The science of cybersecurity and a roadmap to research / Benjamin J. Colfer, editor.

Format:

Book

Contributor:

Colfer, Benjamin J.

Series:

Defense, security and strategy series.

Computer science, technology and applications.

Defense, security and strategies

Computer science, technology and applications

Language:

English

Subjects (All):

Internet--Security measures--Research.

Internet.

Computer crimes--Prevention--Research.

Computer crimes.

Physical Description:

1 online resource (208 p.)

Edition:

1st ed.

Place of Publication:

Hauppauge, NY : Nova Science Publishers, 2011.

Language Note:

English

Summary:

Examines the cybersecurity research roadmap in order to define a national R&D agenda that is required to enable us to get ahead of our adversaries and produce the technologies that can protect our information systems and networks into the future.

Contents:

Intro

THE SCIENCE OF CYBERSECURITY AND A ROADMAP TO RESEARCH

CONTENTS

PREFACE

Chapter 1 SCIENCE OF CYBERSECURITY

Abstract

1. executive Summary

2. Problem Statement and Introduction

3. Cyber-Security as Science - An Overview

3.1. Attributes for Cyber-Security

3.2. Guidance from other Sciences

3.2.1. Economics

3.2.2. Meteorology

3.2.3. Medicine

3.2.4. Astronomy

3.2.5. Agriculture

3.3. Security Degrades Over Time

3.3.1. Unix passwords

3.3.2. Lock bumping

3.4. The Role of Secrecy

3.5. Aspects of the Science of Cyber-Security

3.6. Some Science

3.6.1. Trust

3.6.2. Cryptography

3.6.3. Game theory

3.6.4. Model checking

3.6.5. Obfuscation

3.6.6. Machine learning

3.6.7. Composition of components

3.7. Applying the Fruits of Science

3.8. Metrics

3.9. The Opportunities of New Technologies

3.10. Experiments and Data

4. Model Checking

4.1. Brief Introduction to Spin and Promela

4.2. Application to Security

4.2.1. The Needham-Schroeder Protocol

4.2.2. Promela model of the protocol

4.3. Scaling Issues

4.4. Extracting Models from Code

4.5. Relationship to Hyper-Properties

5. The Immune System Analogy

5.1. Basic Biology

5.2. Learning from the Analogy

5.2.1. The need for adaptive response

5.2.2. A mix of sensing modalities

5.2.3. The need for controlled experiments

5.2.4. Time scale differences

5.2.5. Responses to detection

5.2.6. Final points

6. Conclusions and Recommendations

A. Appendix: Briefers

References

Chapter 2 A ROADMAP FOR CYBERSECURITY RESEARCH

Executive Summary

Introduction

Historical Background

Current Context

Document Format

Background

Future Directions

Acknowledgments.

Current Hard Problems in INFOSEC Research

1. Scalable Trustworthy Systems

What is the problem being addressed?

What are the potential threats?

Who are the potential beneficiaries? What are their respective needs?

What is the current state of the practice?

What is the status of current research?

On what categories can we subdivide this topic?

What are the major research gaps?

Near term

Medium term

Long term

What are the challenges that must be addressed?

What approaches might be desirable?

What R&amp

D is evolutionary and what is more basic, higher risk, game changing?

Resources

Measures of success

What needs to be in place for test and evaluation?

To what extent can we test real systems?

2. Enterprise-Level Metrics (ELMs)

Definition

Collection

Analysis

Composition

Adoption

What are some exemplary problems for R&amp

D on this topic?

D is evolutionary, and what is more basic, higher risk, game changing?

3. System Evaluation Life Cycle

Future Directions.

On what categories can we subdivide this topic?

Requirements

Design

Development and Implementation

Testing

Deployment and Operations

Decommissioning

4. Combatting Insider Threats

Collect and Analyze

Detect

Deter

Protect

Predict

React

What are the near-term, midterm, long-term capabilities that need to be developed?

Near Term

Medium Term

Long Term

5. Combatting Malware and Botnets

D is evolutionary, and what is more basic, higher risk, game changing?.

Measures of success

6. Global-Scale Identity Management

On what categories can we subdivide the topic?

7. Survivability of Time-Critical Systems

What is the current state of practice?

On what categories can we subdivide the topics?

8. Situational Understanding and Attack Attribution

What are the major gaps?

What R&amp.

D is evolutionary and what is more basic, higher risk, game changing?

9. Provenance

What are some exemplary problem domains for R&amp

D in this area?

10. Privacy-Aware Security

Selective disclosure and privacy-aware access

Specification frameworks

Policy issues

Game changing

11. Usable Security

What is the status of current research?.

Future Directions.

Notes:

Includes index.

Description based on print version record.

ISBN:

1-61122-362-8

OCLC:

847646234