Cybersecurity Dynamics: A Foundation for the Science of Cyber Security

 

I would like to briefly describe the approach that I have been pursuing towards ultimately tackling the holy-grail challenge the research community is confronted with: Building a Foundation for the Science of Cyber Security. The importance of this problem was not widely recognized until the 2008 Science of Security Workshop.

The approach is centered on the novel concept of Cybersecurity Dynamics, which essentially describes the evolution of security state of a cyber system, which is often a very large system (of complex systems). As the term may tell itself, this concept is largely influenced by certain disciplines such as Dynamical System (a field of Applied Mathematics) and Statistical Physics. The evolution of security state is caused by the interaction between the cyber attackers/attacks and the cyber defenders/defenses. While the modeling of Cybersecurity Dynamics is centered on security concepts and domain knowledge, analysis of the resulting models often turns out to be very difficult, due to several technical barriers that I plan to write about at a later time. Nevertheless, the expressive power (if I may abuse the term here) of Cybersecurity Dynamics is amazing: We can build descriptive, prescriptive, predicative, and experimental models surrounding the same concept as well as some natural security metrics that can be derived thereof. It is both interesting and surprising (at least to me) that there are a rich set of mathematical techniques that can address some respective aspects of the problem. So far, I have worked with my mathematician collaborators on several relevant techniques: Stochastic Process, Dynamical System, Statistical Physics, Control Theory, Game Theory, Statistics, and Algebraic Graph Theory. I expect that other mathematical techniques are relevant as well. My vision of the Cybersecurity Dynamics Foundation for the Science of Cybersecurity is depicted in Figure 1.

Figure 1. My vision of Cybersecurity Dynamics Foundation for the Science of Cyber Security, where the (sub-)fields mentioned in each perspective are by no means exclusive (explaining the “open-end” in each perspective).

While I firmly believe Cybersecurity Dynamics is the right abstraction that will lead to the ultimately-wanted foundation (i.e., not only deepening our understanding/knowledge, but also guiding the development of tools/instruments for real-life cyber operations risk-management and decision-making), it is also clear to me, as hinted above, that there are a range of challenging theoretic and practical (engineering) problems that must be adequately addressed before we achieve the ultimate goal or fulfill the ambitious vision. Moreover, these problems cannot be bypassed because they are inherent, and therefore must be confronted and tackled — regardless of the specific technical approach that is undertaken. In order to ultimately tackle the holy-grail challenge, there are tons of opportunities for researchers crossing multiple disciplines, crossing multiple sub-disciplines within Computer Science, and crossing the already established various security sub-fields, to closely work together. The way ahead is exciting!!

(Update in May 2016) It has become clear that at a higher-level of abstraction (than Figure 1), Cybersecurity Dynamics offers the following X-Y-Z-t “coordinate system” for exploring cybersecurity, where the X-axis represents first-principle modeling (i.e., assumption-driven modeling), the Y-axis represents data analitics (i.e., data-driven analysis), the Z-axis represents security metrics, and t means that everything is dynamic. This is highlighted in Figure 2 below

 

Figure 2. The X-Y-Z-t “coordinate system” for exploring cybersecurity.

Manuscripts in submission: 

  1. Brandon Collins, Shouhuai Xu, Philip Brown. A Coupling Approach to Analyzing Games with Dynamic Environments. In submission.
  2. Brandon Collins, Shouhuai Xu, Philip Brown. SoK: Game-Theoretic Cybersecurity: Assumptions, Models, Gaps, and Bridges. In submission.
  3. Z. Li, J. Tang, D. Zou, Q. Chen, S. Xu, C. Zhang, Y. Li, and H Jin. Towards Making Deep Learning-based Vulnerability Detectors Robust. In submission.

Published/accepted papers:

Keynote/Invited/Colloquium/Seminar/Panel Talks:

