Skip to main content
SpringerLink
Log in

Toward Robust Models of Cyber Situation Awareness

  • Conference paper
  • First Online:
Advances in Human Factors in Cybersecurity (AHFE 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 782))

Included in the following conference series:

Abstract

Cybersecurity is a rapidly growing worldwide concern that provides a novel, multifaceted problem space for Human Factors researchers. Current models of Cyber Situation Awareness (CSA) have begun to identify the foundational elements with respect to individual analysts. We propose that the CSA models can be augmented to include awareness of end user behaviors and favor knowledge of the cyber threat landscape. In this paper, we present a review of current CSA models and definitions. We then expand upon existing models by considering how they apply at the user level or in the incorporation of diverse and distributed participating agents, such as end-users and adversaries.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Jajodia, S., Peng, L., Vipin, S.: Cyber Situational Awareness. Advances in Information Security (2010). https://doi.org/10.1007/978-1-4419-0140-8

  2. Onwubiko, C., Owens, T.J.: Situational awareness in computer network defense: principles, methods, and applications (2012)

    Google Scholar 

  3. Gutzwiller, R.S., Fugate, S., Sawyer, B.D., Hancock, P.A.: The human factors of cyber network defense. Proc. Hum. Factors Ergon. Soc. Ann. Meeting 59(1), 322–326 (2015)

    Article  Google Scholar 

  4. Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors J. Hum. Factors Ergon. Soc. 37(1), 32–64 (1995). https://doi.org/10.1518/001872095779049543

    Article  Google Scholar 

  5. Onwubiko, C.: Understanding cyber situation awareness. Int. J. Cyber Situat. Aware. (2016). https://doi.org/10.22619/IJCSA

    Article  Google Scholar 

  6. Nofi, A.A.: Defining and measuring shared situational awareness. Center for Naval Analyses, pp. 1–72 (2000)

    Google Scholar 

  7. Tadda, G.P., Salerno, J.S.: Overview of cyber situation awareness. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness, pp. 15–35. Springer, Boston (2010)

    Chapter  Google Scholar 

  8. Barford, P., Dacier, M., Dietterich, T.G., Fredrikson, M., Giffin, J., Jajodia, S., Jha, S., Yen, J.: Cyber SA: situational awareness for cyber defense. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness, pp. 3–13. Springer, Boston (2010)

    Chapter  Google Scholar 

  9. Kokar, M.M., Endsley, M.R.: Situational awareness and cognitive modeling. IEEE Intell. Syst. 27(3), 91–96 (2012). https://doi.org/10.1109/MIS.2012.61

    Article  Google Scholar 

  10. Onwubiko, C.: Functional requirements of situational awareness in computer network security. In: 2009 IEEE International Conference on Intelligence and Security Informatics, pp. 209–213 (2009). https://doi.org/10.1109/isi.2009.5137305

  11. Mees, W., Debatty, T.: An attempt at defining cyber defense situational awareness in the context of command & control. In: International Conference on Military Communications and Information Systems (ICMCIS), pp. 1–9 (2015)

    Google Scholar 

  12. Gutzwiller, R.S., Hunt, S.M., Lange, D.S.: A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts. In: 2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), pp. 14–20 (2016). https://doi.org/10.1109/cogsima.2016.7497780

  13. Mahoney, S., Roth, E., Steinke, K., Pfautz, J., Wu, C., Farry, M.: A cognitive task analysis for cyber situational awareness. Proc. Hum. Factors Ergon. Soc. 1, 279–293 (2010)

    Article  Google Scholar 

  14. D’amico, A., Whitley, K., Tesone, D., O’Brien, B., Roth, E.: Achieving cyber defense situational awareness: a cognitive task analysis of information assurance analysts. Proc. Hum. Factors Ergon. Soc. Ann. Meeting 49(3), 229–233 (2005)

