Cybersoace Defense Technician (MOS 255s)

Abstract

The analogy in this article is like a parable that will help you understand the multidimensional arena into which the Army is deploying expert cyberspace defense technicians. To fully grasp the analogy you have to understand that our current cyberspace defensive measures are almost entirely reactive in nature. Most often, adversarial activity is identified by the loss of critical data and/or the malicious manipulation of data elements and devices. After the fact, forensics often discover that such adversarial activity had been going on for quite a significant amount of time before it was discovered. At this point a signature is created and placed in devices that are used to look for such adversarial activity. These devices look at current activity and if any matches this signature they then alert and activate devices that detect or in some cases prevent further adversarial activity. If placed on a scale in its simplest of forms, it would look something like figure 1 below. Having established a protected posture, we scan our networks for evidence of adversarial activity by comparing cyberspace activity against our current signatures and various indications and warnings established and in place at the time. Once an adversary has established intent to attack our networks, an operational preparation of the environment sets the way for an attack which then may present a viable avenue to exploit our networks and extract critical information. Once an attack and/or exploit are defeated, we begin the process of remediation to correct any faults deficiencies, and/or vulnerabilities that created the threat. The defeated adversary then slightly changes the toolset in order to launch a new attack. More sophisticated adversaries create toolsets that automatically morph on their own in order to prevent detection or the capability of the remediation from being successful.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2011
Accession Number
ADA562887

Entities

People

  • Todd M. Boudreau

Tags

Communities of Interest

  • Cyber
  • Human Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computer Networks
  • Cyber Defense Techniques
  • Cyberspace
  • Cyberspace Operations
  • Detection
  • Electromagnetic Spectra
  • Electronic Mail
  • Emergency Response
  • Explosive Devices
  • Information Assurance
  • Information Operations
  • Intelligence Community
  • Networks
  • Personnel Management
  • Security
  • Technicians
  • Warrant Officers

Fields of Study

  • Computer science

Readers

  • Aerospace Engineering.
  • Distributed Systems and Data Platform Development
  • Educational Psychology

Technology Areas

  • Cyber