Automated computer network defence using ARMOUR: Mission-oriented decision support and vulnerability mitigation
Title | Automated computer network defence using ARMOUR: Mission-oriented decision support and vulnerability mitigation |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Nakhla, N., Perrett, K., McKenzie, C. |
Conference Name | 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) |
Date Published | June 2017 |
Publisher | IEEE |
ISBN Number | 978-1-5090-5060-4 |
Keywords | ARMOUR, Automated computer network defence, Automated Cyber Defence, automated mission-oriented decision support, Automated Response Actions, composability, Computational modeling, Computer architecture, computer network security, computer networks, Cyber Attacks, cyber defence integration framework, cyber defence science-and-technology platform, Data analysis, Data models, data sources, decision making, decision support, Decision support systems, Defence Research and Development Canada, infrastructure data analysis, Mission Assurance, mission-context information, near real-time defensive cyber operations, network operators, network responses, Network topology, network-based CoA, network-based courses-of-action, Proactive Cyber Defence, pubcrawl, Resiliency, Responsive Cyber Defence, security, situational awareness, Software, Software Vulnerability Mitigation, vulnerability mitigation |
Abstract | Mission assurance requires effective, near-real time defensive cyber operations to appropriately respond to cyber attacks, without having a significant impact on operations. The ability to rapidly compute, prioritize and execute network-based courses of action (CoAs) relies on accurate situational awareness and mission-context information. Although diverse solutions exist for automatically collecting and analysing infrastructure data, few deliver automated analysis and implementation of network-based CoAs in the context of the ongoing mission. In addition, such processes can be operatorintensive and available tools tend to be specific to a set of common data sources and network responses. To address these issues, Defence Research and Development Canada (DRDC) is leading the development of the Automated Computer Network Defence (ARMOUR) technology demonstrator and cyber defence science and technology (S&T) platform. ARMOUR integrates new and existing off-the-shelf capabilities to provide enhanced decision support and to automate many of the tasks currently executed manually by network operators. This paper describes the cyber defence integration framework, situational awareness, and automated mission-oriented decision support that ARMOUR provides. |
URL | http://ieeexplore.ieee.org/document/8073389/ |
DOI | 10.1109/CyberSA.2017.8073389 |
Citation Key | nakhla_automated_2017 |
- Proactive Cyber Defence
- infrastructure data analysis
- Mission Assurance
- mission-context information
- near real-time defensive cyber operations
- network operators
- network responses
- network topology
- network-based CoA
- network-based courses-of-action
- Defence Research and Development Canada
- pubcrawl
- Resiliency
- Responsive Cyber Defence
- security
- situational awareness
- Software
- Software Vulnerability Mitigation
- vulnerability mitigation
- Cyber Attacks
- Automated computer network defence
- Automated Cyber Defence
- automated mission-oriented decision support
- Automated Response Actions
- composability
- Computational modeling
- computer architecture
- computer network security
- computer networks
- ARMOUR
- cyber defence integration framework
- cyber defence science-and-technology platform
- data analysis
- Data models
- data sources
- Decision Making
- decision support
- Decision support systems