Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Buchtitelbild

2014 | OriginalPaper | Buchkapitel

Towards Fundamental Science of Cyber Security

verfasst von : Alexander Kott

Erschienen in: Network Science and Cybersecurity

Verlag: Springer New York

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Terms like “Science of Cyber” or “Cyber Science” have been appearing in literature with growing frequency, and influential organizations initiated research initiatives toward developing such a science even though it is not clearly defined. We propose to define the domain of the science of cyber security by noting the most salient artifact within cyber security—malicious software—and defining the domain as comprised of phenomena that involve malicious software (as well as legitimate software and protocols used maliciously) used to compel a computing device or a network of computing devices to perform actions desired by the perpetrator of malicious software (the attacker) and generally contrary to the intent (the policy) of the legitimate owner or operator (the defender) of the computing device(s). We further define the science of cyber security as the study of relations—preferably expressed as theoretically-grounded models—between attributes, structures and dynamics of: violations of cyber security policy; the network of computing devices under attack; the defenders’ tools and techniques; and the attackers’ tools and techniques where malicious software plays the central role. We offer a simple formalism of these key objects within cyber science and systematically derive a classification of primary problem classes within cyber science.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Nächstes Kapitel Bridging the Semantic Gap: Human Factors in Anomaly-Based Intrusion Detection Systems
Literatur
1.
2.
3.
4.
5.
6.
7.
F.B. Schneider, Blueprint for a science of cybersecurity. Next Wave 19(2), 27–57 (2012)
8.
J. Bau, J.C. Mitchell, Security modeling and analysis. Secur. Priv. IEEE 9(3), 18–25 (2011)
9.
10.
Nancy Cartwright, How the Laws of Physics Lie (Oxford University Press, Oxford, 1983)CrossRef
11.
Patrick Suppes, Representation and Invariance of Scientific Structures (CSLI Publications, Stanford, 2002)MATH
12.
L. Ge, H. Liu, D. Zhang; W. Yu, R. Hardy, R. Reschly, On effective sampling techniques for host-based intrusion detection in MANET, Military Communications ConferenceMILCOM 2012 (2012)
13.
S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang (eds.), Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Advances in Information Security, vol. 54 (Springer, Berlin, 2011)
14.
S. Jajodia, A.K. Ghosh, V.S. Subrahmanian, V. Swarup, C. Wang, X.S. Wang (eds.), Moving Target Defense: Application of Game Theory & Adversarial Modeling, Advances in Information Security, vol. 100 (Springer, Berlin, 2013)
15.
H. Bojinov et al., Address space randomization for mobile devices, in Proceedings of Fourth ACM Conference on Wireless Network Security, 2011, pp. 127–138
16.
E.G. Barrantes et al., Randomized instruction set emulation. ACM Trans. Inf. Syst. Secur. 8(1), 3–30 (2005)CrossRef
17.
S. Boyd, G. Kc, M. Locasto, A. Keromytis, V. Prevelakis, On the general applicability of instruction-set randomization’. IEEE Trans. Dependable Secure Comput. 7(3), 255–270 (2010)CrossRef
18.
D. Torrieri, S. Zhu, S. Jajodia, Cyber Maneuver Against External Adversaries and Compromised Nodes, Moving Target Defense – Advances in Information Security, vol. 100 (Springer, New York, 2013), pp. 87–96
19.
K. Dempsey, et al., Information Security Continuous Monitoring ISCM_ for Federal Information Systems and Organizations (NIST Special Publication, Gaithersburg, MD, 2011), pp. 800–137
20.
A. Kott, C. Arnold, Promises and challenges of continuous monitoring and risk scoring. IEEE Priv. Secur. 11(1), 90–93 (2013)
21.
W. Jensen, Directions in Security Metrics Research, National Institute of Standards and Technology, (NISTIR 7564), Apr 2009
22.
N. Bartol et al., Measuring cyber security and information assurance: a state of the art report, Defense Technical Information Center, May 2009
23.
R.P. Lippman, et al., Continuous security metrics for prevalent network threats: introduction and first four metrics, Technical Report ESCTR- 2010-090, MIT, May 2012
24.
H. Cam, PeerShield: determining control and resilience criticality of collaborative cyber assets in networks, in Proceedings of SPIE 8408, Cyber Sensing 2012, 840808 (1 May 2012)
25.
J.P. Anderson, Computer Security Threat Monitoring and Surveillance (James P. Anderson Co., Fort Washington, 1980)
26.
Stefan Axelsson, The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Inf. Syst. Secur. 3(3), 186–205 (2000)MathSciNetCrossRef
27.
Animesh Patcha, Jung-Min Park, An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 51(12), 3448–3470 (2007)CrossRef
28.
M. McNeese, Perspectives on the role of cognition in cyber security, in Proceedings of the Human Factors and Ergonomics Society 56th Annual Meeting, vol. 56, 2012, p. 268
29.
M. Boyce, K. Duma, L. Hettinger, T. Malone, D. Wilson, J. Lockett-Reynolds, Human performance in cyber security: a research agenda. in Proceedings of the Human Factors and Ergonomics Society 55th Annual Meeting, vol. 55, 2011, p. 1115
30.
R.E. Harang, W.J. Glodek, Identification of anomalous network security token usage via clustering and density estimation, in 46th Annual Conference on Information Sciences and Systems (CISS), 21–23 Mar 2012, pp.1–6
Metadaten
Titel
Towards Fundamental Science of Cyber Security
verfasst von
Alexander Kott
Copyright-Jahr
2014
Verlag
Springer New York
Buch
Network Science and Cybersecurity

Print ISBN: 978-1-4614-7596-5

Electronic ISBN: 978-1-4614-7597-2

Copyright-Jahr: 2014

DOI
https://doi.org/10.1007/978-1-4614-7597-2_1