Researchers: Andrew Moore, Timothy Shimeall
Research Area: Survivable Distributed Systems
Cross Cutting Thrusts: Threat Analysis and Modeling
Analyzing the Threat Dynamics of Complex Networked Systems
Information technology decision-makers face daunting challenges to provide and maintain inter-networked systems that ensure organizational mission success despite sophisticated computer network attacks. Exacerbating this situation, the extremely dynamic threat environment for Internet-based systems requires regular re-evaluation of organizational operations and systems in light of changes in attacker activity or, simply, an improved understanding of threats. Unfortunately, current technology provides little help to determine how attacks affect the survival of what is important to an organization and to maintain a survivability strategy as the threat environment evolves.
This project develops methods and tools that help model and analyze an organization’s threat dynamics and to improve the organization’s security and survivability in light of those dynamics. By defining a holistic view of the threat environment in the context of existing or proposed system operations, the threat dynamics model provides an overview of the general influences that the threat environment has on the ability of the system to fulfill its mission and a better understanding of strategic responses to counter threats. The threat dynamics model also facilitates regular re-evaluation of an organization’s security and survivability by leveraging the artifacts developed during previous evaluations. We recently hosted a workshop on threat dynamics that confirms its utility for analyzing the security and survivability implications of an organization’s business policies, processes, and systems (see http://www.cert.org/research/sdmis/).
The project’s current effort will apply threat dynamics to an important cyber security problem, develop the patterns that describe the mission-critical threats and responses, and demonstrate the viability of using these patterns to build secure and survivable systems. In the longer term, we will develop tools that use the threat dynamics paradigm to help policy makers, system managers, and system developers understand the effects of business/system architecture and administration decisions on security and survivability risk. The tools will facilitate the use of a knowledgebase of threat/response patterns to evaluate and suggest improvements to existing or planned business/system architectures.
Army Research Office