Joint Sensor: Security Test and Evaluation Embedded in a Production Network Sensor Cloud

Abstract

A great security posture inherently requires that cyber operations employ the latest discoveries in emerging security research to keep in step with trends in attack methodologies. The most trenchant cyber security research to date employs actual network data to ensure sensing algorithms and defense methodologies are effective in real-world scenarios. This approach often requires discernments to be made as temporally close to the observed events as possible to allow rapid adaptability of the security posture upon detection of an anomaly. Traditional security architectures, on the other hand, are static and are managed as a centralized, homogenous, symmetrical framework of visibility and interception. Even though access to the data collected from such an environment provides some accessional improvement to researching new algorithms and detection methods, these incremental offline advancements are vetted in a sterile, non-real-time environment without the benefit of sequent responses or adaptive determinations accoutered by a production environment. The primary goal of the Defense Research Engineering Network Cyber Security Test Bed is to leverage emerging network protocols and recent distributed computational techniques to create a cloud of sensors built on tractable computer server platforms that enables cutting-edge security to coexist with current security infrastructure directly inside the production network. The transition time of the latest cyber research from theory to practice will be significantly reduced while intrinsically revolutionizing the approach to engineering network security architectures. By creating a true proving ground by which the science of new algorithms and detection methods can interact directly with raw (as opposed to filtered, sensed, or captured) traffic in real or near-real time in a safe and controlled way, the proposed test bed will provide meaningful advances that can appreciably address the ever changing landscape of cyber attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2010
Accession Number
ADA534880

Entities

People

  • Rob Scott
  • Roy Campbell
  • Tim Owen

Organizations

  • United States Department of Defense

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computer Network Security
  • Computer Networks
  • Computers
  • Cyber Warfare
  • Cyberattacks
  • Cyberspace Operations
  • Detection
  • Digital Communications
  • Electronic Mail
  • High Performance Computing
  • Information Security
  • Intrusion Detection
  • Network Protocols
  • Operating Systems
  • Routing Protocols
  • Security
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Strategic Security Studies
  • Systems Analysis and Design

Technology Areas

  • Cyber