Professional Documents
Culture Documents
FIGURE 1 7
FIGURE II 8
FIGURE III 9
FIGURE IV 9
DIAGRAM I 13
DIAGRAM II 19
1. Web analytics
1.1. Introduction
The new internet age has made it possible for people to simply type and URL address and
instantly a file containing links and information will appear- it is a very simple process. It is
quite intriguing to know there could be millions of other people accessing the same information
and it would be quite interesting to know the exact number of people viewing the information
(Hassler, 2010). Web analytics is an evolution that has inspired innovation in finding important
use for the data captured on websites use (Hausmann, Williams, & Schubert, 2012; Kaushik,
2007). The desire to track web usage triggered the web analytics idea. This was just the
beginning of web analytics and today greater innovations have come up. Web analytics came
into existence in the 90s although it took a decade before web analytics was defined using a
standard measure by the association of web analytics
(http://www.webanalyticsassociation.org). This happened in 2006 and it goes to show the
extensive web analytics scale.
Web analytics could also serve as a complimentary tool to online fraud detection applications
with the objective of enforcing financial compliance. Web analytics could for instance be
utilized in collaboration with online fraud detection applications for the purpose of detecting
money laundering, for compliance and for enforcement purposes. Web analytics could also be
utilized for intelligence and cyber security purposes. This may involve export restrictions, user
profiling and geo location.
The goals of a website can be found in answering the following question: why do websites
exist? Every single website carries with it a unique purpose. For instance, ecommerce websites
are useful for vending products, support websites provide answers to the questions posed by
customers while news websites avail content. Every person owning a website ought to describe
success in accordance to the website objective and often update the goals of that website. The
objectives of websites are critical inputs that assist in the identification of metrics assisting in
the measurement of the channel’s success. Companies use websites as one of their channels in
a multitude of other channels. Websites must be properly accounted for as is with other
expenses in business. There has to be a return on investment. A fundamental evolutionary trend
in recent times is the capacity to evaluate success notwithstanding the purposes of the website.
Previously organizations used to only perform ecommerce but today it is possible to assess the
success rate by examining the company’s ability to drive campaigns through social media,
support websites, the nonprofit making websites or blogs. It is only required that the
organization articulates its business goals accurately
Figure 1
I) It records each visit to the website, not unless the website user terminates the page before
loading of the script. This is contrary to log files whiles which may be upset by the pages
cached in proxy (the provider of network connection). Or visitor’s browser. The cached pages
or user’s browser could send web pages to users without recording log files to the server.
Cached information disappears during evaluation of log files hence minimizing accuracy levels
of information gathered from customers.
II) Crawlers are not read by JavaScript. Crawlers often cause a lot of traffic even though their
information does not demonstrate the behavior of customers. It would be better to exclude
crawlers from the examination process. The task is however time consuming and most crawlers
may not be recognizable.
III) The resources utilized in making an analysis are without the company. This means that the
company is not responsible for processing and recording data using internal mechanisms.
Discussed below is a visualization and description of the manner in which JavaScript tagging
operates.
Figure II
Figure III
Visitors identification could be achieved through user profiles in case logging in will be a
requirement, caching or the IP address. Every one of the methods has setbacks and this needs
to be considered since there will probably not be absolute accuracy and counting of every user
individually may not be possible. User profile could provide absolute accuracy and be the
simplest method as well as monitor every user individually. If the user does not however permit
use of their information for the purposes of web analytics, it will not be possible to use the
information. Precaution must also be observed to ensure passwords are not linked to the
analytical information. When utilising caching, it is probable that users with protect their
profiles from caching hence making information analysis impossible. Last but not least, in
utilising IP address, the issues of privacy may come up and a number of single website users
mat change occasionally as previously discussed.
When utilising log files for the purpose of conducting web analytics, bots and spiders must be
detected and eliminated before conducting data analysis. Failure to do this will result to
distortion of human traces as well as alteration of statistics. Caching is another difficult web
analytics method. JavaScript tagging happens to be the only method for data collection capable
of analysing websites accessed by users in the cached category. Every other page does not have
these website pages therefore resulting into low statistics results. Data volumes subjected to
analysis may also cause another problem. The number of applications capable of handling
gigantic data quantities are limited (Sen, Dacin, & Pattichis, 2006). This is especially so when
data is analysed real time. The attempt to analyse large data quantities from previous use could
cause major problems.
