• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ Journal Issues / Cyber Science & Technology at the Army Research Laboratory (ARL)
Army Research Laboratory (ARL) Cyber Science & TechnologyDownload PDF

Cyber Science & Technology at the Army Research Laboratory (ARL)

Journal of Cyber Security and Information Systems

Volume: 5 Number: 1
Posted: 01/26/2017

Army Research Laboratory (ARL) Cyber Science & TechnologyDownload PDF

U.S. Army Research Laboratory has established a Collaborative Research Alliance, or CRA, which will include an alliance of ARL, U.S. Army Communications-Electronics Research, Development and Engineering Center, academia and industry researchers to explore the basic foundations of cyber science issues in the context of Army networks. ARL cyber research efforts will increasingly focus on developing the models, methods, and understanding to overcome existing barriers to the realization of effective cyber fires and maneuvers in a tactical environment. This journal issue explores those efforts.

Download PDF
« Modeling and Simulation Special Edition: Wargaming
Design and Development Process for Assured Software – DoD Software Assurance Community of Practice: Volume 1 »

Articles In This Issue

  • Cyber Science and Technology at the Army Research Laboratory

    Author: Dr. Alexander Kott
    The U.S. Army Research Laboratory (ARL) received the first salvos in the battle for cybersecurity as early as three decades ago. In terms of technology history, it was an astonishingly long time ago. Before most people ever heard of the Internet. Before there were web browsers. Long before the smartphones. Back in 1986, the laboratory withstood attacks by Markus Hess, a Soviet-sponsored hacker who had successfully penetrated dozens of U.S. military computer sites. In his bestselling book, The Cuckoo’s Egg, the pioneering U.S. cyber defender, Cliff Stoll, describes how he monitored the hacker’s networks activities in the fall of 1986: “He then tried the Army’s Ballistic Research Lab’s computers in Aberdeen, Maryland. The Milnet took only a second to connect, but BRL’s passwords defeated him: he couldn’t get through” (Stoll 1989).
  • The Cyber Security Collaborative Research Alliance: Unifying Detection, Agility, and Risk in Mission-Oriented Cyber Decision Making

    Authors: Patrick McDaniel and Ananthram Swami
    For military networks and systems, the cyber domain is ever-increasingly contested and congested space. Defenders of these systems must fight through adversary action in complex tactical and strategic environments. Just now completing its third year, the Cyber-Security Collaborative Research Alliance has sought to develop approaches for understanding and countering adversaries. The goal of this work is to develop a new science of cyber-decision making in military networks and systems. In this article we introduce the conceptual framework for this new science and consider its core research elements of detection (situational awareness), risk (measurement and assessment), and agility (adapting systems to evolving threats); overlaying this is the human dimension of users, defenders and attackers. We conclude by articulating a vision for future military cyber-operations.
  • Machine Learning and Network Intrusion Detection: Results from Grammatical Inference

    Author: Dr. Richard Harang
    Machine learning for network intrusion detection is an area of ongoing and active research (see references in [1] for a representative selection), however nearly all results in this area are empirical in nature, and despite the significant amount of work that has been performed in this area, very few such systems have received nearly the widespread support or adoption that manually configured systems such as Bro [2] or Snort [3] have. As discussed in [1], there are several differences between more conventional applications of machine learning and machine learning for network intrusion detection that make intrusion detection a challenging domain; these include the overwhelming class imbalance (see [4] for a detailed discussion of this issue), the high asymmetry in misclassification costs, the difficulty in evaluating the performance of an intrusion detection system, and the constantly changing nature of network attacks.
  • Synergistic Architecture for Human-Machine Intrusion Detection

    Authors: Dr. Noam Ben-Asher and Paul Yu
    Modern day detection of cyber threats is a highly manual process where teams of human analysts flag suspicious events while using assistive tools such as Bro and Snort. It is the analysts’ ability to discern suspicious activity and authority to make decisions on threats that place humans into central roles in the threat detection process. However, over-reliance on human ability can lead to a high volume of undetected threats. As the tempo, diversity and complexity of cyberspace threats continues to increase, this shortcoming can only worsen. Therefore, there is a need for a new detection paradigm that is largely automated but where analysts maintain situational awareness and control of the process. We propose a synergistic detection process that captures the benefits of human cognition and machine computation while mitigating their weaknesses. The analyst provides context and domain knowledge, and the machines provide the ability to handle vast data at speed.
  • Risk Analysis with Execution-Based Model Generation

    Authors: Jaime Acosta, Edgar Padilla, Xinming Ou, ...
    Analyzing risk is critical throughout the software acquisition lifecycle. System risk is assessed by conducting a penetration test, where ethical hackers portray realistic threat on real systems by exploiting vulnerabilities. These tests are very costly, limited in duration, and do not provide stakeholders with “what-if” analyses. To alleviate these issues, system models are used in emulation, simulation, and attack graph generators to enhance test preparation, execution, and supplementary post-test analyses. This article describes a method for developing models that can be used to analyze risk in mixed tactical and strategic networks, which are common in the military domain.
  • Security of Cyber-Physical Systems

    Author: Dr. Edward Colbert
    Cyber Physical Systems (CPSs) are electronic control systems that control physical machines such as motors and valves in an industrial plant. In a networked environment, the security of the physical machines depends on the security of the electronic control systems, but cybersecurity is not typically the main design concern. The main concern for CPSs is the availability of the physical machines governing operations. As CPS owners continue to install remote network control devices and incorporate an increasing number of insecure Internet-of-Things (IoT) devices in their industrial processes, the underlying security of their operations becomes increasingly vulnerable. This article outlines current cybersecurity issues of CPSs and potential concerns for future CPS designers and operators. Secure future CPSs are necessary for keeping our critical infrastructure safe.
  • Information Security Continuous Monitoring (ISCM)

    Authors: Akhilomen Oniha, Greg Weaver, Curtis Arnold, ...
    The ability for commanders to know and understand an organizational attack surface, its vulnerabilities, and associated risks is a fundamental aspect of command decision-making. In the cyberspace domain, ongoing monitoring sufficient to ensure and assure effectiveness of security controls related to systems, networks, and cyberspace, by assessing security control implementation and organizational security status in accordance with organizational risk tolerance and within a reporting structure designed to make real time, data-driven risk management decisions are paramount.

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT