Toward Real-time Network-wide Cyber Situational Awareness
| Authors | |
|---|---|
| Year of publication | 2018 |
| Type | Article in Proceedings |
| Conference | NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium |
| MU Faculty or unit | |
| Citation | |
| Web | https://ieeexplore.ieee.org/abstract/document/8406166/ |
| Doi | http://dx.doi.org/10.1109/NOMS.2018.8406166 |
| Keywords | cyber; situation awareness; real-time; Stream4Flow |
| Attached files | |
| Description | In today's complex computer networks, we are constantly facing a risk of data loss, system compromise, or intellectual property theft. The complexity of the networks hinders their effective defense. A Network-wide Cyber Situational Awareness (NwCSA) has been introduced to assist a network security administrator with network security. The concept, however, faces several challenges that hinder an efficient application of the NwCSA in a real-world environment. The challenges include the overload of raw data, low speed of reaction, and a lack of context and unified view on a network. In this paper, we present a novel framework that faces above mentioned challenges. The framework leverages a distributed data stream processing system and methods for real-time big data processing. The framework is evaluated with respect to stated requirements on systems for NwCSA. Moreover, we present a prototype framework implementation and provide lessons learned from its real-world deployment. |
| Related projects: |