An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness

Roman Graf; Sergiu Gordea; Heather M. Ryan; Tibaut Houzanme

doi:10.5220/0005738303470354

An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness

Roman Graf, Sergiu Gordea, Heather M. Ryan, Tibaut Houzanme

2016

Abstract

Advances in cyber situational awareness technology lead to the creation of increasingly complex tools. Human analysts face challenges finding relevant information in large, complex data sets, when exploring data to discover patterns and insights. To be effective in identifying and defeating future cyber-attacks, cyber analysts require novel tools and models that can fill the gap between cyber data and situation comprehension. The research presented here is designed to develop a system that will warn a cyber analyst of file format endangerment that could impact cyber situational awareness. The expert system statistically determines an institutional risk profile based on collected expert knowledge in the form of risk profiles calculated by means of risk factors. The institutional risk profile indicates risks that could endanger digital content employed in analysis of cyber situational awareness. Based on the institutional risk profile, a cyber analyst can implement measures for stabilising and securing situational awareness. Each institution may have multiple risk profile definitions dependent on network, critical infrastructure, and the role of the cyber analyst. Another contribution relates to the provided support for visualisation and analysis of risk factors for individual dimensions. To facilitate decision-making, the aggregated information about the risk factors is presented as a multidimensional vector.

Download

Paper Citation

in Harvard Style

Graf R., Gordea S., Ryan H. and Houzanme T. (2016). An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 347-354. DOI: 10.5220/0005738303470354

in Bibtex Style

@conference{icissp16,
author={Roman Graf and Sergiu Gordea and Heather M. Ryan and Tibaut Houzanme},
title={An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={347-354},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005738303470354},
isbn={978-989-758-167-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness
SN - 978-989-758-167-0
AU - Graf R.
AU - Gordea S.
AU - Ryan H.
AU - Houzanme T.
PY - 2016
SP - 347
EP - 354
DO - 10.5220/0005738303470354