  1. Adaptive Security Dynamics in Critical and Healthcare Sectors. Norwegian Computing Center/Norsk Regnesentral, August 6, 2024.
  2. Adaptive Cyber Defense: From Theory to Practice with Applications to Healthcare Infrastructures, Norwegian Computing Center/Norsk Regnesentral, August 2, 2024.
  3. CR2M: Cyber Risks to Missions Management: Framework, Techniques, and Prototype, National Defense University, June 6, 2024.
  4. Making Space Infrastructures and Systems Resilient against Cyber Attacks. US Space Force University Consortium Symposium, June 5, 2024.
  5. Cybersecurity Dynamics: A Foundation Enabling Automated and Autonomous Cyber Operations & Risk Management. USCYBERCOM Academic Engagement Network (AEN) Tech Talk Series. May 8, 2024.
  6. Secure Space Situational Awareness, USSPACECOM AEE 2024 Spring Symposium, April 12, 2024
  7. Satellite Cybersecurity Vulnerabilities, Attacks, and Defenses, USSPACECOM AEE 2024 Spring Symposium, April 12, 2024.
  8. UCCS Space Cybersecurity and Mission Assurance Research. USSPACECOM AEE 2024 Spring Symposium, April 12, 2024.
  9. Cybersecurity Metrics. Goethe University Frankfurt, Germany, December 13, 2023
  10. Cyber Threats Forecasting. Nanjing University of Posts and Communications, China, December 10, 2023
  11. CR2M: Cyber Risks to Missions Management: Framework, Techniques, and Prototype, National Defense University, December 6, 2023
  12. UCCS Cybersecurity Research: Vision, Example Results, and Future Research Directions, Fort Carson, November 15, 2023
  13. Making Space Infrastructures and Systems Resilient against Cyber Threats: Vision, Framework, Ongoing Research, and Future Directions. UCCS Mountain Lion Club, November 8, 2023
  14. Making Space Infrastructures and Systems Resilient against Cyber Threats: Vision, Framework, Ongoing Research, and Future Directions. AFRL/RV Space Cyber Summit 2023, October 12, 2023
  15. Robotics, AI and Cybersecurity, TechnoWizards Robotics Summer Camp, June 6, 2023
  16. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Ohio State University, April 27, 2023
  17. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. University of Missouri Kansas City, Feb 17, 2023
  18. Repeated Data Breaches and Firm Value, The 18th Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective, University of Maryland College Park, January 11, 2023
  19. Towards Quantitative Cyber Risk Management. Curiosity Unlimited, Dec. 9, 2022.
  20. CR2M2: A Framework for Cyber Risks to Missions Management, National Defense University, Nov 16, 2022.
  21. Path-Aware Risk Scores for Access Control in Zero-Trust Systems, Presentation at CAE in Cybersecurity Symposium, June 9, 2022.
  22. Towards Quantifying Cybersecurity, University of Central Florida, March 31, 2022
  23. Impact of COVID-19 on Corporate Cybersecurity, The 17th Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective, University of Maryland College Park, March 25, 2022
  24. Space Foundation Symposium 365 Panel on “Redefining the Digital World Around Us”, March 9, 2022
  25. SARR: A Cybersecurity Metrics and Quantification Framework. CAE Forum, Oct. 6, 2021.
  26. SARR: A Cybersecurity Metrics and Quantification Framework. SciSec’2021 Keynote, Aug. 14, 2021.
  27. Cybersecurity Metrics and Quantification: Problems, Some Results, and Research Directions. The Defense and Aerospace Test and Analysis Workshop (DataWorks’2021), April 12, 2021.
  28. Cybersecurity and Robotics (Outreach Talk), TechnoWizards, November 8, 2020.
  29. Towards A Systematic Framework for Agile Cyber Defense Decision-Making with Trustworthiness / Uncertainty Quantification. Intelligent Fusion Technology, Inc. October 6, 2020.
  30. Towards A Systematic Framework for Agile Cyber Defense Decision-Making with Trustworthiness / Uncertainty Quantification. UTSA National Security Collaboration Center, Sept. 24, 2020.
  31. Towards A Systematic Framework for Agile Decision Making with Trustworthiness Quantification. Briefing to Army Science Board, July 16, 2020.
  32. Cybersecurity Dynamics: A Metrics-Driven Framework for Cybersecurity Quantification. U.S. National Institute of Standards and Technology, January 7, 2020.
  33. Cybersecurity Dynamics: Framework, Some Results, and Future Research Directions. Old Dominio University, November 13, 2019.
  34. Cybersecurity Dynamics: Framework, Some Results, and Future Research Directions. Nankai University, August 13, 2019.
  35. New Progresses in Cybersecurity Dynamics. Nanjing University, August 12, 2019.
  36. Cybersecurity Dynamics: Framework, Some Results, and Future Research Directions. Zhejiang University, August 7, 2019.
  37. Cybersecurity Dynamics: Framework, Some Results, and Future Research Directions. Center for Secure Information Systems, George Mason University, April 22, 2019.
  38. Cybersecurity Dynamics Overview. The 15th Annual Cybersecurity Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective. Smith School of Business and School of Public Policy, University of Maryland College Park, January 9, 2019.
  39. Cybersecurity Data Analytics: Problems, Some Results, and Research Directions. Department of Statistics, University of Texas at San Antonio, September 14, 2018.
  40. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. University of Science and Technology of China, August 17, 2018.
  41. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Tutorial at SciSec’2018, August 12, 2018.
  42. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Xi’an JiaoTong University University, August 9, 2018.
  43. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity (Part B). Xi’an University of Posts and Telecommunications University, August 8, 2018.
  44. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity (Part A). Shaanxi Normal University, August 8, 2018.
  45. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Tsinghua University, August 6, 2018.
  46. Cybersecurity-Oriented Statistics: Problems, Some Results, and Research Directions. School of Mathematics and Statistics, Jiangsu Normal University, July 15, 2018.
  47. Cybersecurity-Oriented Statistics: Problems, Some Results, and Research Directions. School of Statistics and Data Science, July 12, 2018.
  48. Cybersecurity Dynamics: New Progresses. Nanjing University of Posts and Telecommunications, July 11, 2018.
