Recommendations for Model Driven Paradigms for Integrated Approaches to Cyber Defense
Abstract
This report describes the findings of the North Atlantic Treaty Organization Exploratory Team investigating cyber defense. Many defensive activities in cyber warfare and information assurance rely on ad hoc techniques. The cyber community recognizes that comprehensive, systematic, principle-based modeling and simulation are more likely to produce long-term, reusable approaches. A model-driven paradigm is predicated on mechanisms of modeling the organization whose mission is under cyber attack, the mission itself, and the systems that support it. The level of detail of this class of problems ranges from the level of host and network events to systems assets and up to business functions. Solving this class of problems is of significant difficulty. Such modeling could be used to explore multiple alternative mitigation strategies and select optimal mitigating actions. The paradigm applied to cyber operations is likely to benefit traditional disciplines of cyber defense. The team identified challenges for model-driven paradigms for cyber defense and reviews 2 in detail: 1) modeling adversarial aspects, including wargaming, of the cyber warfare, and 2) modeling of human cognitive processes in relation to cyber activities. Based on its discussions, the team makes recommendations on modeling and simulation for a broad range of cyber defense disciplines.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 06, 2017
- Accession Number
- AD1029420
Entities
People
- Alexander S. Kott
- Bhopinder K. Madahar
- Cristian-mihai Vidu
- Marek Malowidzki
- Matteo Merialdo
- Mona Lange
- Nazife Baykal
- Noam Ben-Asher
- Wim Mees
Organizations
- United States Army Research Laboratory