Software tool
Army Develops Tool for Assessing Situation-Specific Cybersecurity Technologies
Army researchers have developed a software tool designed to help cybersecurity analysts identify the best course of action in near real time.
The repeatable experimentation system uses virtualization and simulation techniques to assess the viability of cybersecurity algorithms in various situations.
RES runs multiple virtual experiments in parallel and packages their results for other researchers to repeat and build upon, the Army said.
The project was led by researchers and students from the University of Texas at El Paso and Army Combat Capabilities Development Command Army Research Laboratory.
DEVCOM ARL researcher Jaime Acosta said RES uses an experimental approach called moving target defense.
“This technique constantly shuffles, or changes, system properties in order to nullify any intelligence information that an adversary may have, and that may be used to compromise systems,” Acosta said.
According to Acosta, the capability is important for cybersecurity analysts working to support multi-domain operations, which is the concept of achieving a competitive advantage over an adversary by exposing it to multiple threats that require separate responses.
The researcher claimed that previous attempts at MTD failed to enable the analytical capabilities needed for the specific cybersecurity use case.
Acosta highlighted the importance of accounting for system performance when selecting the best MTD algorithms and approaches.
The DEVCOM ARL researchers also created RES to serve as a standardized mechanism for future researchers to contribute to the MTD field.
According to Acosta, existing open-source MTD algorithms proved difficult or impossible to recreate due to the incompatibility of their software components or operating environment.
Category: Cybersecurity