Cyber Resilience of Systems and Networks

This book introduces fundamental concepts of cyber resilience, drawing expertise from academia, industry, and government. Resilience is defined as the ability to recover from or easily adjust to shocks and stresses. Unlike the concept of security - which is often and incorrectly conflated with resilience -- resilience refers to the system's ability to recover or regenerate its performance after an unexpected impact produces a degradation in its performance. A clear understanding of distinction between security, risk and resilience is important for developing appropriate management of cyber threats. The book presents insightful discussion of the most current technical issues in cyber resilience, along with relevant methods and procedures. Practical aspects of current cyber resilience practices and techniques are described as they are now, and as they are likely to remain in the near term. The bulk of the material is presented in the book in a way that is easily accessible to non-specialists. Logical, consistent, and continuous discourse covering all key topics relevant to the field will be of use as teaching material as well as source of emerging scholarship in the field. A typical chapter provides introductory, tutorial-like material, detailed examples, in-depth elaboration of a selected technical approach, and a concise summary of key ideas.

Autorentext

Dr. Alexander Kott serves as the Chief, Network Science Division, Army Research Laboratory headquartered in Adelphi MD. In this position, he is responsible for fundamental research and applied development in performance and security of both tactical mobile and strategic networks. He oversees projects in network performance and security, intrusion detection, and network emulation.

Between 2003 and 2008, Dr. Kott served as a Defense Advanced Research Programs Agency (DARPA) Program Manager responsible for a number of large-scale advanced technology research programs. His earlier positions included Technical Director with BBN Technologies, Cambridge, MA; Director of R&D at Logica Carnegie Group, Pittsburgh, PA; and IT Research Department Manager at AlliedSignal, Inc., Morristown, NJ. Dr Kott received the Secretary of Defense Exceptional Public Service Award and accompanying Exceptional Public Service Medal, in October 2008.

He earned his PhD from the University of Pittsburgh, Pittsburgh PA in 1989; published over 70 technical papers; and co-authored, and edited six technical books.

Dr. Igor Linkov is the Risk and Decision Science Focus Area Lead with the US Army Engineer Research and Development Center. He is an Adjunct Professor of Engineering and Public Policy at Carnegie Mellon University and Professor of Practice in Electrical and Computer Engineering at the University of Connecticut. Dr. Linkov has managed multiple risk assessments and risk management projects in the areas of environmental management, cybersecurity, critical infrastructure, climate change, and systems vulnerability. He is currently developing resilience assessment and management approaches for infrastructure and cyber systems. As a one of the leaders of the USACE Resilience PDT, he is working on developing the USACE Resilience Roadmap and is part of several Interagency Committees and Working Groups tasked with developing resilience metrics and resilience management approaches. He has published widely on environmental policy, environmental modeling, and risk analysis, including fourteen books and over 250 peer-reviewed papers and book chapters. Dr. Linkov is Society for Risk Analysis Fellow and recipient of 2005 Chauncey Starr Award for exceptional contribution to Risk Analysis and 2014 Outstanding Practitioner Award.

Inhalt

Chapter: Introduction and Preview: introduce the topic of the book; its importance and differentiation from related topics; organization and preview of the book's chapters.

Chapter: Resilience - Key Concepts and Definitions: relations and differentiation from related concepts: security, risk, robustness, reliability, survivability, self-healing, adaptation, agility, cyber maneuver, moving target defense, continuity of operation; fault and disruption tolerance; rapid recovery; cyber insurance; resilience in other fields: organizational theory, biology, psychology, material science

Chapter: Organizational Processes and Practices: managing and operating towards CR: human (and other intelligent supervisory mechanisms') policies, procedures, organizational techniques; review of NIST, MITRE and other guides; objectives and goals of CR (understand, prepare, prevent, constrain, continue, transform, re-architect); key processes of CR; key best practices and heuristics of CR

Section (2-3 chapters): Assessing Cyber Resilience: measurements and measures (direct observables); metrics (computed); approaches to experiments and empirical observations; qualitative judgments and indices; methods for measurement, evaluation, or validation of resilience; characterizing capacity for resilience: absorptive capacity, adaptive capacity, restorative capacity

Section (2-3 chapters): Factors that Affect CR: complexity, resource availability and redundancy; degree of performance optimization, multiplicity of threat types, topology, opportunity for cascading failures, buffering, ability to reject wrong information and make correct inferences; relations of resiliency to other properties: resilience and risk, robustness, reliability, etc.; human factors

Section (3-4 chapters): Characterizing and Predicting CR via Models and Simulation: conceptual and ontological theories of CR; mathematical models of CR; executable and simulation models; simulation/emulation techniques for network resilience; modeling different types of cyber failures; modeling malicious behavior or attacks on networks; modeling of cascading failures; impact of coupling, interdependencies and topology of influences; self-organized criticality; complex adaptive systems, evolution by selection; modeling of resistance and recovery processes; formal methods for CR; mission impact analysis; impact on QoS

Section (4-5 chapters): Building and Enhancing Cyber Resilience: design for resilience; cyber resiliency engineering (architectural practices and mechanisms to improve cyber resilience); standardization of network resilience; technical means to key processes and phases of resilient operations (anticipating and avoiding; withstanding and absorbing; recovering and restoring; adapting and reconfiguring); technologies for strengthening resilient operations (monitoring and situational awareness; cyber maneuver during attack, active defense, deceiving and obfuscating; employing redundant resources; finding (forensics) and destroying hostile malware; service and operations continuity; learning and self-learning)

Section (2-3 chapters): Cyber Resilience of Selected Architectures: Future Internet resilience, P2P and overlay systems, Internet of Things, data centers, wireless-wired communications, wireless sensor networks, emerging communication technologies, vehicle-to-vehicle communications, cloud computing, content-oriented networks architectures and solutions, architectures/solutions, distributed computing, Software-Defined Networks (SDN), cloud architectures, fog architecture

Section (2-3 chapters): Selected Technical Approaches to Cyber Resilience: control theoretic and game theoretic approaches resilience, artificial intelligence and intelligent systems; biologically inspired approaches such as artificial immune systems;

Section (2 chapters): Case Studies in Cyber Resilience: this section will assemble a few case studies of actual events in which a complex system has experienced a cyber com…