774651</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2817774651</sourcerecordid><originalsourceid>FETCH-LOGICAL-a272t-810d8bea627b733a24dd7309674a827e586056aeb098c4329eda54b180ea4e553</originalsourceid><addsrcrecordid>eNo90E1Lw0AQBuBFFKxVvHta8OCl0dmv7NZbKVYLBcHWc5gkU5tqkrqbWPLvbWn1NId5eGd4GbsWcC-ENg_KKHAwPGE9YYyNrNLilPVAxRCBAjhnFyGsAUBqEffY24jPW_9DHa8rPu5S8nxeNC02RV1FuEVPFYXA511oqAyPfOKxpG3tPwd8QdmqKr5bCgOOVc6nVSg-Vk24ZGdL_Ap0dZx99j55Woxfotnr83Q8mkUorWwiJyB3KWEsbWqVQqnz3CoYxlajk5aMi8HESCkMXaaVHFKORqfCAaEmY1Sf3R5yN77ef9Ek67r11e5kIp2w1urYiJ26O6jM1yF4WiYbX5Tou0RAsi8sORa2kzcHiVn5j_6Wv33wY6I</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2817774651</pqid></control><display><type>article</type><title>A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights</title><source>ACM Digital Library Complete</source><creator>Alavizadeh, Hooman ; Jang-Jaccard, Julian ; Enoch, Simon Yusuf ; Al-Sahaf, Harith ; Welch, Ian ; Camtepe, Seyit A. ; Kim, Dan Dongseong</creator><creatorcontrib>Alavizadeh, Hooman ; Jang-Jaccard, Julian ; Enoch, Simon Yusuf ; Al-Sahaf, Harith ; Welch, Ian ; Camtepe, Seyit A. ; Kim, Dan Dongseong</creatorcontrib><description>Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system needs to be developed that has the ability of monitoring and capturing various types of threats, analyzing, and devising a plan to avoid further attacks. This article provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, analysis of the techniques, and evaluation methods. Last, we highlight misconceptions, insights, and limitations of this study and suggest some future work directions to address the limitations.</description><identifier>ISSN: 0360-0300</identifier><identifier>EISSN: 1557-7341</identifier><identifier>DOI: 10.1145/3530809</identifier><language>eng</language><publisher>New York, NY: ACM</publisher><subject>Computer science ; Cybersecurity ; Intrusion detection systems ; Network security ; Security and privacy ; Situational awareness ; Threat evaluation</subject><ispartof>ACM computing surveys, 2022-12, Vol.55 (5), p.1-37, Article 107</ispartof><rights>Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from</rights><rights>Copyright Association for Computing Machinery May 2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-a272t-810d8bea627b733a24dd7309674a827e586056aeb098c4329eda54b180ea4e553</citedby><cites>FETCH-LOGICAL-a272t-810d8bea627b733a24dd7309674a827e586056aeb098c4329eda54b180ea4e553</cites><orcidid>0000-0001-6353-8359 ; 0000-0002-0970-3621 ; 0000-0002-1002-057X ; 0000-0003-4633-6135 ; 0000-0002-5968-182X ; 0000-0003-2605-187X ; 0000-0002-0033-6706</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://dl.acm.org/doi/pdf/10.1145/3530809$$EPDF$$P50$$Gacm$$H</linktopdf><link.rule.ids>314,777,781,2276,27905,27906,40177,75977</link.rule.ids></links><search><creatorcontrib>Alavizadeh, Hooman</creatorcontrib><creatorcontrib>Jang-Jaccard, Julian</creatorcontrib><creatorcontrib>Enoch, Simon Yusuf</creatorcontrib><creatorcontrib>Al-Sahaf, Harith</creatorcontrib><creatorcontrib>Welch, Ian</creatorcontrib><creatorcontrib>Camtepe, Seyit A.</creatorcontrib><creatorcontrib>Kim, Dan Dongseong</creatorcontrib><title>A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights</title><title>ACM computing surveys</title><addtitle>ACM CSUR</addtitle><description>Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system needs to be developed that has the ability of monitoring and capturing various types of threats, analyzing, and devising a plan to avoid further attacks. This article provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, analysis of the techniques, and evaluation methods. Last, we highlight misconceptions, insights, and limitations of this study and suggest some future work directions to address the limitations.</description><subject>Computer science</subject><subject>Cybersecurity</subject><subject>Intrusion detection systems</subject><subject>Network security</subject><subject>Security and privacy</subject><subject>Situational awareness</subject><subject>Threat evaluation</subject><issn>0360-0300</issn><issn>1557-7341</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNo90E1Lw0AQBuBFFKxVvHta8OCl0dmv7NZbKVYLBcHWc5gkU5tqkrqbWPLvbWn1NId5eGd4GbsWcC-ENg_KKHAwPGE9YYyNrNLilPVAxRCBAjhnFyGsAUBqEffY24jPW_9DHa8rPu5S8nxeNC02RV1FuEVPFYXA511oqAyPfOKxpG3tPwd8QdmqKr5bCgOOVc6nVSg-Vk24ZGdL_Ap0dZx99j55Woxfotnr83Q8mkUorWwiJyB3KWEsbWqVQqnz3CoYxlajk5aMi8HESCkMXaaVHFKORqfCAaEmY1Sf3R5yN77ef9Ek67r11e5kIp2w1urYiJ26O6jM1yF4WiYbX5Tou0RAsi8sORa2kzcHiVn5j_6Wv33wY6I</recordid><startdate>20221203</startdate><enddate>20221203</enddate><creator>Alavizadeh, Hooman</creator><creator>Jang-Jaccard, Julian</creator><creator>Enoch, Simon Yusuf</creator><creator>Al-Sahaf, Harith</creator><creator>Welch, Ian</creator><creator>Camtepe, Seyit A.</creator><creator>Kim, Dan Dongseong</creator><general>ACM</general><general>Association for Computing Machinery</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0001-6353-8359</orcidid><orcidid>https://orcid.org/0000-0002-0970-3621</orcidid><orcidid>https://orcid.org/0000-0002-1002-057X</orcidid><orcidid>https://orcid.org/0000-0003-4633-6135</orcidid><orcidid>https://orcid.org/0000-0002-5968-182X</orcidid><orcidid>https://orcid.org/0000-0003-2605-187X</orcidid><orcidid>https://orcid.org/0000-0002-0033-6706</orcidid></search><sort><creationdate>20221203</creationdate><title>A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights</title><author>Alavizadeh, Hooman ; Jang-Jaccard, Julian ; Enoch, Simon Yusuf ; Al-Sahaf, Harith ; Welch, Ian ; Camtepe, Seyit A. ; Kim, Dan Dongseong</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a272t-810d8bea627b733a24dd7309674a827e586056aeb098c4329eda54b180ea4e553</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Computer science</topic><topic>Cybersecurity</topic><topic>Intrusion detection systems</topic><topic>Network security</topic><topic>Security and privacy</topic><topic>Situational awareness</topic><topic>Threat evaluation</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Alavizadeh, Hooman</creatorcontrib><creatorcontrib>Jang-Jaccard, Julian</creatorcontrib><creatorcontrib>Enoch, Simon Yusuf</creatorcontrib><creatorcontrib>Al-Sahaf, Harith</creatorcontrib><creatorcontrib>Welch, Ian</creatorcontrib><creatorcontrib>Camtepe, Seyit A.</creatorcontrib><creatorcontrib>Kim, Dan Dongseong</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>ACM computing surveys</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Alavizadeh, Hooman</au><au>Jang-Jaccard, Julian</au><au>Enoch, Simon Yusuf</au><au>Al-Sahaf, Harith</au><au>Welch, Ian</au><au>Camtepe, Seyit A.</au><au>Kim, Dan Dongseong</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights</atitle><jtitle>ACM computing surveys</jtitle><stitle>ACM CSUR</stitle><date>2022-12-03</date><risdate>2022</risdate><volume>55</volume><issue>5</issue><spage>1</spage><epage>37</epage><pages>1-37</pages><artnum>107</artnum><issn>0360-0300</issn><eissn>1557-7341</eissn><abstract>Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system needs to be developed that has the ability of monitoring and capturing various types of threats, analyzing, and devising a plan to avoid further attacks. This article provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, analysis of the techniques, and evaluation methods. Last, we highlight misconceptions, insights, and limitations of this study and suggest some future work directions to address the limitations.</abstract><cop>New York, NY</cop><pub>ACM</pub><doi>10.1145/3530809</doi><tpages>37</tpages><orcidid>https://orcid.org/0000-0001-6353-8359</orcidid><orcidid>https://orcid.org/0000-0002-0970-3621</orcidid><orcidid>https://orcid.org/0000-0002-1002-057X</orcidid><orcidid>https://orcid.org/0000-0003-4633-6135</orcidid><orcidid>https://orcid.org/0000-0002-5968-182X</orcidid><orcidid>https://orcid.org/0000-0003-2605-187X</orcidid><orcidid>https://orcid.org/0000-0002-0033-6706</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0360-0300 |
| ispartof | ACM computing surveys, 2022-12, Vol.55 (5), p.1-37, Article 107 |
| issn | 0360-0300 1557-7341 |
| language | eng |
| recordid | cdi_proquest_journals_2817774651 |
| source | ACM Digital Library Complete |
| subjects | Computer science Cybersecurity Intrusion detection systems Network security Security and privacy Situational awareness Threat evaluation |
| title | A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-18T12%3A41%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Survey%20on%20Cyber%20Situation-awareness%20Systems:%20Framework,%20Techniques,%20and%20Insights&rft.jtitle=ACM%20computing%20surveys&rft.au=Alavizadeh,%20Hooman&rft.date=2022-12-03&rft.volume=55&rft.issue=5&rft.spage=1&rft.epage=37&rft.pages=1-37&rft.artnum=107&rft.issn=0360-0300&rft.eissn=1557-7341&rft_id=info:doi/10.1145/3530809&rft_dat=%3Cproquest_cross%3E2817774651%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2817774651&rft_id=info:pmid/&rfr_iscdi=true |