  49. Cybersecurity Dynamics: New Progresses. Chongqing University, July 9, 2018.
  50. Cybersecurity Dynamics: New Progresses. Wuhan University, July 5, 2018.
  51. Cybersecurity Dynamics: New Progresses. Huazhong University of Science and Technology, July 4, 2018.
  52. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Fudan University, June 29, 2018.
  53. Cybersecurity Dynamics: New Progresses. East China Normal University, June 28, 2018.
  54. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. North Carolina State University, April 10, 2018.
  55. Cybersecurity Dynamics: Recent Progresses. Huazhong University of Science and Technology, December 21, 2017.
  56. Cybersecurity Dynamics: Recent Progresses. Wuhan University, December 20, 2017.
  57. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. SouthWest JiaoTong University, December 18, 2017.
  58. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. East China Normal University, December 13, 2017.
  59. PD & MTD Dynamics. ARO Invitational Workshop on Foundations and Challenges for Proactive and Dynamic Network Defense, Nov. 30-Dec. 1, 2017, Tampa, USA.
  60. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. The 1st International Symposium on Cybersecurity Dynamics, July 19-21, Chongqing University, China.
  61. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. School of Computer Science, HuaZhong University of Science and Technology, July 18, 2017.
  62. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Hong Kong University of Science and Technology, July 13, 2017.
  63. Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. Hong Kong PolyTech University, July 12, 2017.
  64. Three Case Studies of Metrics and Measurements in the STRAM Framework. ARL, December 13, 2016.
  65. New Progress in Cybersecurity Dynamics. Institute of Information Engineering, Chinese Academy of Sciences, July 22, 2016.
  66. New Progress in Cybersecurity Dynamics. School of Computer Science, Huazhong University of Science and Technology, July 19, 2016.
  67. Towards Eliminating the Threat of Drive-By Download Attacks. School of Mathematics, Fudan University, July 14, 2016.
  68. New Progress in Cybersecurity Dynamics. School of Mathematics, Fudan University, July 13, 2016.
  69. Cybersecurity Dynamics. Cyber Security Winter School, Deakin University, July 7-8, 2016.
  70. Cybersecurity Dynamics. Department of Statistics, University of Science and Technology of China, June 26, 2016.
  71. A Call for a Theory of Uncertainty in the Cyber Security Domain. Presented at the 2016 Workshop on Mathematical Reliability and Safety, Jiangsu Normal University, China, June 23-25, 2016.
  72. Cybersecurity Dynamics, Department of Computer Science, University of South Florida, April 7, 2016.
  73. Grey-Box Cybersecurity Data Analytics. USAF RATPAC Working Group, April 6, 2016.
  74. Complexity and Network Sciences Support for the Emerging Science of Cyber Security: Challenges and Exciting Research Opportunities. The Minisymposium on Complex Networked Systems: Modeling and Dynamics, the 8th International Congress on Industrial and Applied Mathematics (ICIAM’15), Beijing, China, August 10-14, 2015.
  75. Cybersecurity Dynamics. School of Computer Science, Fudan University, August 3, 2015.
  76. Cybersecurity Dynamics. Institute of Information Engineering, Chinese Academy of Sciences, July 21, 2015.
  77. Cybersecurity Dynamics. Department of Computer Science, Nanjing University, July 16, 2015.
  78. Cybersecurity Dynamics. Department of Computer Science, George Mason University, June 16, 2015. 
  79. Cyber Defense C2 for Optimizing MTDs. AFRL, June 9, 2015.
  80. Towards Eliminating the Threat of Drive-By Download Attacks. Department of Mathematics, Illinois State University, April 20, 2015.
  81. Cybersecurity Dynamics. Department of Mathematics and Computer Science, Clarkson University, April 16, 2015.
  82. Cybersecurity Dynamics. School of Mathematics, Fudan University, Dec. 18, 2014.
  83. Cybersecurity Data Analytics. Institute of Information Engineering, Chinese Academy of Sciences, Dec. 16, 2014.
  84. Cybersecurity Dynamics. Institute of Systems Science, Academy of Mathematics and Systems Science, Chinese Academy of Sciences, Dec. 15, 2014.
  85. Cybersecurity Data Analytics. School of Software, East China Normal University, Dec. 12, 2014.
  86. Cybersecurity Dynamics: with application to formulating cyber defense C2 framework. ARO workshop on “Cyber Security: From Tactics to Strategies and Back” held at University of North Carolina at Chapel Hill, Sept. 23, 2014.
  87. Cybersecurity Dynamics: a foundation to the science of cybersecurity. Keynote at CTCIS’14
  88. Towards Orchestrating Moving Target Defense with Quantified Mission Assurance, AFRL, August 26, 2014.
  89. Cybersecurity Data Analytics. School of Mathematics, Jiangsu Normal University, July 28, 2014.
  90. Cybersecurity Data Analytics. School of Computer Science, Wuhan University, July 16, 2014.
  91. Cybersecurity Dynamics. School of Computer Science, Huazhong University of Science and Technology, July 15, 2014.
  92. Cybersecurity Dynamics. Department of Computer Science, University of North Carolina at Chapel Hill, April 10, 2014.
  93. Cybersecurity Dynamics. Invited Talk at Inscrypt’13, Nov. 27 – Nov. 30, 2013.
  94. Cybersecurity Dynamics. Department of Computer Science, University of California at Irvine, Nov. 1, 2013.
  95. Cybersecurity Dynamics. Department of Electrical Engineering, Arizona State University, Oct. 30, 2013.
  96. Cybersecurity Dynamics. Department of Computer Science, Texas State University, Oct. 4, 2013.
  97.  Cybersecurity Dynamics. Department of Electrical Engineering and Computer Science, Syracuse University, Sept. 25, 2013.
  98.  Cybersecurity Dynamics. Department of Computer Science, IUPUI, Oct. 12, 2012.
  99. Toward a Statistical Framework for Using Darkspace-Based Unsolicited Traffic to Infer Cyber Threats, The First International Workshop on Darkspace and Unsolicited Traffic Analysis (DUST’12), May 14-May 15, 2012.
  100.  In Quest of a Foundation for Cyber Security. Department of Computer Science, Texas A&M University, Dec. 1, 2010.
  101. (How) Can We Manage the Trustworthiness of Security Infrastructures and Services, Keynote address at The 3rd Asia-Pacific Trusted Infrastructure Technologies Conference (APTC 2008), Oct. 14-17, 2008.

