Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness

Roumen Daton Medenou Choumanof; Salvador Llopis Sanchez; Victor Manuel Calzado Mayo; Miriam Garcia Balufo; Miguel Páramo Castrillo; Francisco José González Garrido; Alvaro Luis Martinez; David Nevado Catalán; Ao Hu; David Sandoval Rodríguez-Bermejo; Gerardo Ramis Pasqual de Riquelme; Marco Antonio Sotelo Monge; Antonio Berardi; Paolo De Santis; Francesco Torelli; Jorge Maestre Vidal

doi:10.3390/s22145104

Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness

Roumen Daton Medenou Choumanof, Salvador Llopis Sanchez, Victor Manuel Calzado Mayo, Miriam Garcia Balufo, Miguel Páramo Castrillo, Francisco José González Garrido, Alvaro Luis Martinez, David Nevado Catalán, Ao Hu, David Sandoval Rodríguez-Bermejo, Gerardo Ramis Pasqual de Riquelme, Marco Antonio Sotelo Monge, Antonio Berardi, Paolo De Santis, Francesco Torelli, Jorge Maestre Vidal

Producción científica: Contribución a una revista › Artículo (Contribución a Revista) › revisión exhaustiva

Resumen

The digital transformation of the defence sector is not exempt from innovative requirements and challenges, with the lack of availability of reliable, unbiased and consistent data for training automatisms (machine learning algorithms, decision-making, what-if recreation of operational conditions, support the human understanding of the hybrid operational picture, personnel training/education, etc.) being one of the most relevant gaps. In the context of cyber defence, the state-of-the-art provides a plethora of data network collections that tend to lack presenting the information of all communication layers (physical to application). They are synthetically generated in scenarios far from the singularities of cyber defence operations. None of these data network collections took into consideration usage profiles and specific environments directly related to acquiring a cyber situational awareness, typically missing the relationship between incidents registered at the hardware/software level and their impact on the military mission assets and objectives, which consequently bypasses the entire chain of dependencies between strategic, operational, tactical and technical domains. In order to contribute to the mitigation of these gaps, this paper introduces CYSAS-S3, a novel dataset designed and created as a result of a joint research action that explores the principal needs for datasets by cyber defence centres, resulting in the generation of a collection of samples that correlate the impact of selected Advanced Persistent Threats (APT) with each phase of their cyber kill chain, regarding mission-level operations and goals.

Idioma original	Inglés
Número de artículo	14
Páginas (desde-hasta)	5104
Número de páginas	1
Publicación	Sensors (Basel, Switzerland)
Volumen	22
N.º	14
DOI	https://doi.org/10.3390/s22145104
Estado	Publicada - 7 jul. 2022
Publicado de forma externa	Sí

Palabras Clave

advanced persistent threats
cyber defence
cyber situational awareness
dataset
decision-making

Acceder al documento

10.3390/s22145104

Otros archivos y enlaces

https://www.mendeley.com/catalogue/3b33636f-ac1f-37fb-b7f2-13e01f09558b/

Citar esto

Medenou Choumanof, R. D., Llopis Sanchez, S., Calzado Mayo, V. M., Garcia Balufo, M., Páramo Castrillo, M., González Garrido, F. J., Luis Martinez, A., Nevado Catalán, D., Hu, A., Rodríguez-Bermejo, D. S., Pasqual de Riquelme, G. R., Sotelo Monge, M. A., Berardi, A., De Santis, P., Torelli, F., & Maestre Vidal, J. (2022). Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness. Sensors (Basel, Switzerland), 22(14), 5104. ???articleNumberLabel??? 14. https://doi.org/10.3390/s22145104

@article{a2705ec9148a4ebd8a3be735016ac08b,

title = "Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness",

abstract = "The digital transformation of the defence sector is not exempt from innovative requirements and challenges, with the lack of availability of reliable, unbiased and consistent data for training automatisms (machine learning algorithms, decision-making, what-if recreation of operational conditions, support the human understanding of the hybrid operational picture, personnel training/education, etc.) being one of the most relevant gaps. In the context of cyber defence, the state-of-the-art provides a plethora of data network collections that tend to lack presenting the information of all communication layers (physical to application). They are synthetically generated in scenarios far from the singularities of cyber defence operations. None of these data network collections took into consideration usage profiles and specific environments directly related to acquiring a cyber situational awareness, typically missing the relationship between incidents registered at the hardware/software level and their impact on the military mission assets and objectives, which consequently bypasses the entire chain of dependencies between strategic, operational, tactical and technical domains. In order to contribute to the mitigation of these gaps, this paper introduces CYSAS-S3, a novel dataset designed and created as a result of a joint research action that explores the principal needs for datasets by cyber defence centres, resulting in the generation of a collection of samples that correlate the impact of selected Advanced Persistent Threats (APT) with each phase of their cyber kill chain, regarding mission-level operations and goals.",

keywords = "advanced persistent threats, cyber defence, cyber situational awareness, dataset, decision-making, advanced persistent threats, cyber defence, cyber situational awareness, dataset, decision-making",

author = "{Medenou Choumanof}, {Roumen Daton} and {Llopis Sanchez}, Salvador and {Calzado Mayo}, {Victor Manuel} and {Garcia Balufo}, Miriam and {P{\'a}ramo Castrillo}, Miguel and {Gonz{\'a}lez Garrido}, {Francisco Jos{\'e}} and {Luis Martinez}, Alvaro and {Nevado Catal{\'a}n}, David and Ao Hu and Rodr{\'i}guez-Bermejo, {David Sandoval} and {Pasqual de Riquelme}, {Gerardo Ramis} and {Sotelo Monge}, {Marco Antonio} and Antonio Berardi and {De Santis}, Paolo and Francesco Torelli and {Maestre Vidal}, Jorge",

