Camus: Automatically Mapping Cyber Assets to Missions and Users
Abstract: This research advances Cyber Situation Management by proposing methods for automated mapping of Cyber Assets to Missions and Users (Camus). To enable accurate and efficient cyber incident mission impact assessment, a Camus ontology that defines entities, relationships and attributes (ERAs) associated with them has been drafted. Methods for fusing data from multiple data sources have been developed alongside an ontology-based system to populate the model using existing network data sources. The Camus system demonstrates how commonly available data sources can be rapidly collected, correlated, and fused to automatically map cyber assets to the users who depend on them, to the missions they support, and to the services they provide. Also discussed are the technical architecture and challenges to such an approach.