1
356views
Explain the process used to assess the performance and impact of operations.
1 Answer
0
1views

Solution

  • Cyber operations’ performance or impact analysis varies based on the nature of the cyber-attacks or missions or operations (e.g., defensive or offensive).

  • For example, the following cyber analysis activities can be used in cyber operations assessment (Kott et al. 2015):

  • Detect attacks in a mission-supporting manner.

  • Assess damages relevant to the mission: Forensic tools are important to understand the attack, attackers, and assess damages.

  • Investigate impacts on mission elements.

  • Recover from attacks.

  • Decide on how to respond to cyber-attacks to maximize mission success.

  • Evaluate different possible mitigation alternatives.

  • Kott et al. (2015) discussed different models to cyber operations’ impact analysis (COIA) such as: risk analysis problem, control theoretic style, game theoretic, reverse engineering, malware analysis, and adversary modeling.

  • In studying cyber operations’ impact analysis, we should not also ignore the dimensions related to understand humans’ behavior; whether those are the defenders or the attackers. Cognitive modeling and tools such as Adaptive Control of Thought—Rational (ACT-R) can be used to model attackers’ behaviors.

  • Kott et al. (2015) mentioned two particular models that can be utilized in COIA, namely: Canadian Automated Computer Network Defense (ARMOUR) demonstrator and European Union PANOPTESEC.

enter image description here

  • In a COIA model by MITRE (www.mitre.org), the model described several model requirements through which assessment can be thorough and accurate, Fig. (Musman et al. 2009). This model is an example of a data-flow representation.

  • Extending MITRE Cyber Mission Impact Assessment (CMIA) Tool, AMICA model combines process modeling, discrete event simulation, graph-based dependency modeling, and dynamic visualizations (Noel et al. 2015). Jakobson (2011) proposes an impact dependency graph, Fig.

Please log in to add an answer.