Cyber Senses: Modeling Network Situational Awareness after Biology

Abstract

Biological organisms have a complex and finely-tuned set of systems for detecting and processing information about their environments to inform decision making. These systems vary according to the environment and behaviors of a species, but many themes run throughout. In a similar sense, information technology systems and networks are found in many different contexts, with a wide variety of purposes. And yet there are many commonalities in the information available to them about their environment. In this paper, we propose an analogy of biological senses to enable cyber anomaly detection. An overview of the science of sensory experience is given and used to draw an analogous block diagram for a cyber-sensory architecture. Network traffic is considered as a case study for how these comparisons might hold in a practical sense. Recommendations are then made for future work in this area.