As previously discussed web analytics applications uses many metrics. Have comprehension
of the different metrics and identifying the most appropriate ones to use is often difficult
(Hausmann et al., 2012). It is important also to have an understanding of the manner in which
the metrics were created. The amount of time spent on final page before departing from it may
not be accurately measured. Since incoming information is absent from subsequent servers
many tools only detect departure from a website subsequent to inactivity for a period of not
less than 29 minutes (Kaushik, 2007). Over the past few years web analytics applications
markets have grown considerably. The biggest problem is identification of the most appropriate
tool and understanding the differences in the tools. It is important also to have an understanding
of the website itself over and above comprehending the analytical aspects. This includes the
structure and content of the website (Cooley, 2003; Pietrowicz et al., 2015). The requirement
to have comprehension of the analysis metrics is inherent as well as the generation of important
statistical findings during analysis itself. Most of the analysis processes terminate at the point
where identifying the number of people accessing the website. Proper and comprehensive web
analytics tools must go beyond this and attempt to determine actions required such as
reformulation of websites or gathering using ideas to be used in marketing initiatives
1.6. Conclusion
Besides the environmental changes such as the introduction of fresh products, having
comprehension of the behavior of website users is a primary reason as to why websites are
undergoing reinvention currently (Weischedel & Huizingh, 2006). Previously customers were
often passive in the general ecosystem. The inception and growth of internet has changed this
position fundamentally (Weischedel & Huizingh, 2006). In the present day internet users are
no longer passive but active participants who offer very interesting analysis information. It
therefore becomes important to have an understanding of the manner in which supporting them
can be achieved. The use of web analytics allows entities to have a rare view of the situation
from the perspective of website users themselves (Spiliopoulou & Pohle, 2001). Having
comprehension of the manner in which website users access the website and the path they take
is crucial for development of useful strategies in marketing since it allows companies to project
website visitors’ behavior. The process also makes it possible to maximize the website’s
logical structure (Cooley, 2003). Enhancing communication through websites is crucial to the
objective of satisfying the goals of targeted audience and of the website itself (Norguet,
Zimányi, & Steinberger, 2006).
Web analytics has in the past been used in economic fields. Most of the analytical examination
described in the literature was precisely for commercial sites (Wu, Cheng, Liu, & Liu, 2009).
This notwithstanding there is absolutely good grounds for usage of web analytics in other types
of websites. Some of the areas are easy to determine in the process of examining ecommerce
websites such as the number of successful visits supported by purchase although there are many
more areas that could be used for other websites types. Web analytics has to be understood
only as an analysis process. It is not an absolute science. There are no web analytics numbers
likely to describe the reality absolutely. Answers that are backed by clarity are not possible
since no direct information is given from the users. Using the assistance of web analytics
applications it could be quantify websites although the information needs interpretation from
analysts who are action oriented and pragmatic enough to implement improvement (Ogle,
2010).
Web analytics could go wrong often because the process was not completed. Most often large
amounts of investment amounts are put on web analytics tools but eventually nothing beyond
reports is generated. The aspect of implementing action after analysis is often the most crucial
perspective of web analytics although it is often ignored.
References
Cooley, R. (2003). The use of web structure and content to identify subjectively interesting
web usage patterns. ACM Transactions on Internet Technology (TOIT), 3(2), 93-116.
Hassler, M. (2010). Web analytics: Metriken auswerten, Besucherverhalten verstehen, Website
optimieren: MITP-Verlags GmbH & Co. KG.
Hausmann, V., Williams, S. P., & Schubert, P. (2012). Developing a Framework for Web
Analytics. Master's Thesis, University of Koblenz-Landau.
Kaushik, A. (2007). Web Analytics: An Hour A Day (W/Cd): John Wiley & Sons.
Norguet, J.-P., Zimányi, E., & Steinberger, R. (2006). Improving web sites with web usage
mining, web content mining, and semantic analysis. Paper presented at the International
Conference on Current Trends in Theory and Practice of Computer Science.
Ogle, J. A. (2010). Improving Web Site Performance Using Commercially Available
Analytical Tools. Clinical Orthopaedics and Related Research®, 468(10), 2604-2611.
