1 - 3 of 3
ItemReducing Complex Visualizations for Analysis( 2017-01-04)Data visualization provides a means to present known information in a format that is easily consumable and does not generally require specialized training. It is also well-suited to aid an analyst in discovering previously unknown information . This is possible because visualization techniques can be used to highlight internal relationships and structures within the data, and present them in a graphical manner. Using visualization during the preliminary analysis phase can provide a pathway to enable an analyst to discover patterns or anomalies within the data that might otherwise go undiscovered as humans have an innate ability to visually identify patterns and anomalies. \ \ Even when an analyst has identified a pattern or anomaly within the data, creating an algorithm that allows for automated detection of other occurrences of the same, or similar, patterns is a non-trivial task. While humans are innately skilled at pattern recognition, computers are not, and patterns that might be obvious for a human to identify might be difficult for a computer to detect even when assisted by a skilled analyst . This paper describes a method of taking a complex visualization, and reducing it into several smaller components in order to facilitate computer analysis of the analyst-identified patterns or anomalies in the data. From there, a detection scheme can be generated through an analyst-supervised data analysis process in order to find more occurrences in a larger dataset.
ItemAsset Criticality in Mission Reconfigurable Cyber Systems and its Contribution to Key Cyber Terrain( 2017-01-04)The concept of a common operational picture has been utilized by the military for situational awareness in warfare domains for many years. With the emergence of cyberspace as a domain, there is a necessity to develop doctrine and tools to enable situational awareness for key-decision makers. Our study analyzes key elements that define cyber situational awareness to develop a methodology to identify assets within key cyber terrain, thus enabling situational awareness at the tactical level. For the purposes of this work, we treat critical assets to be key cyber terrain, given that no formal study has determined differences between asset criticality and key cyber terrain. Mission- and operationally- based questions are investigated to identify critical assets with the TOPSIS methodology. Results show that the ICS system can be evaluated using TOPSIS to identify critical assets contributing to key cyber terrain, enabling further research into other interconnected systems.