A Study of Gaps in Cyber Defense Automation
2015
Abstract : Cyber defense automation (CDA) refers to automated response and recovery from cyber at-tacks while still preserving a certain level of mission functionality. The vision of CDA research is to build self-healing, self-immunizing systems. Seven major components are necessary to achieve this vision: attack/vulnerability detection, attack/vulnerability analysis, impact blocking, recovery, vulnerability patching, system cleansing, and an optional active response component (e.g., deception or counter-attack). In this report, by reviewing the state of the art for each of these components, we identify high-priority, short-term research objectives for CDA components, which include: designing low false positive vulnerability detection techniques, developing scalable and fast-impact blocking mechanisms, accurately identifying the location of vulnerabilities, developing new roll-back techniques, evaluating various deception options, and using sanitization techniques for improved cleansing of compromised systems. These eorts will constitute the basic blocks of an effective and automated CDA system.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
26
References
1
Citations
NaN
KQI