Onwubiko, C. (2016). Exploring web analytics to enhance cyber situational awareness for the
protection of online web services. Paper presented at the Cyber Security And Protection
Of Digital Services (Cyber Security), 2016 International Conference On.
Phippen, A., Sheppard, L., & Furnell, S. (2004). A practical evaluation of Web analytics.
Internet Research, 14(4), 284-293.
Pietrowicz, S., Falchuk, B., Kolarov, A., & Naidu, A. (2015). Web-Based Smart Grid Network
Analytics Framework. Paper presented at the Information Reuse and Integration (IRI),
2015 IEEE International Conference on.
Sen, A., Dacin, P. A., & Pattichis, C. (2006). Current trends in web data analysis.
Communications of the ACM, 49(11), 85-91.
Singal, H., Kohli, S., & Sharma, A. K. (2014). Web analytics: State-of-art & literature
assessment. Paper presented at the Confluence The Next Generation Information
Technology Summit (Confluence), 2014 5th International Conference-.
Spiliopoulou, M., & Pohle, C. (2001). Data mining for measuring and improving the success
of web sites. Data Mining and Knowledge Discovery, 5(1-2), 85-114.
Waisberg, D., & Kaushik, A. (2009). Web Analytics 2.0: empowering customer centricity. The
original Search Engine Marketing Journal, 2(1), 5-11.
Weischedel, B., & Huizingh, E. K. (2006). Website optimization with web metrics: a case
study. Paper presented at the Proceedings of the 8th international conference on
Electronic commerce: The new e-commerce: innovations for conquering current
barriers, obstacles and limitations to conducting successful business on the internet.
Wu, J., Cheng, Y., Liu, Y., & Liu, X. (2009). Using web-analytics to optimize education
website. Paper presented at the International Conference on Hybrid Learning and
Education.
Zeng, D., Chen, H., Lusch, R., & Li, S.-H. (2010). Social media analytics and intelligence.
IEEE Intelligent Systems, 25(6), 13-16.
Diagram I
According to Hawk (2015) the methods and merits of philosophies applied for network security
including situational awareness can cause much deliberation. Dynamicity is one of the primary
characteristics in situational awareness. Situational awareness makes it possible employ
dynamic tactics in responding to the evolving and new threat models. This is inherently
contrary to the typical information security paradigm. The traditional information security
mechanisms can be compared to building castles and fortresses- they are mostly static. In order
to accomplish a security foundation, the traditional avenues for information security may apply
risk management tactics. Threat modeling is a tactic used in the development of applications
for the purpose of mitigating and analyzing application security. In cyber situational security
however new ways of reasoning are applied with the objective of exploring innovative ways
of threat modeling.in order to satisfy the dynamic needs existing in network attacks landscape
the below highlighted characteristics are essential for the network:
For effective cyber situational awareness monitoring has to be activated across all networks.
Information sent to log files must be monitored and the log data has to be sent into SIEM
(Security Information and Event Management) (Miller, 2011)). SIEM is responsible for
analyzing and correlating received data log for the possibility of attack trends (Lachance,
2015). SIEM is expected to compare and contrast incoming data for potential vulnerabilities
and exposures (CVE) and configuration errors (CCE). SIEM also examines databases prone to
threats for the sake of assessing possibility of an imminent attack (Nicolett, 2010). Network
hosts ought to be classified in the category of asset databases capable of scanning the network
for vulnerabilities and providing remedies that are compliant with the recognized strategies.
Cyber security or physical security has monitoring, control assessment and prompt response to
incidents as the most fundamental security aspects. In the cyber situational awareness paradigm
security may be achieved through environmental awareness and quick response to threats
identified as opposed to creating castles and fortresses with an expectation of maximizing
capacity to withstand attacks optimally (Jajodia, 2010). It must be understood that cyber
situational awareness does not refer to a single product. It however refers to a philosophy
realizable through use of intelligence of processes and products that define the networks of
information systems.
Huang (2015) defined situational awareness as the perception and comprehension of elements
in the environment based on space and time. Cyber situational awareness therefore is an
extension of situational awareness to cyber domain. Cyber analysts have to understand the
meaning behind observation for cyber security awareness. Analysts must also have an ability
of projecting implications of their observation on the system. Huang (2015) describes the
assessment and training systems in cyber situational awareness with an intention of assessing
and teaching team and individual cyber situational awareness in a context of cyber defense.
Huang also incorporates a variety of technologies with an objective of enhancing the learning
process for cyber analysts.
The United States recently declared cyber threat as a serious national security and economic
challenge. The 2017 election were dominated by accusations of cyber-attacks against the
Democratic National congress. China was recently accused of hacking into the white house as
well. There are two components to the strategy for cyber security and they are: enhanced
resilience to cyber-attack incidents and the reduction of cyber threats. In order to achieve this
target security analysts otherwise referred to as defenders are charged with protecting online
infrastructure of the corporate networks from organized or random cyber-attacks (Jajodia,
2010). Security analysts protect corporate networks through accurate detection of threats in the
soonest possible time in the event of a cyber-attack.
Dutt et al. (2013) examines factors that influence the experiences of a simulated security analyst
and their ability to tolerate threats through accurately detecting them for behaviors that are
simulated. The computational model is used in the simulations. Behaviors that are adversarial
are demonstrated through different strategies of simulated attack and therefore differ in threat
timing over sequences of events in a network. The awareness process of the security analyst is
also simulated using computational systems of rigorous decision making.
Cyber situational awareness according to Kotenko & Doynikova (2014) is the capacity to offer
assistance to people charged with decision making in their attempt to make decisions with
clarity and assist security analysts in the prevention of malicious actions. The field manual for
USA Army explains situational awareness as the understanding and knowledge of prevailing
situation therefore allowing for accurate, timely and relevant evaluation of enemy, friendly as
well as other operations inside the battles zone. This allows for effective decision making.
Situational awareness in cyber security means an accurate understanding of cyber security
utilities.
Cyber situational awareness entails accurate comprehension of the utilities in the operations of
cyber security and each of the CIKR (critical infrastructure and key resource) contributing to
the entire utilities system process (Blumenthal et al., 2012). In situational awareness there has
to be comprehensive analysis of the existing operations within the cyber security utilities. It
must be possible to evaluate weaknesses, potential breakdowns and vulnerabilities which may
be exploited by the enemy (Franke & Brynielsson, 2014). This gives the network utilities
optimal security. Situational security is characterized by surveillance of unusual occurrences
and events within the networks of cyber security. Situational awareness entails flexibility in
the approach of possible security threats and ability to mitigate the threats before they sustain
any success. It is important to have situational awareness for the reason of the growing
operations complexity in the present day utility systems. It is important to understand that the
variability of cyber security changes within the network is highly dynamic far and above other
utility grids. It is inherent therefore that the industry and utility employ unified CIKR and cyber
security approaches.
Cyber-attack is a computer attack meant to undermine the confidentiality and integrity of
information resident in computers. Huang (2015) indicates that cyber-attacks have significantly
increased both in complexity and numbers recently. A cyber attacker first of all examines the
vulnerable points in a system and then infiltrates the hosts and/or networks. Upon accessing
the system, the attacker uses it to either steal important data, monitor communication, uncover
new ways of attack in relation to that system, and take over control of the management of assets
in that system or paralyze the computer, networks and other related systems. Some of the
damaging effects of successful Cyber-attacks include taking control of network resources and
hosts and access to sensitive information present in the network.
Situational awareness according to Jajodia (2010) is an evolving perception concerning the
attributes and evolving status of elements. It is the comprehension of several observations with
an intention of relating them to the prevailing situation and projecting the possible outcomes
in the future based on knowledge and experiences accumulated in the past. Cyber situational
awareness projects situation awareness to cyber domain. This is where data is collected by
cyber analysts and signs of potential attack tracks are sought, the potential consequence of the
identified attack tracks is estimated and the attacker’s moves are anticipated. The effectiveness
of CSA is however derailed by the gigantic complexity and size of today’s networks, the
adaptive characteristics of knowledgeable adversaries, increasing quantity of false alarms
caused by IDS (Intrusion Detection Systems), absence of grounded skills for assessing
performance of defense systems, presence of institutional stove pipes derailing collaboration
and use of technologies that do not have enough comprehension of prevailing human needs.
