Enhancing Cyber Situation Awareness: Visualizing Advanced Persistent Threats as Complex Systems

Files

Enhancing_Cyber_Situation_Awareness_Visualizing_Advanced_Persistent_Threats_as_Complex_Systems.pdf (5.41 MB)

Links to Files

https://link.springer.com/chapter/10.1007/978-3-032-00633-2_6

Permanent Link

https://doi.org/10.1007/978-3-032-00633-2_6
 http://hdl.handle.net/11603/40216

Collections

UMBC Faculty Collection
UMBC Center for Space Sciences and Technology (CSST) / Center for Research and Exploration in Space Sciences & Technology II (CRSST II)

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0001-9480-0583

Date

2025-08-09

Type of Work

conference papers and proceedings
book chapters
postprints
Text

Department

Program

Citation of Original Publication

Nikolov, Georgi, Margaret Varga, April Rose Panganiban, Kaur Kullman, and Valérie Lavigne. “Enhancing Cyber Situation Awareness: Visualizing Advanced Persistent Threats as Complex Systems.” In Availability, Reliability and Security, edited by Bart Coppens, Bruno Volckaert, Vincent Naessens, and Bjorn De Sutter. Springer Nature Switzerland, 2025. https://doi.org/10.1007/978-3-032-00633-2_6.

Rights

This version of the article has been accepted for publication, after peer review (when applicable) and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/10.1007/978-3-032-00633-2_6

Subjects

Abstract

In recent years the field of Information Technologies has become ubiquitous, it is used to implement and manage private, public, government and military installations. This has led to massive growth in the threat landscape, attackers have ample time, resources, technologies and tools to design highly sophisticated attacks implementing Zero-Day Vulnerabilities and complex algorithms using polymorphic behaviour, putting a major strain on defenders. Rapid advancement of Advanced Persistent Threats (APT) poses a major security risk for online services, but even more so for critical government, financial, healthcare and military infrastructures. The difficulty in counteracting APTs is amplified by the increasing challenge of identifying and preparing countermeasures in time. There is ample research and documentation available, describing the life-cycle of various APTs and their Tactics Techniques and Practices (TTPs), but a lack of deeper understanding hinders timely detection to halt the attack. To better understand APTs and how they function, we propose addressing emergent cyber attacks from the perspective of Complex Systems and the application of Visual Analytics and visualization to enhance the level of understanding and Situation Awareness. In this paper, we discuss how we can analyse APTs from a Complex System perspective, the visualization techniques and visual analytics approaches used and how they can be applied for better detection, understanding and management.