note = "DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.",

year = "2022",

month = jul,

day = "7",

doi = "10.3390/s22145104",

language = "Ingl{\'e}s",

volume = "22",

pages = "5104",

journal = "Sensors (Basel, Switzerland)",

issn = "1424-8220",

number = "14",

}

Medenou Choumanof, RD, Llopis Sanchez, S, Calzado Mayo, VM, Garcia Balufo, M, Páramo Castrillo, M, González Garrido, FJ, Luis Martinez, A, Nevado Catalán, D, Hu, A, Rodríguez-Bermejo, DS, Pasqual de Riquelme, GR, Sotelo Monge, MA, Berardi, A, De Santis, P, Torelli, F & Maestre Vidal, J 2022, 'Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness', Sensors (Basel, Switzerland), vol. 22, n.º 14, 14, pp. 5104. https://doi.org/10.3390/s22145104

Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness. / Medenou Choumanof, Roumen Daton; Llopis Sanchez, Salvador; Calzado Mayo, Victor Manuel et al.
En: Sensors (Basel, Switzerland), Vol. 22, N.º 14, 14, 07.07.2022, p. 5104.

Producción científica: Contribución a una revista › Artículo (Contribución a Revista) › revisión exhaustiva

TY - JOUR

T1 - Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness

AU - Medenou Choumanof, Roumen Daton

AU - Llopis Sanchez, Salvador

AU - Calzado Mayo, Victor Manuel

AU - Garcia Balufo, Miriam

AU - Páramo Castrillo, Miguel

AU - González Garrido, Francisco José

AU - Luis Martinez, Alvaro

AU - Nevado Catalán, David

AU - Hu, Ao

AU - Rodríguez-Bermejo, David Sandoval

AU - Pasqual de Riquelme, Gerardo Ramis

AU - Sotelo Monge, Marco Antonio

AU - Berardi, Antonio

AU - De Santis, Paolo

AU - Torelli, Francesco

AU - Maestre Vidal, Jorge

N1 - DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.

PY - 2022/7/7

Y1 - 2022/7/7

N2 - The digital transformation of the defence sector is not exempt from innovative requirements and challenges, with the lack of availability of reliable, unbiased and consistent data for training automatisms (machine learning algorithms, decision-making, what-if recreation of operational conditions, support the human understanding of the hybrid operational picture, personnel training/education, etc.) being one of the most relevant gaps. In the context of cyber defence, the state-of-the-art provides a plethora of data network collections that tend to lack presenting the information of all communication layers (physical to application). They are synthetically generated in scenarios far from the singularities of cyber defence operations. None of these data network collections took into consideration usage profiles and specific environments directly related to acquiring a cyber situational awareness, typically missing the relationship between incidents registered at the hardware/software level and their impact on the military mission assets and objectives, which consequently bypasses the entire chain of dependencies between strategic, operational, tactical and technical domains. In order to contribute to the mitigation of these gaps, this paper introduces CYSAS-S3, a novel dataset designed and created as a result of a joint research action that explores the principal needs for datasets by cyber defence centres, resulting in the generation of a collection of samples that correlate the impact of selected Advanced Persistent Threats (APT) with each phase of their cyber kill chain, regarding mission-level operations and goals.

AB - The digital transformation of the defence sector is not exempt from innovative requirements and challenges, with the lack of availability of reliable, unbiased and consistent data for training automatisms (machine learning algorithms, decision-making, what-if recreation of operational conditions, support the human understanding of the hybrid operational picture, personnel training/education, etc.) being one of the most relevant gaps. In the context of cyber defence, the state-of-the-art provides a plethora of data network collections that tend to lack presenting the information of all communication layers (physical to application). They are synthetically generated in scenarios far from the singularities of cyber defence operations. None of these data network collections took into consideration usage profiles and specific environments directly related to acquiring a cyber situational awareness, typically missing the relationship between incidents registered at the hardware/software level and their impact on the military mission assets and objectives, which consequently bypasses the entire chain of dependencies between strategic, operational, tactical and technical domains. In order to contribute to the mitigation of these gaps, this paper introduces CYSAS-S3, a novel dataset designed and created as a result of a joint research action that explores the principal needs for datasets by cyber defence centres, resulting in the generation of a collection of samples that correlate the impact of selected Advanced Persistent Threats (APT) with each phase of their cyber kill chain, regarding mission-level operations and goals.

KW - advanced persistent threats

KW - cyber defence

KW - cyber situational awareness

KW - dataset

KW - decision-making

KW - advanced persistent threats

KW - cyber defence

KW - cyber situational awareness

KW - dataset

KW - decision-making

UR - https://www.mendeley.com/catalogue/3b33636f-ac1f-37fb-b7f2-13e01f09558b/

U2 - 10.3390/s22145104

DO - 10.3390/s22145104

M3 - Artículo (Contribución a Revista)

C2 - 35890786

AN - SCOPUS:85135136960

SN - 1424-8220

VL - 22

SP - 5104

JO - Sensors (Basel, Switzerland)

JF - Sensors (Basel, Switzerland)

IS - 14

M1 - 14

ER -

Introducing the CYSAS-S3 Dataset for Operationalizing a Mission-Oriented Cyber Situational Awareness

Resumen

Palabras Clave

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto