Adaptation of the JDL Model for Multi-Sensor National Cyber Security Data Fusion

Adaptation of the JDL Model for Multi-Sensor National Cyber Security Data Fusion

Ignatius Swart (CSIR, South Africa), Barry V. W. Irwin (Rhodes University, South Africa) and Marthie M. Grobler (CSIR, South Africa)
DOI: 10.4018/978-1-5225-8897-9.ch016
OnDemand PDF Download:
No Current Special Offers


The potential attack surface of a nation is large and no single source of cyber security data provides all the required information to accurately describe the cyber security readiness of a nation. There are a variety of specialised data sources available to assess the state of a nation in key areas such as botnets, spam servers and incorrectly configured hosts. By applying data fusion principles, the potential exists to provide a representative view of all combined data sources. This research will examine a variety of currently available Internet data sources and apply it to an adapted Joint Directors of Laboratories (JDL) data fusion model in order to illustrate the potential gains and current limitations. The JDL model has been adapted to suit national level cyber sensor data fusion with the aim to formally define and reduce data ambiguity and enhance fusion capability in a real world system. A case study highlights the results of applying available open source security information against the model to relate to the current South African cyber landscape.
Chapter Preview

Responsibility And Demarcation Of A Nation’S Internet Domain

Current cyber defence policies published by nations contain lists of key national capabilities that they are striving for. Various frameworks, models and standards are being used to assess the current state and to move forward to a more secure state such as the guide from NIST (National Institute of Standards and Technology (NIST) & United States of America, 2014). The problem is however that once the cyber defence policies of Governments are studied it becomes visible that no clear definition is available of what exactly will be protected (Cavelty, 2014). A recent study (de Souza, 2014) of United States cyber defence policies has revealed that Government is responsible for the safety of the Internet but current implementations focus on only protecting .gov websites. In South Africa legislation exists, and responsibility for each sector is defined in the National Cyber Security Policy Framework. In the policy, there is a clear indication of the responsibility that Government has towards Internet enabled infrastructure. Reinforcing the intent other legislation such as the Electronic Communication and Transactions Act of 2002 (South African Government Gazette, 2003) mandated that the domain be placed under the control of the Government (Naidoo, Singh, & Levine, 2013).

Complete Chapter List

Search this Book: