Search for: All records

More specialized cybersecurity education programs are needed to address workforce needs, but it is unclear which knowledge, skills, and abilities (KSAs) fulfil industry needs. We interviewed 48 professionals within four cyber defense specialty areas: (1) Cyber Network Defense Analysis, (2) Cyber Network Defense Infrastructure Support, (3) Incident Response, and (4) Vulnerability Assessment and Management. The professionals rated a number of specialized KSAs along two dimensions: how important the KSA was to their job and how difficult the KSA was to learn. Overall, communication and other non-technical skills were rated as being very important for all cyber defense jobs. Findings indicated that, for some specialty areas, technical knowledge and skills vary considerably between jobs and so the ability to teach oneself is more valuable than proficiency in any one KSA. Findings may be used to inform the development of general cybersecurity curricula, as well as curricula that focus on Cyber Network Defense Analysis, Cyber Network Defense Infrastructure Support, or Vulnerability Assessment and Management. 

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security and robustness of these applications against some known vulnerabilities. However, the large number of vulnerabilities reported and associated with these tools make the exhaustive testing of these tools infeasible against these vulnerabilities infeasible. As an instance of general software testing problem, the research question to address is whether the system under test is robust and secure against these vulnerabilities. This paper introduces the idea of "vulnerability coverage," a concept to adequately test a given application for a certain classes of vulnerabilities, as reported by the National Vulnerability Database (NVD). The deriving idea is to utilize the Common Vulnerability Scoring System (CVSS) as a means to measure the fitness of test inputs generated by evolutionary algorithms and then through pattern matching identify vulnerabilities that match the generated vulnerability vectors and then test the system under test for those identified vulnerabilities. We report the performance of two evolutionary algorithms (i.e., Genetic Algorithms and Particle Swarm Optimization) in generating the vulnerability pattern vectors. 

This paper introduces an approach based on control theory to model, analyze and select optimal security policies for Moving Target Defense (MTD) deployment strategies. A Markov Decision Process (MDP) scheme is presented to model states of the system from attacking point of view. The employed value iteration method is based on the Bellman optimality equation for optimal policy selection for each state defined in the system.The model is then utilized to analyze the impact of various costs on the optimal policy. The MDP model is then applied to two case studies to evaluate the performance of the model.