Nested Narratives Final Report
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
In cybersecurity forensics and incident response, the story of what has happened is the most important artifact yet the one least supported by tools and techniques. Existing tools focus on gathering and manipulating low-level data to allow an analyst to investigate exactly what happened on a host system or a network. Higher-level analysis is usually left to whatever ad hoc tools and techniques an individual may have developed. We discuss visual representations of narrative in the context of cybersecurity incidents with an eye toward multi-scale illustration of actions and actors. We envision that this representation could smoothly encompass individual packets on a wire at the lowest level and nation-state-level actors at the highest. We present progress to date, discuss the impact of technical risk on this project and highlight opportunities for future work.
- Research Organization:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE National Nuclear Security Administration (NNSA)
- DOE Contract Number:
- AC04-94AL85000
- OSTI ID:
- 1170510
- Report Number(s):
- SAND2015-0682; 566882
- Country of Publication:
- United States
- Language:
- English
Similar Records
Cybersecurity Platform and Certification Framework Development for Extreme Fast Charging (XFC)-Integrated Charging Ecosystem (Final Project Report)
SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Individual and Team Performance Guidelines