,

Acknowledgement. I thank Dr. Moti Yung for mentoring me in the wonderful field of Cryptography — the transformation from the art of cryptography to the science of cryptography has served as the biggest inspiration for this endeavor — and for constantly encouraging me when this endeavor hits road blockers. I thank Dr. Ravi Sandhu for explaining me his model-architecture-mechanism way of thinking. My interactions with them as well as Dr. Elisa Bertino and Dr. Gene Tsudik have, in one way or another, influenced my way of thinking. I have benefited a lot from my interactions with Dr. Steven King, Dr. Alexander Kott, Dr. John McLean, Dr. Sukarno Mertoguno, Dr. Tom Moyer, Dr. David Nicol, Dr. Mike Reiter, Dr. Ananthram Swami, and Dr. Cliff Wang. Their insightful questions/comments have directly deepened my understanding of the problem, and have even led to some exciting future research directions. I thank my mathematician/physicist/statistician collaborators: Dr. Gaofeng Da, Dr. Yujuan Han, Dr. Zi-Gang Huang, Dr. Ying-Cheng Lai (as well we his students), Dr. Xiaohu Li, Dr. Wenlian Lu (as well as his students), Dr. Yilun Shang, Dr. Jie Sun, and Dr. Maochao Xu. My collaboration with them has made me understand better the strengths and limitations of several Applied Mathematics techniques (broadly defined) in coping with the problems encountered in this endeavor. I thanks all of my co-authors for the fruitful collaboration.

This research endeavor has been supported in part by ARO, ARL, AFOSR, AFRL, DOE, NSA, NSF, and ONR.

Created: 9/2/2013; Last edited: 12/25/2022