Cyber Security Collaborative Research Alliance

Cyber Security Collaborative Research Alliance (CSCRA) was a research program initiated and sponsored by the US Army Research Laboratory (ARL). The objective of the program was "to develop a fundamental understanding of cyber phenomena, including aspects of human attackers, cyber defenders, and end users, so that fundamental laws, theories, and theoretically grounded and empirically validated models can be applied to a broad range of Army domains, applications, and environments."[1]

Collaborative Technology and Research Alliances is a term for partnerships between Army laboratories and centers, private industry and academia for performing research and technology development intended to benefit the US Army. The partnerships are funded by the US Army.[2]

History

edit

Since approximately 1992, ARL formed a number of partnerships that involved the triad of industry, academia and government. One of them was the Cyber Security Collaborative Research Alliance (CSCRA) which was awarded on September 20, 2013.[2] The program was expected to be completed in September 2022.[3]

Objectives

edit

Recognizing the need to address the growing threat of attacks on its cyber networks, the U.S. Army launched CSCRA. The alliance conducted research to advance the theoretical foundations of cyber science in the context of U.S. Army networks. According to the Army, research into cybersecurity is critical due to "the growing number and sophistication of attacks on military cyber networks coupled with the ever-increasing reliance on cyber systems to conduct the Army’s mission." The ultimate goal of this research was the rapid development of cyber tools that could be used to dynamically assess cyber risks, detect hostile activities on friendly networks, and support agile maneuvers in cyber space in addressing novel threats.[4]

Objectives of CSCRA included development of the following:[1]

  • Fundamental understanding of cyber phenomena, including human aspects
  • Laws, theories, and theoretically grounded and empirically validated models
  • Concepts applicable to a broad array of Army domains, applications, and environments

Research Thrusts

edit

The CSCRA program was organized around several research thrusts, including the following:[1]

  • Risk, Detection, Agility

Participants

edit

The research under this program was performed collaboratively by scientists of the US Army Research Laboratory and by scientists and engineers of the following institutions:[1]

Results

edit

Examples of research results developed by the CSCRA program include the following:

  • Four publicly available datasets generated using a testbed with simulated benign users and a manual attacker. The datasets were created to provide examples of cyber exploitations and aid in the production of reproducible research that addresses cyber security challenges.[5]
  • An adaptive cyber deception system that provided a virtual network view to each host in an enterprise network, capable of detecting malicious activities resulting from intrusions and probing.[6]
  • A common vocabulary and context for Cyber-Physical Systems (CPS) intended to support research, assessment and responses to threats in this area.[7]
  • A finding that face-to-face interactions deter the success of cybersecurity teams. High-performing teams relied on leadership and functional specialization.[8]

References

edit
  1. ^ a b c d "Cyber Security Research Alliance | U.S. Army Research Laboratory". www.arl.army.mil. Retrieved 2018-09-05.
  2. ^ a b "Collaborative Alliances | U.S. Army Research Laboratory". www.arl.army.mil. Retrieved 2018-09-05.
  3. ^ "U.S. Army Announces Cyber Security Collaborative Research Alliance". www.esecurityplanet.com. Archived from the original on 2018-09-05. Retrieved 2018-09-05.
  4. ^ "U.S. Army's Cyber Collaborative Research Alliance: Seeking an 'Asymmetric Advantage' Against Cyber Attacks". Forecast International. 2016-06-30. Archived from the original on 2018-09-05. Retrieved 2018-09-05.
  5. ^ "Enabling reproducible cyber research - four labeled datasets - IEEE Conference Publication". doi:10.1109/MILCOM.2016.7795383. S2CID 13472320. {{cite journal}}: Cite journal requires |journal= (help)
  6. ^ "ACyDS: An adaptive cyber deception system - IEEE Conference Publication". November 2016: 800–805. doi:10.1109/MILCOM.2016.7795427. S2CID 22895249. Retrieved 2018-09-05. {{cite journal}}: Cite journal requires |journal= (help)
  7. ^ "Cyber Security Research Alliance Workshop Publishes Research Results for "Taxonomy & Ontology for Roots of Trust for Cyber-Physical Systems"". Retrieved 2018-09-05.
  8. ^ "Successful Cybersecurity Teams Are Inherently Antisocial, Army Study Finds". 2018-04-30. Retrieved 2018-09-05.