2.2. Situational awareness models
The situational awareness concept is often described in literature work by Salmon et al., (2008).
The concept however remains principally individually constructed and most of the situational
awareness models interpret situational models using personal perspectives. Collaborative
deliberations of situational awareness have gathered less attention. The situation has made
situational awareness a complex factor hence challenging human actors both in the
establishment of theoretical viewpoints and of authentic assessments. The process of
developing guidelines for training and systems as well as procedure designs has become
difficult. Salmon et al. (2008), critiques and reviews situational awareness and compares team
and individual models. The argument by Salmon and team is that the approaches in situational
awareness proposed in recent times are most fit for the purpose of assessing and describing
situational awareness in collaborative environments globally.
2.2.1. Reference model
In software engineering, enterprise and systems, the reference model is understood to be a
theory or abstract framework made up of intertwined circle of concepts that have clear
definition from experts. The objective is to foster communication clarity (Chatti et al., 2012).
Reference models are capable of representing individual parts identifying any idea that is
consistent (Day & Zimmermann, 1983). This may be in business functions or system
components. The reference model designed can be a tool of communicating ideas with clarity
to members belonging to a single community.
OASIS. (2012) defines a reference model as a theoretical framework used to understand the
relationship existing among entities in one environment. Reference models are used to develop
consistent specifications and standards that sustain that environment. Reference models are
built on the foundation of smaller concepts that could be used as a means of educating and
elaborating concepts to people that are not specialists. Reference models are never built on the
basis of any technologies, standards or tangible details of implementation. Reference models
will however provide universal semantics that could be applied unequivocally over different
implementation platforms.
OASIS (2012) stated that reference models are utilized by architects as a mechanism of
constituting architectures. This is the same mechanism used by the automotive industry in
making logical divisions for car components. Software industries utilize reference models in
creating divisions and making logical decisions for architectures. In so doing, it becomes easier
for products owned by vendors to be fashioned to satisfy the needs of architecture and also
permit users to comprehend the fitting position of products in the corporate architecture. The
reference model operates in the same manner as it would for tire manufacturers who have an
understanding that automobile manufacturers know precisely well that the wheel is a circular
car component bolting to the hub and requiring a tire fitted onto the rim. Contrary to specific
architecture, reference models do not specify the wheel sizes or the patterns of bolts that ought
to be used. The only thing is that these attributes are common with the automobile industry.
Individually it is logical that rims and wheel sizes, composition and shape may vary.
Diagram II
Salerno (2008) proposed a revision to the reference model to what appears in diagram II above.
In the attempt to create and test situational awareness reference model Salerno et al (2005)
started research aimed for application in cyber domain. The situational awareness reference
model has been updated since and given a more complete definition by Salerno (2008) as
shown in diagram II above.
According to Jajodia (2010) cyber situational awareness reference model involves adoption of
a JDL (Joint Directors of Laboratories) (Onwubiko & Owens, 2012) model of data fusion.at
the various Cyber situational awareness levels. The first level of JDL deals with identification
and tracking of separate objects (Mahoney et al., 2010). The second level of JDL involves
aggregation of existing objects into units or groups by identifying relationships existing
between objects. JDL is often applied in many situational awareness frameworks although it is
considered unsuitable in the cyber domain. JDL is a method that ignores information context
like the location, time of acquisition, destination and source of service and communication. All
this absent characteristics are important in accurate detection of threats (Kott et al., 2014).
Taking the time taken for data acquisition as an example and assuming that cyber analysts are
able to detect TCP (Transmission control protocol) connection requests on a singular port, if
the cyber analysts are directed into different machines in a short span of time, the assumption
could be that there is an attempt from an attacker to find an attack entrance after ascertain
whether SSH server has been activated. If however the probing takes place once in a week, this
might be the system attempt to probe behavior (Deli & Çağman, 2015).
Reference models will only be useful in instances where they offer useful reference
information. Reference models are implemented best by application of standards. If perhaps
the fundamental standards are absent, they ought to be developed on the premise of reference
model characteristics. In cases where existing models are already implemented they should be
mapped on reference model for the purpose of comparisons and interoperability. Where an
implementer is at liberty to select their preferred model, the reference model should be directly
applied using preexisting standards.
