Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats which are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system need to be developed which has the ability of monitoring and capturing various types of threats, analyzing and devising a plan to avoid further attacks. This paper provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, and analysis of the techniques, and evaluation methods. Lastly, we highlight misconceptions, insights and limitations of this study and suggest some future work directions to address the limitations.
翻译:网络空间在先进和尖端的网络威胁方面充满不确定性,这些威胁配备了学习系统和自我传播的新方法,如AI动力威胁。为了削弱这些类型的威胁,需要开发一个现代和智能的网络状况认识系统,该系统能够监测和捕捉各种类型的威胁,分析和制定避免进一步攻击的计划。本文件全面研究了网络南非市场当前的最新技术,以讨论SA的以下方面:关键设计原则、框架、分类、数据收集、技术分析以及评估方法。最后,我们强调这项研究的错误、洞察力和局限性,并建议今后解决这些限制的工作方向。