Tim Bass

Cyberspace Situational Awareness · www.cyber-situational-awareness.com @CyberSpaceSA

Next-generation cyberspace intrusion detection (ID) systems will require the fusion of data from myriad heterogeneous distributed network sensors to effectively create cyberspace situational awareness.

This paper presents patterns and anomalies in cyberspace based on the results of research and development into visualization tools and processing methods for virtualized cyberspace situational awareness. In this paper, we present independent research into virtualizing cyberspace with actual operational data showing a number of situational patterns...

Next generation cyberspace intrusion detection systems will fuse data from heterogeneous distributed network sensors to create cyberspace situational awareness. This paper provides a few first steps toward developing the engineering requirements using the art and science of multisensor data fusion as the underlying model. Current generation interne...

Patterns & Anomalies in Cyberspace - Presenting visual patterns and anomalies in cyberspace based on research and development into visualization tools and processing methods for cyberspace situational awareness. This visual presentation is made with actual operational data showing a number situational patterns and anomalies including bots disguised...

Cyberspace Situational Awareness - A High Level Blackboard Architecture for Cyber SA

Top Five Cybersecurity Threats | Earth Year 2019 | You Have Been Warned! Earth Year 2019 Non-Fiction 5. Disinformation and Influence Operations 4. Cyber Infomarts for Personal Data and Information 3. Targeting Algorithms & Algorithms 2. Malicious Digital Manipulation of Videos, Images, and Audio 1. Tech Addiction and Dependance on Computers, Alg...

Book available on Amazon: https://goo.gl/66fXxN This short introduction to human cyber consciousness is the first book in a new series on cybersecurity that will present a uniquely modern approach to cyberspace situational awareness and human cyber consciousness. This approach can be applied to many cyber domains including cyber security, cyber wa...

For ResearchGate Comments: Top 10 Cybersecurity Threats 2018 Please look at this first rough draft slide for a new slide deck I am working on and let me know what you think about the "top ten" bullets and the order. Thanks.

As data scientists, sometimes we need to take a step away from pure number crunching and gain a better understanding through Visualization. For Cybersecurity, Multi Sensor Data Fusion (MSDF) can be employed to achieve superior Cyberspace Situational Awareness. With a new application, we’ll demonstrate how to virtualize, operationalize, and visualiz...

Welcome to CyberPhysics 101 - If you search the Internet, the general use of the term “cyber physics” has been to discuss and teach physics on the Internet. However, we propose that cyberspace might be more accurately described as a part of the physical universe. This means that cyberspace may (should) obey the laws of physics? This concept leads t...

This is a brief video presentation for a cybersecurity visualization workshop for a non-technical audience which provides a high level ”layman’s view” of our concepts of virtualized cyberspace. This video was created with our visualization application which we continue to improve, adding new features and also working on back-end data fusion sensors...

This is a video presentation / tutorial for cyberspace situational awareness to be presented at a workshop later this year. Refer to: http://www.thecepblog.com/2017/07/07/hunting-anomalous-bots-and-an-introduction-to-cyber-objects-live-from-cyberspace/

A Journey Into Cyberspace - A brief visual presentation on the results of research and development into new visualization tools and methods for cyberspace situational awareness via graph processing and multisensor data fusion.

Cyberspace Situational Awareness may be achieved over time by the application of the JDL model for multisensor data fusion [1] to build Cyberspace Situation Graphs. Critical to a Cyberspace Situation Graph is the creation and management of the Cyber Object Base. Cyberspace Situation Graphs can be viewed, processed, filtered, stored, and matched all...

My application (ten years ago) of the JDL multi-sensor data fusion model to create “cyberspace situational awareness“, outlined in many of my published papers (Google Scholar, ResearchGate), has been fully accepted as mainstream thinking by the research community at-large. However, my application of the JDL multi-sensor data fusion model to serve a...

First, A Brief Review of the OWASP Top 10 #7. Broken Authentication and Session Management Second, A Funny Thing Happened in GoogleDocs Third, Proxy Caches are a Serious Threat Poorly written session management code is the vulnerability Simple testing scenario(s) … and a warning ….

Agenda: Trends in Cyber attacks, Threats & Vulnerabilities Security Event Management (SEM) Overview Complex Event Processing (CEP) for Next Generation SEM

There has been significant event processing controversy in the use of the terms event stream processing (ESP) and complex event processing (CEP). CEP was originally envisioned as a technology to extract new information from message-based systems; while ESP was designed to extract new information from database-oriented systems. One school of thought...

The art and science of multisensor data fusion has emerged as an underlying foundation for Predictive Business™, including applications such as enterprise risk management and fraud detection. Enterprise fraud detection and other complex inference processing solutions require the management of real-time events from distributed sensors, agents and ot...

Introduction Event-Decision Architecture Traditional vs. State-of-the-Art Processing Architecture Capstone Constraints and Requirements Inference and Processing Architecture Processing Patterns for PredictiveBusinessTM Open Discussion

The art and science of multi-sensor data fusion has emerged as the underlying foundation for PredictiveBusiness®, including applications such as enterprise fraud detection. Enterprise fraud detection and other complex inference processing solutions, require he management of real-time events from distributed sensors, agents and other processing comp...

Net-centricity, the notion of transforming large-scale intranets into capabilities-based, service-oriented architectures, exploits a new information management concept. Net-centricity implies that existing and future information systems within an enterprise will be engineered to publish product and/or service offerings within a strategic context th...

Service-oriented architecture (SOA), a term often used today in conjunction with net-centric operations, implies that existing and future DoD information capabilities will be engineered to publish product and/or service offerings within a strategic context that allows virtually all employees and applications to readily discover and use them. SOA pr...

Presentation Date: 21 September 2004, e-Government Conference, Wash, DC Session: 3-4, 11:15 am, Ronald Regan Building and International Trade Center

To facilitate efforts to transform the federal government into one that is citizen-centered, resultsoriented, and market-based, the Office of Management and Budget (OMB) is developing the Federal Enterprise Architecture (FEA), a business-based framework for government-wide improvement. As illustrated in Figure 1, the FEA is being constructed throug...

The art and science of multisensor data fusion has emerged as the foundation for the development of next generation net-centric decision support systems, including horizontal fusion systems. These decision support systems require the coordination of service-oriented sensors and fusion components. Distributed coordination-based architectures provide...

The art and science of multisensor data fusion is the emerging foundation for the development of next generation network-centric decision support systems, including critical infrastructure protection. These challenging technical objectives require the cooperative signal processing of a federation of critical infrastructures. Publish-subscribe archi...

[SINGLE COLUMN VERSION] Defense-In-Depth [1] concepts for global information operations are physical boundary-centric. However, network-centric operations are multidimensional, layered and often virtual. The interconnection of defensive operational elements, including the fixed and deployed base, runways, fighter planes, bombers, bombs, tankers, te...

Defense-in-depth (2000) concepts for global information operations are physical boundary-centric. However, network-centric operations are multidimensional, layered and often virtual. The interconnection of defensive operational elements, including the fixed and deployed base, runways, fighter planes, bombers, bombs, tankers, tents and individuals a...

The Internet and interoperable intranets are a vast and complex dimension of both enabling and inhibiting data flows. Current generation intrusion detection (ID) systems are not technologically advanced enough to create the situational knowledge required to manage these networks. Next generation ID system will fuse data, combining both shortterm se...

Future military cyberspace security may require next-generation network management and intrusion detection systems that combine both short-term sensor information and long-term knowledge databases to provide decision-support systems and cyberspace command and control. Sophisticated computer hardware and software would identify a myriad of objects a...

Agenda CC2 High Level Constructs Process and Blackboard Diagrams CC2 System Inputs & Outputs Visualization and Parametric Examples Example CC2 Projects and Next Steps Discussion

Cyberspace is a complex dimension of both enabling and inhibiting data flows in electronic data networks. Current generation intrusion detection (ID) systems are not technologically advanced enough to create the situational knowledge required to manage these networks. Next generation ID system will fuse data, combining both short-term sensor data w...

Thai translation of 1999 Popular Science Article: WAR.COM – A HACKER ATTACK AGAINST NATO UNCOVERS A SECRET WAR IN CYBERSPACE (Translator did not get property attribution to Popular Science or Frank Vizard) ผมบังเอิญพบไฟล์นี้ในขณะที่กำลังทำการวิจัยเพื่อเขียนหนังสือ ลิงค์นี้เป็นเรื่องราวในภาษาไทย https://goo.gl/UWgiis (Found this doing some re...

A hacker attack against NATO uncovers a secret war in cyberspace.

Postscript version of Multis ensor Data Fusion for Next Generation Distributed Intrusion Detection Systems

There are many interesting emerging topics in the AF SC community. Two which are very important to the future of information dominance are Cyberspace Situational Awareness and Cyber Attack Countermeasures Rules of Engagements.

The simplicity of SMTP mail can be combined with the robustness of the sendmail MTA program and misused in numerous ways to create extraordinary and powerful e-mail bombs. These e-mail bombs can be launched in many different attack scenarios which can easily flood and shut down chains of SMTP mail servers. Sendmail-based SMTP mail relays also can b...

Pre-information age military battlefields are based on the traditional land, sea, air, and space paradigm. Global internetworking is causal to the creation of a dangerously real 5th dimension of warfare-cyberspace. This paper describes an Internet based assault, commonly referred to as e-mail spam, on the Langley AFB internetworking infrastructure....

Pre-information age military battlefields are based on the traditional land, sea, air, and space paradigm. Global internetworking is causal to the creation of a dangerously real 5th dimension of warfare-cyberspace. This paper describes an Internet based assault, commonly referred to as e-mail spam, on the Langley AFB internetworking infrastructure....

Transit IP internetworks supporting USAF bases are highly congested during duty-hours and attempts to access to the Internet often fail. Often, during these connection failures, transit networks are in a state known as congestion collapse and connections time out when a user attempts to reach the Internet. This paper presents the results of a simpl...

Global routing in the Internet continues to have scalability problems which underscore weaknesses in the design and implementation of the various TCP/IP exterior routing protocols. This article explores the historical design and development relative to the decision-making process in the specification and implementation of Internet external routing...