2.2.2. Process model
Process models can be understood as processes having the same nature and are classified in
one group as a model (Gendlin, 1997). The process model describes a process at the stage of
its type. For this reason a process exemplifies the process model. The process model is applied
in the creation of many elements. The process model could be used as a description of how
processes ought to take place as opposed to articulating the substance of the process. Process
models anticipate the details of a process in advance. The actual nature of the process will be
realized during development of the process itself.
The objectives of process models include explanation of the process rationale for easy
understanding of the process details, evaluation and exploration of various grounds upon which
actions are founded, establishment of explicit relationship between the processes and model
requirements. The process model also projects the instance at which information could be
retrieved for purpose of reporting. Prescription: process models define the process in its
desired/absolute state and how the process ought to be executed. The process model also
establishes the behavior patterns, guidelines and rules which should be followed in order to
achieve the desired performance levels of the process. The behavior patterns could entail
flexible guidelines or strict enforcement.
Another objective of the process model is description of the actual happenings in a process.
Process models also employ the perspective of external observers who are interested in the
manner in which processes have been executed. Through this, the external observer decides on
the areas that need improvement in order to make the process more efficient and effective.
2.3. Visualization
Visualization is a very important component of cyber situational awareness (Tamassia et al.,
2009). D'Amico et al. (2007) uses cognitive analysis of tasks to develop a visualization
framework aimed at supporting analysts’ work. Michel et al. (2011) investigated the
importance of virtual world in bettering conveyance of large data sets real time for cyber
situational awareness. Salas (2003) examines the importance of three dimensional models in
visualization of the impact caused by information security activities during military missions.
Klein et al. (2012) sought solutions the problems of cyber situational awareness using two
phases which are: collection of data into comprehensive models and the visualization of the
data in a manner that encourages human understanding. The techniques used in visualization
are rarely applied in strategies adopted by a nation although there are some exceptions.
According to National Information Security Center (2013) Japan is a country that uses
visualization to assess the level of vulnerability on its cyberspace. The country also uses
visualization to detect extent of malware that has infected the networks as well as other cyber
security trends. Information visualization is a crucial component in securing situational
awareness.
Blumenthal, U., Haines, J., Streilein, W., & O’Leary, G. (2012). Information Security for
Situational Awareness in Computer Network Defense.
Candela, L., Castelli, D., Ferro, N., Ioannis, Y., Koutrika, G., Meghini, C., Pagano, P., et al.
(2008). The DELOS Digital Library Reference Model-Foundations for Digital
Libraries. Version 0.98. On Digital Libraries, 215.
Chatti, M. A., Dyckhoff, A. L., Schroeder, U., & Thüs, H. (2012). A Reference Model for
Learning Analytics. International Journal of Technology Enhanced Learning, 4(5/6),
318-331.
D’Amico, A., & Whitley, K. (2008). The Real Work of Computer Network Defense
Analysts: The Analysis Roles and Processes that Transform Network Data into
Security Situation Awareness.
D'Amico, A., Salas, S., & Proceedings DARPA Information Survivability Conference and
Exposition. (2003). Visualization as an aid for assessing the mission impact of
information security breaches'. 2, 190.
Day, J. D., & Zimmermann, H. (1983). The OSI reference model. Proceedings of the
IEEE, 71, 12, 1334-1340.
Deli, I., & Çağman, N. (2015). Intuitionistic fuzzy parameterized soft set theory and its
decision making. Applied Soft Computing Journal, 28, 109-113.
Denning, P. J., & Denning, D. E. (2010). Discussing Cyber Attack. Communications of the
ACM, 53(9), 29-31.
Dowson, M. (1987). Iteration in the software process: Proceedings of the 3rd International
Software Process Workshop, Breckenridge, Colorado, USA, 17-19 November 1986.
Washington, D.C: Computer Society Press of the IEEE.
Dutt, V., Ahn, Y.-S., & Gonzalez, C. (2013). Cyber situation awareness: modeling detection
of cyber attacks with instance-based learning theory. Human factors, 55(3), 605-18.
Endsley, M. R. (1995). Toward a theory of situation awareness in dynamic systems: Situation
awareness. Human Factors, 37(1), 32-64. Human Factors and Ergonomics Society.
Franke, U., & Brynielsson, J. (2014). Cyber situational awareness – a systematic review of
the literature. Computers & Security, 46, 41. Elsevier Ltd.
Gendlin, E. T. (1997). A process model. Spring Valley, N.Y.: Focusing Institute.
Gurkok, C. (2013). Cyber forensics and incident response. Managing Information Security:
Second Edition (pp. 275-311). Elsevier Inc.
Hawk, R., (2015). Situational Awareness in Cyber Security. Retrieved 11 January, 2017
from: https://www.alienvault.com/blogs/security-essentials/situational-awareness-in-
cyber-security
Huang, Z. (2015). Human-centric training and assessment for cyber situation awareness.
Jajodia, S. (2010). Cyber situational awareness: Issues and research. New York: Springer.
Jajodia, S. (2010). Cyber situational awareness: Issues and research. New York: Springer.
Klein, G., Günther, H., & Träber, S. (January 01, 2012). Modularizing Cyber Defense
Situational Awareness - Technical Integration before Human Understanding.
Kotenko, I., & Doynikova, E. (2014). Security evaluation for cyber situational
awareness. Proceedings - 16th IEEE International Conference on High Performance
Computing and Communications, HPCC 2014, 11th IEEE International Conference
on Embedded Software and Systems, ICESS 2014 and 6th International Symposium
on Cyberspace Safety and Security, CSS 2014 (pp. 1197-1204). Institute of Electrical
and Electronics Engineers Inc.
Kott, A., Wang, C., & Erbacher, R. F. (2014). Cyber defense and situational awareness.
Lachance, D. (2015). CISSP: Security Information and Event Management. Nashua, New
Hampshire : Skillsoft Ireland Limited
Leopold, H. (2015). Cyber Situational Awareness. Elektrotechnik und
Informationstechnik, 132(2), 97-100. Springer-Verlag Wien.
Mahoney, S., Pfautz, J., Wu, C., Farry, M., Roth, E., Steinke, K., & 54th Human Factors and
Ergonomics Society Annual Meeting 2010, HFES 2010. (December 01, 2010). A
cognitive task analysis for cyber situational awareness. Proceedings of the Human
Factors and Ergonomics Society, 1, 279-283.
Miller, D. (2011). Security information and event management (SIEM) implementation. New
York: McGraw-Hill.
Michel, M. C. K., Helmick, N. P., Mayron, L. M., & 2011 IEEE International Multi-
Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision
Support (CogSIMA 2011). (February 01, 2011). Cognitive cyber situational
awareness using virtual worlds. 179-182.
Nicolett, M. (2010). Critical Capabilities for Security Information and Event Management
Technology. Event (London), (May), 16.
OASIS. (2012). OASIS SOA Reference Model (SOA-RM) TC. Online Webpage. Retrieved 11
January, 2017from: https://www.oasis-open.org/committees/soa-rm/faq.php
Onwubiko, C., & Owens, T. (2012). Situational awareness in computer network defense:
Principles, methods and applications. Hershey, PA: Information Science Reference.
Salmon et al., (2008). What really is going on? Review of situation awareness models for
individuals and teams. Theoretical Issues in Ergonomics Science. Taylor and
Francis, 9(4), 297-323
Salerno, J. (2008). Measuring situation assessment performance through the activities of
interest score. Proceedings of the 11th International Conference on Information
Fusion, FUSION 2008.
Salerno, J. J., Hinman, M. L., & Boulware, D. M. (2005). A situation awareness model
applied to multiple domains. 5813, 1, 65-74.
Schneier, B. (2014). The future of incident response. IEEE Security and Privacy. Institute of
Electrical and Electronics Engineers Inc.
Sushil Jajodia, Peng Liu, Vipin Swarup, Cliff Wang. (2010). Cyber Situational Awareness.
Springer US.
Tadda, G., Salerno, J. J., Boulware, D., Hinman, M., & Gorton, S. (2006). Realizing situation
awareness within a cyber-environment. 6242, 1, 624204.
Tamassia, R., Palazzi, B., & Papamanthou, C. (January 01, 2009). Graph Drawing for
Security Visualization. Lecture Notes in Computer Science, 5417, 2-13.
Trendle, G. (2003). Cyber threat! Middle East, 38-41.