Contributing to the digital future means sharing our knowledge in security

White Papers

The First Age of Cyber has been characterized by the exploitation of digital assets through small subsystem vulnerabilities, which has provided a clear advantage to cyber attackers for the last 30 years. The opportunity to apply a new philosophical approach to shift the balance of power toward a defenders’ advantage is made possible by technologies and processes that have emerged over the last five years.

The Second Age of Cyber requires moving away from the philosophy that has governed cybersecurity since the appearance of the first computer virus. The Second Age begins by rejecting the notion that networks have a physical metaphor and is enabled by knowledge-based networks, not hierarchies.

These two philosophical shifts lead to specific, measurable principles for the Second Age of Cyber that when implemented create advanced cyber defenses that can prevent catastrophic system or data loss, automatically handle known pathogens, and adapt at machine speed to new threats.

White Paper: The Second Age of Cyber

International Conference on System Sciences


January 2018

The 2017 back-to-back collisions of two Navy destroyers led to much speculation about the role of cyberphysical interference in the disasters. As the senior officer representing the U.S. Navy engineering community during the USS McCain cyber assessment, it is clear that we do not yet have the basic tools to definitively answer the question, “were we hacked or did we break it?”

International Conference on System Sciences


January 2017

The concept of a common operational picture has been utilized by the military for situational awareness in warfare domains for many years. With the emergence of cyberspace as a domain, there is a necessity to develop doctrine and tools to enable situational awareness for key-decision makers. Our study analyzes key elements that define cyber situational awareness to develop a methodology to identify assets within key cyber terrain, thus enabling situational awareness at the tactical level. For the purposes of this work, we treat critical assets to be key cyber terrain, given that no formal study has determined differences between asset criticality and key cyber terrain. Mission- and operationallybased questions are investigated to identify critical assets with the TOPSIS methodology. Results show that the ICS system can be evaluated using TOPSIS to identify critical assets contributing to key cyber terrain, enabling further research into other interconnected systems.

International Conference on System Sciences


January 2016

Software-defined networks (SDNs) offer network defenders the opportunity to choose from a variety of protection techniques in response to different threats. In contrast, traditional network architectures often lack the flexibility to implement threat-specific security controls. This research was conducted on a hardware SDN test bed running custom security applications to demonstrate techniques that support a network administrator's requirement to observe, orient, decide, and act upon suspicious activities in the network. Additionally, SDN application development was used to teach undergraduate and graduate students offensive and defensive cyber techniques and tactics.