Informing Active Cyber Defence with Realistic Adversarial Behaviour

Abstract:

In this paper, a cross-disciplinary approach is employed to inform the planning efforts of active cyber defence for military leaders. Militaries across the world are operating under the assumption that cyberspace infrastructure is vulnerable, and potentially compromised, at any given time. Therefore, proactive measures are being taken to secure critical systems, and these measures are known as active cyber defence. In this work, a dataset of empirically observed adversary behaviour activities, collected at the 2015 North American International Cyber Summit (NAICS), is added to an existing cyber warfare simulation framework. By improving the simulation framework in this way, cyber planners can reason about the effective use of cyber forces in the pursuit of active cyber defence. Cross-disciplinary approaches such as this are of paramount importance in order to gain an understanding of the multitude of variables affecting complex cyberspace environments. Five virtual experiments are conducted using the improved computational model based on the observed adversary behaviour. These experiments illuminate key considerations for military planners.


AUTHORS

Photo of Geoffrey B. Dobson

School of Computer Science Carnegie Mellon University Pittsburgh, PA,
U.S.

Geoffrey B. Dobson is a Computer Engineer and member of the Technical Staff at Carnegie Mellon University’s Software Engineering Institute in Pittsburgh, Pennsylvania, U.S., where he splits time managing U.S. Army cyber warfare exercises and conducting research on the science of cyber security.  He is also a graduate student pursuing a doctorate in the School of Computer Science.

Image of Dr. Aunshul Rege

Department of Criminal Justice Temple University Philadelphia, PA,
U.S.A.

Dr. Aunshul Rege is an Associate Professor in the Department of Criminal Justice  at  Temple University. Her National Science Foundation- supported research on cybercrime focuses on adversarial movement, decision-making and adaptation, adversarial organisational and operational dynamics, and anticipatory defence. She also investigates experiential learning in the areas of cyberattacks and cyber security—across all disciplines— emphasizing the relevance of human behaviour and the social sciences.

Photo of Dr. Kathleen M. Carley

Software and Societal Systems Department
Carnegie Mellon University
Pittsburgh, Pennsylvania, United States

Kathleen M. Carley Ph.D., (Harvard University) is a professor of Societal Computing in the School of Computer Science at Carnegie Mellon University, an IEEE Fellow, the director of the Center for Computational Analysis of Social and Organizational Systems (CASOS), and the CEO.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com