A decision support model for situational awareness in National Cyber Operations Centers

Abstract

Advances in situational awareness technology have led to the creation of increasingly sophisticated tools across different application domains, often involving non-textual, highly dimensional, and multimedia data. Automated tools aim to address a number of situational awareness challenges, such as complex system topology, rapidly changing technologies, high noise to signal ratio, and multi-faceted threats. These factors make real-time situational awareness of cyber operations for the National Cyber Operations Centers very difficult to achieve. Appropriate data analysis techniques, in combination with modern anomaly detection output data and user knowledge, may provide solutions in real-time that could replace human input for many situational awareness analysis tasks.