Generative Methods, Meta-learning, and Meta-heuristics for Robust Cyber Defense

Cyberspace is the digital communications network that supports the internet of battlefield things (IoBT), the model by which defense-centric sensors, computers, actuators and humans are digitally connected. A secure IoBT infrastructure facilitates real time implementation of the observe, orient, decide, act (OODA) loop across distributed subsystems. Successful hacking efforts by cyber criminals and strategic adversaries suggest that cyber systems such as the IoBT are not secure. Three lines of effort demonstrate a path towards a more robust IoBT. First, a baseline data set of enterprise cyber network traffic was collected and modelled with generative methods allowing the generation of realistic, synthetic cyber data. Next, adversarial examples of cyber packets were algorithmically crafted to fool network intrusion detection systems while maintaining packet functionality. Finally, a framework is presented that uses meta-learning to combine the predictive power of various weak models. This resulted in a meta-model that outperforms all baseline classifiers with respect to overall accuracy of packets, and adversarial example detection rate. The National Defense Strategy underscores cybersecurity as an imperative to defend the homeland and maintain a military advantage in the information age. This research provides both academic perspective and applied techniques to to further the cybersecurity posture of the Department of Defense into the information age

Warfighting for cyber deterrence: a strategic and moral imperative

Theories of cyber deterrence are developing rapidly. However, the literature is missing an important ingredient—warfighting for deterrence. This controversial idea, most commonly associated with nuclear strategy during the later stages of the Cold War, affords a number of advantages. It provides enhanced credibility for deterrence, offers means to deal with deterrence failure (including intrawar deterrence and damage limitation), improves compliance with the requirements of just war and ultimately ensures that strategy continues to function in the post-deterrence environment. This paper assesses whether a warfighting for deterrence approach is suitable for the cyber domain. In doing so, it challenges the notion that warfighting concepts are unsuitable for operations in cyberspace. To do this, the work constructs a conceptual framework that is then applied to cyber deterrence. It is found that all of the advantages of taking a warfighting stance apply to cyber operations. The paper concludes by constructing a warfighting model for cyber deterrence. This model includes passive and active defences and cross-domain offensive capabilities. The central message of the paper is that a theory of victory (strategy) must guide the development of cyber deterrence

The Challenge of Ensuring Business Security in Information Age

Every day, thousands of businesses rely on the services and information ensured by information and communication networks. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. The asymmetrical threat posed by cyber attacks and the inherent vulnerabilities of cyberspace constitute a serious security risk confronting all nations. For this reason, the cyber threats need to be addressed at the global level. Given the gravity of the threat and of the interests at stake, it is imperative that the comprehensive use of information technology solutions be supported by a high level of security measures and be embedded also in a broad and sophisticated cyber security culture. This paper provides arguments regarding the need to implement coherent information security policies at national level, based on cooperation between public and private sectors and in coordination with international initiatives in the field. Since information security is vital for developing and running an efficient business, this study may constitute a strategic approach to improve the information security posture of Romanian organizations.information security; information security risk management; security threats; confidentiality; integrity; availability.

Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

Offense-defense theory, state size and posturing in the cyber domain: the case of the United Kingdom and the Republic of Estonia

The increasing relevance of the cyber domain has an impact on the national security of states. At current stage, states are in a phase of introducing the cyber approach that best coincides with their security needs. While all states share the same threat of becoming victim to devastating cyber-attacks, they need to consider whether they take an offensive or defensive cyber posture in order to increase security in the virtual domain. This thesis addresses the question of whether state size have an effect on the cyber posture of state. First, in an attempt to theorize cyber posturing, the study modifies traditional assumptions of the offense-defense balance theory and applies the logic of the balance to the cyber domain. In addition, this thesis elaborates state size as a specific element that could explain an offensive or defensive cyber posture. It analysis whether cyber posture of small and large states differs and examines the sensitivity of small and large states to the offense-defense balance. In an empirical analysis of the cyber posture of Estonia and the United Kingdom, the research examines theoretical assumptions in a comparative analysis. The thesis demonstrates that state size has an impact on the cyber posture of states. While the UK adopts an offensive cyber posture, Estonia’s strategic documents do not indicate the development of offensive cyber capabilities at present the time. Finally, the thesis points out that small states are more sensitive to the offense-defense balance in cyberspace and adjust their cyber posture according to the offensive or defensive advantage.https://www.ester.ee/record=b5192821*es