Recommendations for Model Driven Paradigms for Integrated Approaches to Cyber Defense
Technical Report,01 Jan 2016,01 Jan 2017
US Army Research Laboratory Computational and Information Sciences Directorate Adelphi United States
Pagination or Media Count:
This report describes the findings of the North Atlantic Treaty Organization Exploratory Team investigating cyber defense. Many defensive activities in cyber warfare and information assurance rely on ad hoc techniques. The cyber community recognizes that comprehensive, systematic, principle-based modeling and simulation are more likely to produce long-term, reusable approaches. A model-driven paradigm is predicated on mechanisms of modeling the organization whose mission is under cyber attack, the mission itself, and the systems that support it. The level of detail of this class of problems ranges from the level of host and network events to systems assets and up to business functions. Solving this class of problems is of significant difficulty. Such modeling could be used to explore multiple alternative mitigation strategies and select optimal mitigating actions. The paradigm applied to cyber operations is likely to benefit traditional disciplines of cyber defense. The team identified challenges for model-driven paradigms for cyber defense and reviews 2 in detail 1 modeling adversarial aspects, including wargaming, of the cyber warfare, and 2 modeling of human cognitive processes in relation to cyber activities. Based on its discussions, the team makes recommendations on modeling and simulation for a broad range of cyber defense disciplines.
- Computer Systems Management and Standards