Integrated situational awareness for cyber attack detection, analysis, and mitigation

Yi Cheng, Yalin Sagduyu, Julia Deng, Jason Li, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations


Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

Original languageEnglish (US)
Title of host publicationSensors and Systems for Space Applications V
StatePublished - 2012
EventSensors and Systems for Space Applications V - Baltimore, MD, United States
Duration: Apr 23 2012Apr 24 2012

Publication series

NameProceedings of SPIE - The International Society for Optical Engineering
ISSN (Print)0277-786X


OtherSensors and Systems for Space Applications V
Country/TerritoryUnited States
CityBaltimore, MD

All Science Journal Classification (ASJC) codes

  • Electronic, Optical and Magnetic Materials
  • Condensed Matter Physics
  • Computer Science Applications
  • Applied Mathematics
  • Electrical and Electronic Engineering


Dive into the research topics of 'Integrated situational awareness for cyber attack detection, analysis, and mitigation'. Together they form a unique fingerprint.

Cite this