O. Sami Saydjari
Abstract
Seeking the knowledge and means to more methodically detect, defend against, and better understand attacks on networked computer resources.
- Committee on Information Systems Trustworthiness, National Research Council. Trust in Cyberspace. National Academy Press, Washington, D.C., 1999.Google Scholar
- Haines, J., Ryder, D., Tinnel, L., and Taylor, S. Validation of sensor alert correlators. IEEE Security and Privacy 1 (Jan./Feb. 2003), 45--56. Google ScholarDigital Library
- Hamilton, S.N., Miller, W.L., Ott, A., and Saydjari, O.S. The role of game theory in information warfare. In Proceedings of the The Fourth Information Survivability Workshop, Vancouver, B.C., Canada, March 2002.Google Scholar
- Letter to President Bush, February 27, 2002; www.uspcd.org/letter.html.Google Scholar
- Neumann, P. Principled Assuredly Trustworthy Composable Architectures. Draft Final Report (Oct. 2003); www.csl.sri.com/users/neumann/chats4.pdf.Google Scholar
- President's Commission on Critical Infrastructure Protection. Critical Foundations: Protecting America's Infrastructure. Washington, D.C., 1997; www.ciao.gov/resource/pccip/PCCIP_Report.pdf.Google Scholar
- Salter, C., Saydjari, O., Schneier, B., and Wallner, J. Toward a secure system engineering methodology. In Proceedings of New Security Paradigms Workshop (Sept. 1998), ACM Press, New York, 1998. Google ScholarDigital Library
- Saydjari, O.S. Defending cyberspace. IEEE Computer 35 (Dec. 2002), 125. Google ScholarDigital Library
- Saydjari, O., Tinnel, L., and Farrell, D. Cyberwar strategy and tactics: An analysis of cyber goals, strategies, tactics, and techniques. In Proceedings of the 2002 IEEE Workshop on Information Assurance, June 2002, U.S. Military Academy, West Point, NY.Google Scholar
- Schudel, G. and Wood, B. Adversary work factor as a metric for information assurance. In Proceedings of New Security Paradigms Workshop (Sept. 2000), ACM Press, New York, 2001. Google ScholarDigital Library
- Tan, K.M. and Maxion, R.A. Determining the operational limits of an anomaly-based intrusion detector. IEEE Journal on Selected Areas in Communications, Special Issue on Design and Analysis Techniques for Security Assurance 21 (Jan. 2003), 96--110. Google ScholarDigital Library
- Tinnel, L., Saydjari, O., and Haines, J. An Integrated Cyber Panel System. Supplement to DARPA Information Survivability Conference and Exposition, April 2003, Crystal City, VA.Google Scholar
Index Terms
- Cyber defense: art to science
Recommendations
Active cyber defense dynamics exhibiting rich phenomena
HotSoS '15: Proceedings of the 2015 Symposium and Bootcamp on the Science of SecurityThe Internet is a man-made complex system under constant attacks (e.g., Advanced Persistent Threats and malwares). It is therefore important to understand the phenomena that can be induced by the interaction between cyber attacks and cyber defenses. In ...
Optimizing Active Cyber Defense
GameSec 2013: 4th International Conference on Decision and Game Theory for Security - Volume 8252Active cyber defense is one important defensive method for combating cyber attacks. Unlike traditional defensive methods such as firewall-based filtering and anti-malware tools, active cyber defense is based on spreading "white" or "benign" worms to ...
A Tale of Three Cyber-Defense Workshops
The National Cyber Defense Initiative (NCDI) has been working behind the scenes to help inform the US research agenda for strategic cyber defense. An important part of the NDCI's activities has been sponsorship of three workshops: the 2006 Safe-...
Reviews
Robert Edward Mahan
This article argues for a strengthening of the scientific foundations of cyber defense. The author approaches the argument logically and vigorously, in five areas: the principal elements of cyber defense, the need for a dynamic rather than static defense posture, cyber defense compared to the conduct of war, current science and technology deficiencies that need improvement, and the systems engineering discipline compared to today's black art defense. Finally, he argues for action in the style of the Manhattan Project, to develop the capability to protect the national infrastructure, and to improve our national defense policy. This is a well-written, cogent account of the current state of cyber defense capabilities and shortcomings. The technical sections are high level, and the information in them is presented in the abstract. It would be hard to disagree with the author's observations. One can argue that there are neglected deficiencies, such as traffic filtering, or tracking down bad actors. My main issue with this article is the intense call to arms. The call for a Manhattan Project-style project-with appropriate national priority, resource levels, and structure-is arguable. Clearly, we must do better, and more resources are needed, but there are many competing priorities, such as physical defense and meeting unmet human needs, that must be balanced against increased investments in cyber defense. That the author raises these questions in the context of a technical discussion is refreshing, and gives one pause to think about these priorities, and how each of us would answer the call. That alone makes this article a recommended read. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments