Abstract
As the Foundations and Challenges chapter explained, the second level of SA is called comprehension and deals with determining the significance and relations of various elements of the situation to other elements and to the overall goals of the network. It is also often called situation understanding and involves the “so what” of the information that has been perceived. Previous chapters of this book have not focused on this level of SA. Therefore, this chapter elaborates specifically on the comprehension level of CSA. The chapter explains that an effective way to comprehend significant relations between the disparate elements of the situation is to concentrate on how these elements impact the mission of the network. This involves asking and answering questions of how various suspected attacks relate to each other, how they relate to remaining capabilities of the network’s components, and how the resulting disruptions or degradation of services impact elements of the mission and the mission’s overall goals.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Argauer, B., and Yang, S. J. “VTAC: Virtual terrain assisted impact assessment for cyber attacks,” in Proceedings of SPIE, Defense and Security Symposium, March 2008.
Bass, T. “Intrusion detection systems and multisensor data fusion,” Communications of the ACM, vol. 43, no. 4, Apr. 2000.
D’Amico, A., Buchanan, L., and Goodall, J. “Mission Impact of Cyber Events: Scenarios and Ontology to Express the Relationships between Cyber Assets, Missions, and Users,” in Proceedings of 5th International Conference on Information Warfare and Security, April 8–9 2010, Wright-Patterson Air Force Base, OH.
Enterasys – Products – Advanced Security Applications. http://www.enterasys.com/products/advanced-security-apps/index.aspx,2013
Grimalia, M. R. et al. “Improving the cyber incident mission impact assessment (CIMIA) process”, Proceedings of the 4th annual workshop on Cyber security and information intelligence research. 2008.
Holsopple, J., and Yang, S. J. “FuSIA: Future Situation and Impact Awareness,” in Proceedings of the 11th ISIF/IEEE International Conference on Information Fusion, Cologne, Germany, July 1–3, 2008.
Holsopple, J., Yang, S. J. “Designing a data fusion system using a top-down approach”, in Proceedings of Military Communications Conference. Boston, MA. Oct 2009.
Holsopple, J., Yang, S. J. “Handling temporal and function changes for mission impact assessment”, in Proceedings of Cognitive Methods in Situation Awareness and Decision Support. San Diego, CA. Feb 2013.
Holsopple, J., Argauer, B., and Yang, S. J. “Virtual terrain: A security based representation of a computer network,” in Proceedings of SPIE, Defense and Security Symposium, March 2008.
HP Network Management Center. http://www.hpenterprisesecurity.com/, 2013.
Jakobsen, G. “Mission cyber security situation assessment using impact dependency graphs”, in Proceedings of the 14th International Conference on Information Fusion, July 2011.
Ning, P., Cui, Y., and Reeves, D. “Analyzing intensive intrusion alerts via correlation,” in Proceedings of the 9th ACM Conference on Computer & Communications Security, 2002.
Noel, S., Robertson, E., and Jajodia, S. “Correlating intrusion events and building attack scenarios through attack graph distances,” in Proceedings of ACSAC, December 2004.
Phillips, C., and Swiler, L. P. “A graph-based system for network vulnerability analysis,” in Proceedings of the 1998 workshop on New security paradigms. New York, NY, USA: ACM Press, 1998, pp. 71–79.
Salerno, J. “Measuring situation assessment performance through the activities of interest score,” in Proceedings of the 11th International Conference on Information Fusion, July 2008.
Snort. http://www.snort.org, 2013
Sudit, M., Stotz, A., and Holender, M. “Situational awareness of a coordinated cyber attack,” in Proceedings of International Data Fusion Conference, Quebec City, Quebec, CA, July 2007.
Valdes, A., and Skinner, K. “Probabilistic alert correlation,” in Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection (RAID), vol.2212, pp.54–68, 2001.
Vidalis, S., Jones, A. et al. “Using vulnerability trees for decision making in threat assessment”. Technical report. University at Glamorgan, Wales, UK. 2003.
Yager, R. R. Generalized OWA Aggregation Operators, Fuzzy Optimization and Decision Making, 2:93–107, 2004.
Yang, S. J., Stotz, A., Holsopple, J., Sudit, M., and Kuhl, M. “High Level Information Fusion for Tracking and Projection of Multistage Cyber Attacks,” Elsevier International Journal on Information Fusion, Special Issue on High-level Information Fusion and Situation Awareness, 10(1):107–121, 2009.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Holsopple, J., Sudit, M., Yang, S.J. (2014). Impact Assessment. In: Kott, A., Wang, C., Erbacher, R. (eds) Cyber Defense and Situational Awareness. Advances in Information Security, vol 62. Springer, Cham. https://doi.org/10.1007/978-3-319-11391-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-11391-3_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11390-6
Online ISBN: 978-3-319-11391-3
eBook Packages: Computer ScienceComputer Science (R0)