Conclusion
In the current state of the art of network defense, a CSA must overcome the attacker’s asymmetric advantage. Proactive application of defenses puts the attacker and defender on equal footing. In order to generate effective defense plans, it is vital to characterize available defenses. Configurations generated based on these characterizations maximize security while minimizing impact on missioncritical resources. The C2PD program, as illustrated in Figure 3. C2PD Technical Scope, generates these configurations and provides them to a CSA for human-in-the-loop decision making. The selected defense configuration is automatically deployed on the network via the C2PD framework. C2PD advances the state of the art of network defense by greatly decreasing the time required to develop a defensive posture as well as increasing the effectiveness of these postures.
Bibliography
[1] H. Okhravi, M. Rabe, T. Mayberry, W. Leonard and W. Streilein, “Survey of Cyber Moving Target Techniques,” Massachu
[2] P. K. Manadhata and J. M. Wing, “An attack surface metric,” Software Engineering, IEEE Transactions on, vol. 37, no. 3, pp. 371-386, 2011.
[3] P. Manadhata and J. M. Wing, “Measuring a system’s attack surface,” DTIC Document, 2004.
[4] O. H. Alhazmi and Y. K. Malaiya, “Prediction capabilities of vulnerability discovery models.,” in Reliability and Maintainability Symposium, 2006. RAMS’06. Annual, IEEE, 2006, pp. 86-91.
[5] J. Kim, Y. Malaiya and I. Ray, “Vulnerability discovery in multi-version software systems,” in High Assurance Systems Engineering Symposium, 2007. HASE’07. 10th IEEE, IEEE, 2007, pp. 141-148.
[6] D. Last, “Using Historical Software Vulnerability Data to Forecast Future Vulnerabilities,” in Resilience Week 2015, Proceedings of , Philadelphia, 2015.
[7] M. Carvahlo, T. C. Eskridge, K. Ferguson-Walter, N. Paltzer, D. Myers and D. Last, “MIRA: A Support Infrastructure for Cyber Command and Control Operations,” in Resilience Week 2015, Proceedings of, Philadelphia, 2015.
Release Statement
Distribution A: Approved for public release; distribution is unlimited. Case number 88ABW-2015-4680.