Research in cyber security seeks to develop theories and models that relate properties and capabilities of cyber threat detection, recognition and defeat processes/mechanisms to properties of a malicious activity, and of properties of Army networks. This research informs development of approaches to rapid adaptation of a detection and prevention technique or algorithm as new threats emerge. The focus is on both detection and defeat of highly sophis-ticated, stealthy attackers that employ techniques unlike those of more conventional financially-oriented threats addressed by industry; in addition the focus is on techniques relevant to Army-specific convergent networks that combine strategic and tactical elements, each with their own set of unique challenges.
- Understanding the Cyber Threat
- Automated Detection of Hostile Activities
- Prevention and Defeat of Hostile Activities
Research studies the means by which a network of computing and communicating devices can be protected, managed and operated in a way that minimizes the risk to –and the extent of -- its disruption or degradation while ensuring that the network is able to recover as rapidly and as fully as practical.
- Risk Characterization
- Agile Adaptation