Nav: Home

First cyber agility framework to train officials developed to out-maneuver cyber attacks

June 11, 2019

RESEARCH TRIANGLE PARK, N.C. (June 10, 2019) To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the U.S. Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.

"The DOD and U.S. Army recognize that the cyber domain is as important a battlefront as ground, air and sea," said Dr. Purush Iyer, division chief, network sciences at Army Research Office, an element of the Army Futures Command's Army Research Laboratory. "Being able to predict what the adversaries will likely do provides opportunities to protect and to launch countermeasures. This work is a testament to successful collaboration between academia and government."

The framework developed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks. Their work is published in IEEE Transactions on Information Forensics and Security, a top journal for cybersecurity.

"Cyber agility isn't just about patching a security hole, it's about understanding what happens over time. Sometimes when you protect one vulnerability, you expose yourself to 10 others," said Jose Mireles, who works for the DOD and co-developed this first-known framework as part of his UTSA master's thesis. "In car crashes, we understand how to test for safety using the rules of physics. It is much harder to quantify cybersecurity because scientists have yet to figure out what are the 'rules of cybersecurity.' Having formal metrics and measurement to understand the attacks that occur will benefit a wide range of cyber professionals."

To develop quantifiable metrics, Mireles collaborated with a fellow UTSA student Eric Ficke, researchers at Virginia Tech, and a researcher at CCDC ARL and the U.S. Air Force Research Laboratory.

The project under the supervision of UTSA Professor Shouhuai Xu, who serves as the director of the UTSA Laboratory for Cybersecurity Dynamics. Together, they used a honeypot a computer system that lures real cyber-attacks to attract and analyze malicious traffic according to time and effectiveness. As both attackers and defenders created new techniques, the researchers were able to better understand how a series of engagements transformed into a new adaptive and responsive agile pattern or what they called an evolution generation.

"The cyber agility framework is the first of its kind and allows cyber defenders to test out numerous and varied responses to an attack," Xu said. "This is an outstanding piece of work as it will shape the investigation and practice of cyber agility for the many years to come."

Mireles added, "A picture or graph in this case is really worth more than 1,000 words. Using our framework, security professionals will recognize if they're getting beaten or doing a good job against an attacker."
-end-
https://ieeexplore.ieee.org/document/8695107

U.S. Army Research Laboratory

Related Cybersecurity Articles:

$4.6 million award creates program to train cybersecurity professionals
A five-year, $4.63 million award from the National Science Foundation will enable a multi-disciplinary team of researchers at the University of Arkansas to create a program to recruit, educate and train the next generation of cybersecurity professionals.
First cyber agility framework to train officials developed to out-maneuver cyber attacks
To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the US Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.
Cyber of the fittest: Researchers develop first cyber agility framework to measure attacks
The framework proposed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks over time.
Army researchers identify new way to improve cybersecurity
Researchers at the US Army Combat Capabilities Development Command's Army Research Laboratory, the Army's corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.
How susceptible are hospital employees to phishing attacks?
A multicenter study finds high click rate for simulated phishing emails, potential benefit in phishing awareness training.
A Georgia State cybersecurity study of the dark web exposes vulnerability to machine identities
A thriving marketplace for SSL and TLS certificates -- small data files used to facilitate confidential communication between organizations' servers and their clients' computers -- exists on a hidden part of the Internet, according to new research by Georgia State University's Evidence-Based Cybersecurity Research Group (EBCS) and the University of Surrey.
Army scientists revolutionize cybersecurity through quantum research
Army scientists have found a novel way to safeguard quantum information during transmission.
Dena Haritos Tsamitis secures $5 million NSF award for CyberCorps Scholarship for Service program
At a time when demand for cybersecurity expertise has never been higher, Carnegie Mellon University has just been awarded a $5 million renewal of its National Science Foundation CyberCorps Scholarship for Service program through 2023.
UTSA researchers create framework to stop cyber attacks on internet-connected cars
A new study by Maanak Gupta, doctoral candidate at The University of Texas at San Antonio, and Ravi Sandhu, Lutcher Brown Endowed Professor of computer science and founding executive director of the UTSA Institute for Cyber Security (ICS), examines the cybersecurity risks for new generations of smart which includes both autonomous and internet connected cars.
Cybersecurity teams that don't interact much perform best
Army scientists recently found that the best, high-performing cybersecurity teams have relatively few interactions with their team-members and team captain.
More Cybersecurity News and Cybersecurity Current Events

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Rethinking Anger
Anger is universal and complex: it can be quiet, festering, justified, vengeful, and destructive. This hour, TED speakers explore the many sides of anger, why we need it, and who's allowed to feel it. Guests include psychologists Ryan Martin and Russell Kolts, writer Soraya Chemaly, former talk radio host Lisa Fritsch, and business professor Dan Moshavi.
Now Playing: Science for the People

#538 Nobels and Astrophysics
This week we start with this year's physics Nobel Prize awarded to Jim Peebles, Michel Mayor, and Didier Queloz and finish with a discussion of the Nobel Prizes as a way to award and highlight important science. Are they still relevant? When science breakthroughs are built on the backs of hundreds -- and sometimes thousands -- of people's hard work, how do you pick just three to highlight? Join host Rachelle Saunders and astrophysicist, author, and science communicator Ethan Siegel for their chat about astrophysics and Nobel Prizes.