Nav: Home

First cyber agility framework to train officials developed to out-maneuver cyber attacks

June 11, 2019

RESEARCH TRIANGLE PARK, N.C. (June 10, 2019) To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the U.S. Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.

"The DOD and U.S. Army recognize that the cyber domain is as important a battlefront as ground, air and sea," said Dr. Purush Iyer, division chief, network sciences at Army Research Office, an element of the Army Futures Command's Army Research Laboratory. "Being able to predict what the adversaries will likely do provides opportunities to protect and to launch countermeasures. This work is a testament to successful collaboration between academia and government."

The framework developed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks. Their work is published in IEEE Transactions on Information Forensics and Security, a top journal for cybersecurity.

"Cyber agility isn't just about patching a security hole, it's about understanding what happens over time. Sometimes when you protect one vulnerability, you expose yourself to 10 others," said Jose Mireles, who works for the DOD and co-developed this first-known framework as part of his UTSA master's thesis. "In car crashes, we understand how to test for safety using the rules of physics. It is much harder to quantify cybersecurity because scientists have yet to figure out what are the 'rules of cybersecurity.' Having formal metrics and measurement to understand the attacks that occur will benefit a wide range of cyber professionals."

To develop quantifiable metrics, Mireles collaborated with a fellow UTSA student Eric Ficke, researchers at Virginia Tech, and a researcher at CCDC ARL and the U.S. Air Force Research Laboratory.

The project under the supervision of UTSA Professor Shouhuai Xu, who serves as the director of the UTSA Laboratory for Cybersecurity Dynamics. Together, they used a honeypot a computer system that lures real cyber-attacks to attract and analyze malicious traffic according to time and effectiveness. As both attackers and defenders created new techniques, the researchers were able to better understand how a series of engagements transformed into a new adaptive and responsive agile pattern or what they called an evolution generation.

"The cyber agility framework is the first of its kind and allows cyber defenders to test out numerous and varied responses to an attack," Xu said. "This is an outstanding piece of work as it will shape the investigation and practice of cyber agility for the many years to come."

Mireles added, "A picture or graph in this case is really worth more than 1,000 words. Using our framework, security professionals will recognize if they're getting beaten or doing a good job against an attacker."
-end-
https://ieeexplore.ieee.org/document/8695107

U.S. Army Research Laboratory

Related Cybersecurity Articles:

New brain-inspired cybersecurity system detects 'bad apples' 100 times faster
The Neuromorphic Cyber Microscope can look for the complex patterns that indicate specific 'bad apples,' all while using less electricity than a standard 60-watt light bulb, due to its brain-inspired design.
NTU and FireEye join forces to grow the ranks of Singapore's cyber security experts
Nanyang Technological University, Singapore (NTU Singapore) and leading cyber security company FireEye are inking a partnership to explore new areas in cyber security research, and to develop courses to meet the rising demand for cyber security professionals needed to help defend critical networks.
Protecting bulk power systems from hackers
Most of us take turning the lights on for granted.
UMass Amherst boosts deep learning research with powerful new GPU cluster
With a new cluster of specialized graphics processing units (GPUs) now installed, the University of Massachusetts Amherst is poised to attract the nation's next crop of top Ph.D. students and researchers in such fields as artificial intelligence, computer vision and natural language processing, says associate professor Erik Learned-Miller of the College of Information and Computer Sciences (CICS).
Streamlining the Internet of Things and other cyber-physical systems
In an Institute of Electrical and Electronics Engineers (IEEE) keynote paper, computer engineers lay out a framework to improve research on cyber-physical systems.
'Security fatigue' can cause computer users to feel hopeless and act recklessly
A new study from National Institute of Standards and Technology researchers found that a majority of the typical computer users they interviewed experienced security fatigue -- weariness or reluctance to deal with computer security -- that often leads users to risky computing behavior at work and in their personal lives.
Cybersecurity researchers design a chip that checks for sabotage
With the outsourcing of microchip design and fabrication worldwide, bad actors along the supply chain have many opportunities to install malicious circuitry in chips.
NYU researchers report cybersecurity risks in 3-D printing
Researchers examined two aspects of additive manufacturing (AM), or 3-D printing, that could have cybersecurity implications and harmful economic impact: printing orientation and insertion of fine defects.
Mason researchers keep networks moving to stay safe from hacker attacks
Imagine burglars have targeted your home, but before they break in, you've already moved and are safe from harm.
Partnership prepares undergraduates to tackle cybersecurity
The Software Assurance Marketplace, housed at the Morgridge Institute for Research at the University of Wisconsin-Madison, is working to address a major cybersecurity skills gap in US undergraduate computer science programs.

Related Cybersecurity Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Climate Crisis
There's no greater threat to humanity than climate change. What can we do to stop the worst consequences? This hour, TED speakers explore how we can save our planet and whether we can do it in time. Guests include climate activist Greta Thunberg, chemical engineer Jennifer Wilcox, research scientist Sean Davis, food innovator Bruce Friedrich, and psychologist Per Espen Stoknes.
Now Playing: Science for the People

#527 Honey I CRISPR'd the Kids
This week we're coming to you from Awesome Con in Washington, D.C. There, host Bethany Brookshire led a panel of three amazing guests to talk about the promise and perils of CRISPR, and what happens now that CRISPR babies have (maybe?) been born. Featuring science writer Tina Saey, molecular biologist Anne Simon, and bioethicist Alan Regenberg. A Nobel Prize winner argues banning CRISPR babies won’t work Geneticists push for a 5-year global ban on gene-edited babies A CRISPR spin-off causes unintended typos in DNA News of the first gene-edited babies ignited a firestorm The researcher who created CRISPR twins defends...