A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights

A Survey on Cyber Situation-awareness Systems: Framework, Techniques, and Insights

연구 분야: Strategies

학회: ACM Computing Surveys, Volume 55, Issue 5

Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats that are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system needs to be developed that has the ability of monitoring and capturing various types of threats, analyzing, and devising a plan to avoid further attacks. This article provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, analysis of the techniques, and evaluation methods. Last, we highlight misconceptions, insights, and limitations of this study and suggest some future work directions to address the limitations.