Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness

Roumen Daton Medenou Choumanof, Salvador Llopis Sanchez, Victor Manuel Calzado Mayo, Miriam Garcia Balufo, Miguel Páramo Castrillo, Francisco José González Garrido, Alvaro Luis Martinez, David Nevado Catalán, Ao Hu, David Sandoval Rodríguez-Bermejo, Gerardo Ramis Pasqual de Riquelme, Marco Antonio Sotelo Monge, Antonio Berardi, Paolo De Santis, Francesco Torelli, Jorge Maestre Vidal

Producción científica: Contribución a una revistaArtículo (Contribución a Revista)revisión exhaustiva


The digital transformation of the defence sector is not exempt from innovative requirements and challenges, with the lack of availability of reliable, unbiased and consistent data for training automatisms (machine learning algorithms, decision-making, what-if recreation of operational conditions, support the human understanding of the hybrid operational picture, personnel training/education, etc.) being one of the most relevant gaps. In the context of cyber defence, the state-of-the-art provides a plethora of data network collections that tend to lack presenting the information of all communication layers (physical to application). They are synthetically generated in scenarios far from the singularities of cyber defence operations. None of these data network collections took into consideration usage profiles and specific environments directly related to acquiring a cyber situational awareness, typically missing the relationship between incidents registered at the hardware/software level and their impact on the military mission assets and objectives, which consequently bypasses the entire chain of dependencies between strategic, operational, tactical and technical domains. In order to contribute to the mitigation of these gaps, this paper introduces CYSAS-S3, a novel dataset designed and created as a result of a joint research action that explores the principal needs for datasets by cyber defence centres, resulting in the generation of a collection of samples that correlate the impact of selected Advanced Persistent Threats (APT) with each phase of their cyber kill chain, regarding mission-level operations and goals.
Idioma originalInglés
Número de artículo14
Páginas (desde-hasta)5104
Número de páginas1
PublicaciónSensors (Basel, Switzerland)
EstadoPublicada - 7 jul. 2022
Publicado de forma externa

Palabras Clave

  • advanced persistent threats
  • cyber defence
  • cyber situational awareness
  • dataset
  • decision-making


Profundice en los temas de investigación de 'Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness'. En conjunto forman una huella única.

Citar esto