C4ISR Host-Based Cyber Situation Awareness

PDF

Authors
  1. Couture, M.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN)
Abstract
With the constant increase in cyber threat sophistication, the protection offered by traditional means (antivirus, …) has constantly decreased over the past 10 years; their efficiency is now ranging between 20% and 30% [1, 2]. Since command and control information systems (C2IS) are operated in hostile environments, this limitation must be addressed, with top priority given to the detection of stealthy malicious activities that can silently compromise military decision capabilities. The proposed research aims to provide operational officers with the host-based situation awareness (H-SA) needed for establishing trust in C2IS. This can be achieved through the use of innovative approaches and techniques to detect anomalies and describe current health states of critical hosts. H-SA will be made available: 1- locally on officers' computer screens in near real-time; 2- remotely through secure network requests; and 3- on-disc for later deep in-laboratory analyses. This research will significantly improve reactive and proactive computer network defence (CND).
Report Number
DRDC-VALCARTIER-SL-2010-381 — Scientific Literature
Date of publication
01 Jun 2010
Number of Pages
20
DSTKIM No
CA035136
CANDIS No
534618
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: