The JDL model of data fusion applied to cyber-defence — A review paper

Abstract

In the ever growing literature on countering the cyber threat, the so-called JDL model of data fusion, well established in the information fusion community, has been applied to characterize the inner structure of problems within cyber defence and their mutual relationship. The overarching goal is to provide contributions to comprehensive cyber situational awareness by producing timely situation pictures. Cyber situational awareness, however, is prerequisite to taking appropriate actions, i.e. for “defence”. In this review paper, we provide an overview of what has been proposed in this context by various authors and collect basic insights published in the open literature. By doing so, we wish to provide an overview of the current discussion which reflects our own apprehension and prioritization. Moreover, we stress our opinion where relevant research questions are to be expected.