Computational and Information Sciences Directorate Research Areas

Science of Cyber Security

Advisor: Erbacher, Robert (301-394-1674, Robert.F.Erbacher@us.army.mil)
Adelphi, Maryland

Key words: Cyber Security, Intrusion Detection, Visualization, Cyber Security Theory, Cyber Security Models, Cyber Security Foundations, Network Understanding, Ensemble Techniques, Evidence Fusion

The goal of this research is to examine the issues underlying cyber security, devising novel theoretical constructs on which future cyber security advances will be based. Research is desired which will develop theories, models and understanding that will lead to more effective intrusion detection techniques, e.g., how data can be effectively visualized for decision makers and how existing information can be acquired and fused with the effect of engendering greater understanding of events. Some specific avenues of research being considered include (but are not limited to):

• Exploring models for the representation of cyber security, e.g., game theory
• Exploring ensemble techniques for improved detection with consideration of Byzantine General type attacks
• Considering forensics and anti-forensics in the context of cyber security both as a representational model as well as an analysis paradigm
• Considering behavior as a fundamental indicator in detection and analysis
• Acquiring improved network understanding with the goal of improving detection
• Developing novel detectors based on improved understanding to achieve low FP and FN

 This is an opportunity to have a significant impact on future cyber security research, work with actual analysts in the network analysis domain, validate theories with ARL scientists, and test techniques on real-world data.