Adversarial Resilient Cyber Effects for Decision Dominance Collaborative Research Program
Funding Agency:
- Department of Defense
Purpose: Research to expand theoretical and scientific understanding of cyberspace windows of superiority (CWoS), such that one can rapidly and reliably identify, predict, and create these windows to provide military and civil leadership with multiple courses of action. We also want to discover novel knowledge and advance the scientific foundations of multidomain cyber deception, cyber resilience, and machine learning for cybersecurity applications. To this end, we intend to fund collaborative research in two research thrusts: 1) Explore and define CWoS, and 2) Adversarial Resilient Cyber (ARC). Each of these research thrusts has separate but related topics.
These research outcomes are intended to inform the public and private sectors so they can better protect critical infrastructure sectors and defend against state and non-state actors who threaten reliable access to the Internet.
Background: The Army requires cyberspace superiority to successfully carry out multidomain operations. Cyberspace superiority is defined in Joint Publication 3-12[1] as, “The degree of dominance in cyberspace by one force that permits the secure, reliable conduct of operations by that force, and its related land, air, maritime, and space forces at a given time and place without prohibitive interference by an adversary.” While these windows are important in tactical operations, they also have similar applications in commercial applications like infrastructure, delivery fleets, etc.
The US Army Combat Capabilities Development Command (DEVCOM) Army Research Laboratory (ARL) is focused on researching fundamental understanding and informing the art-of-the-possible for warfighter concepts through research to greatly improve the Army’s ability to use cyberspace windows of advantage to deter and defeat aggressive enemies. The (ARCEDD-CRP) is focused on developing and experimentally evaluating new algorithms and methodologies that contribute to understanding Cyberspace Windows of Superiority (CWoS) and Adversarial Resilient Cybersecurity (ARC). Research conducted in the ARCEDD-CRP is also applicable to applications in academia and industry.
Cyberspace windows of superiority are contextually finite periods of time during which friendly forces assert cyberspace superiority. CWoS identification, prediction, and creation can help friendly forces plan and execute operations more efficiently and effectively by optimally leveraging periods of advantage. This applies even when operating in a disadvantaged state by composing and bringing to bear appropriate cyber-defense and resilience mechanisms, such as those under ARC. An in-depth discussion of CWoS can be found at https://www.arl.army.mil/cras/arcedd-crp.
ARC can provide a large scope of specialized methods to resist malicious intrusion, deceive our adversary, adaptively learn adversaries’ beliefs and intent, provide an autonomous response that is robust to manipulation, and quickly recovers from cyber-attack. Cyber deception enables the defender to gain and maintain an advantage while increasing attackers’ uncertainties. Cyber deception also disrupts attackers’ reconnaissance and provides early warning to Intrusion Detection Systems (IDS). Cyber deception helps to misrepresent our systems to attackers by hiding critical systems or making important components appear trivial (camouflage) while making pretender hardware or software appear as real (decoy/honeypot). Cyber deception can influence the attacker’s perception of our network by showing a robust network when we are vulnerable and displaying a vulnerable network during a CWoS.
Cyber resilience can be achieved in two steps. First, we must proactively design our systems to resist cyber-attack or minimize the probability of successful attack. Second, we must admit the imperfection of our cyber defense and develop schemes to fight through cyber-attack and recover capability quickly with minimum degradation. This should allow us to maintain our CWoS. Finally, game theory, machine learning and adversarial machine learning approaches provide a robust framework for an optimum cyber response in the presence of malicious agents.
The ARCEDD-CRP will consist of two cycles executed through individual awards. Each thrust will be focused on addressing a different set of scientific topic areas which will support the research aims of an associated internal essential research program (ERP) or mission-funded program.
Multiple awards
$14,000,000
13 Oct 2023 by 1700 EDT
Jeffrey Shepard Grantor
ARCEDD Email Address