Abstract
Situation awareness (SA) issues necessitate a comprehension of present activities, the ability to forecast, what will happen next, and strategies to assess the threat or impact of current internet activities and projections. These SA procedures are universal, domain-independent and can be used to detect cyber intrusions. This study introduces cyber situation awareness (CSA), its origin, conception, aim, and characteristics based on an analysis of function shortages and development requirements. Furthermore, we discussed the CSA research framework and examined the research history, which is the essential aspect, and assessed the present issues of the research as well. The assessment approaches were divided into three methods: mathematics model, knowledge reasoning, and pattern recognition. The study then goes into detail regarding the core idea, assessment procedure, strengths, and weaknesses of novel approaches, and then, it addresses CSA from three perspectives: model, knowledge representation, and assessment methods. Many common approaches are contrasted, and current CSA application research in the realms of security, transmission, survivability, and system evaluation is discussed. Finally, this study summarized the findings of the present from technical and application systems, outlined CSA’s future development directions, and provided adversary activities and information that can be used to improve an organization’s SA operations.
Highlights
Network Situation Assessment MethodNetwork situation assessment refers to in a large-scale network environment based on the level-1 fusion of various network monitoring data and simple processing and based on domain knowledge and historical data, with the help of certain mathematical tools or mathematical models, after analysis and reasoning [48]
Bass was the first to propose the concept of cyber situation awareness (CSA) in 1999 and point out that “based on converged network Situation awareness (SA)” will surely become the development direction of network management [1, 8]. e network situation refers to the operation status of various network equipment and network behavior. e current state and changing trends of the entire network are constituted by factors, such as user behavior [9]
It refers to the acquisition, understanding, evaluation, display, and future development of elements that can cause changes in the network situation in a large-scale network environment trend prediction. e possible concept of action and military requirements as an integral part of data fusion-level 2 fusion is an important part of the decision-making process section [11]. e goal of CSA is to integrate the early theories of attacks and network management in a complex environment with real-time dynamic changes to efficiently organize various information, integrate the existing indicators that indicate network characteristics, display the macro and status of the network, become an administrator to strengthen the network with the ability to understand, and provide decision-making support for high-level commanders
Summary
Network situation assessment refers to in a large-scale network environment based on the level-1 fusion of various network monitoring data and simple processing and based on domain knowledge and historical data, with the help of certain mathematical tools or mathematical models, after analysis and reasoning [48]. To make a reasonable explanation for the current state of the entire network composed of various network resources, network operations, and user behaviors, situation assessment emphasizes the relationship information between the entities and determines the convergence method of situation factors. E evaluation method is the focus of SA and even data fusion It has attracted much attention, and the theoretical research is relatively mature [48].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