    Article  Google Scholar 

  15. Goodall, J.R., Lutters, W.G., Komlodi, A.: I know my network: collaboration and expertise in intrusion detection. In: Proceedings of the 2004 ACM Conference on Computer Supported Cooperative Work, vol. 6(3), pp. 342–345 (2004)

    Google Scholar 

  16. Champion, M.A., Rajivan, P., Cooke, N.J., Jariwala, S.: Team-based cyber defense analysis. In: 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, pp. 218–212 (2012)

    Google Scholar 

  17. Tyworth, M., Giacobe, N.A., Mancuso, V., Dancy, C.: The distributed nature of cyber situation awareness. In: 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, pp. 174–178 (2012). https://doi.org/10.1109/cogsima.2012.6188375

  18. Tyworth, M., Giacobe, N.A., Mancuso, V.: Cyber situation awareness as distributed socio-cognitive work. In: Cyber Sensing 2012, pp. 1–9 (2012). https://doi.org/10.1117/12.919338

  19. Albanese, M., Cooke, N., Coty, G., Hall, D., Healey, C., Jajodia, S., Subrahmanian, V.S.: Computer-aided human centric cyber situation awareness. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness, pp. 3–25. Springer, Cham (2017)

    Chapter  Google Scholar 

  20. Gonzalez, C., Ben-Asher, N., Morrison, D.: Dynamics of decision making in cyber defense: using multi-agent cognitive modeling to understand CyberWar. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness, pp. 113–127. Springer, Cham (2017)

    Chapter  Google Scholar 

  21. Paul, C., Whitley, K.: A taxonomy of cyber awareness questions for the user-centered design of cyber situation awareness. In: Marinos, L., Askoxylakis, I. (eds.) HAS/HCII 2013. Lecture Notes in Computer Science, pp. 145–154. Springer, Heidelberg (2013)

    Google Scholar 

  22. Artman, H.: Team situation assessment and information distribution. Ergonomics 43(8), 1111–1128 (2000)

    Article  Google Scholar 

  23. Bolstad, C.A., Cuevas, H., González, C., Schneider, M.: Modeling shared situation awareness. In: Proceedings of the 14th Conference on Behavior Representation in Modeling and Simulation (BRIMS), Los Angeles, CA, pp. 1–8 (2005)

    Google Scholar 

  24. McNeese, M.D., Hall, D.L.: The cognitive sciences of cyber-security: a framework for advancing socio-cyber systems. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness, pp. 173–202. Springer, Cham (2017)

    Chapter  Google Scholar 

  25. Paul, C.L.: Human-centered study of a network operations center: experience report and lessons learned. In: Proceedings of the 2014 ACM Workshop on Security Information Workers, pp. 39–42 (2014)

    Google Scholar 

  26. Harknett, R.J., Stever, J.A.: The cybersecurity triad: Government, private sector partners, and the engaged cybersecurity citizen. J. Homel. Secur. Emerg. Manage. 6(1), 1–14 (2009)

    Google Scholar 

  27. Sun, X., Dai, J., Singhal, A., Liu, P.: Enterprise-level cyber situation awareness. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness, pp. 66–109. Springer, Cham (2017)

    Chapter  Google Scholar 

  28. Gordon, L.A., Loeb, M.P., Lucyshyn, W., Zhou, L.: The impact of information sharing on cybersecurity underinvestment: a real options perspective. J. Account. Public Policy 34(5), 509–519 (2015)

    Article  Google Scholar 

  29. Shackleford, D.: The SANS state of cyber threat intelligence survey: CTI important and maturing. SANS Institute, pp. 1–24 (2016)

    Google Scholar 

  30. Dutt, V., Ahn, Y., Gonzalez, C.: Cyber situation awareness: modeling detection of cyberattacks with instance-based learning theory. Hum. Factors 55(3), 605–618 (2013)

    Article  Google Scholar 

  31. Albrechtsen, E., Hovden, J.: The information security digital divide between information security managers and users. Comput. Secur. 28(6), 476–490 (2009)

    Article  Google Scholar 

  32. Furnell, S., Tsaganidi, V., Phippen, A.: Security beliefs and barriers for novice Internet users. Comput. Secur. 27(7), 235–240 (2008)

    Article  Google Scholar 

  33. Julisch, K.: Understanding and overcoming cyber security anti-patterns. Comput. Netw. 57(10), 2206–2211 (2013)

    Article  Google Scholar 

  34. Choo, K.K.R.: The cyber threat landscape: challenges and future research directions. Comput. Secur. 30(8), 719–731 (2011)

    Article  Google Scholar 

  35. West, R., Mayhorn, C., Hardee, J., Mendel, J.: The weakest link: a psychological perspective on why users make poor security decisions. In: Social and Human Elements of Information Security: Emerging Trends and Countermeasures, pp. 43–60. Information Science Reference/IGI Global, Hershey (2009). https://doi.org/10.4018/978-1-60566-036-3.ch004

  36. Strayer, W.T., Walsh, R., Livadas, C., Lapsley, D.: Detecting botnets with tight command and control. In: Proceedings 2006 31st IEEE Conference on Local Computer Networks, pp. 195–202. IEEE (2006)

    Google Scholar 

  37. Denning, P.J., Denning, D.E.: Cybersecurity is harder than building bridges. Am. Sci. 104(3), 154 (2016)

    Google Scholar 

  38. Krol, K., Moroz, M., Sasse, M.A.: Don’t work. Can’t work? Why it’s time to rethink security warnings. In: 2012 7th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1–8. IEEE (2012)

    Google Scholar 

  39. Baroudi, J.J., Olson, M.H., Ives, B.: An empirical study of the impact of user involvement on system usage and information satisfaction. Commun. ACM 29(3), 232–238 (1986)

    Article  Google Scholar 

  40. Sheppard, B., Crannell, M., Moulton, J.: Cyber first aid: proactive risk management and decision-making. Environ. Syst. Decis. 33(4), 530–535 (2013)

    Article  Google Scholar 

  41. Crandall, B., Klein, G., Hoffman, R.R.: Working Minds: A Practitioner’s Guide to Cognitive Task Analysis. The MIT Press, Cambridge (2006)

    Google Scholar 

  42. Shaw, R.S., Chen, C.C., Harris, A.L., Huang, H.J.: The impact of information richness on information security awareness training effectiveness. Comput. Educ. 52(1), 92–100 (2009)

    Article  Google Scholar 

  43. LaRose, R., Rifon, N.J., Enbody, R.: Promoting personal responsibility for internet safety. Commun. ACM 51(3), 71–76 (2008)

    Article  Google Scholar 

  44. Etzioni, A.: Cybersecurity in the private sector. Issues Sci. Technol. 28(1), 58–62 (2011)

    Google Scholar 

  45. Rajivan, P., Cooke, N.: Impact of team collaboration on cybersecurity situational awareness. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness, pp. 203–226. Springer, Cham (2017)

    Chapter  Google Scholar 

Download references

Acknowledgments

This material is based upon work supported by the National Science Foundation under Grant No. (1553018). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

Author information

Authors and Affiliations

  1. San José State University, One Washington Square, San Jose, 95192, USA

    Ian A. Cooke, Alexander Scott, Kasia Sliwinska, Novia Wong, Soham V. Shah, Jihun Liu & David Schuster

Authors
  1. Ian A. Cooke
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexander Scott
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kasia Sliwinska
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Novia Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Soham V. Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jihun Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. David Schuster
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ian A. Cooke .

Editor information

Editors and Affiliations

  1. University of Central Florida, Orlando, Florida, USA

    Tareq Z. Ahram

  2. Soar Technology Inc., Orlando, Florida, USA

    Denise Nicholson

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cooke, I.A. et al. (2019). Toward Robust Models of Cyber Situation Awareness. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_13

Download citation

Publish with us

Policies and ethics

Search

Navigation