Virginia Tech
    • Log in
    View Item 
    •   VTechWorks Home
    • Destination Areas (DAs)
    • Destination Areas (DAs)
    • Destination Area: Integrated Security (IS)
    • View Item
    •   VTechWorks Home
    • Destination Areas (DAs)
    • Destination Areas (DAs)
    • Destination Area: Integrated Security (IS)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Application of Cybernetics and Control Theory for a New Paradigm in Cybersecurity

    Thumbnail
    View/Open
    ClancyApplicationofCybernetics2013.pdf (934.4Kb)
    Downloads: 439
    Date
    2013-11-01
    Author
    Adams, Michael D.
    Hitefield, Seth D.
    Hoy, Bruce
    Fowler, Michael C.
    Clancy, Thomas Charles III
    Metadata
    Show full item record
    Abstract
    A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
    URI
    http://hdl.handle.net/10919/80421
    Collections
    • Destination Area: Integrated Security (IS) [119]
    • Scholarly Works, Electrical and Computer Engineering [734]
    • Scholarly Works, Hume Center for National Security and Technology [28]

    If you believe that any material in VTechWorks should be removed, please see our policy and procedure for Requesting that Material be Amended or Removed. All takedown requests will be promptly acknowledged and investigated.

    Virginia Tech | University Libraries | Contact Us
     

     

    VTechWorks

    AboutPoliciesHelp

    Browse

    All of VTechWorksCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    Log inRegister

    Statistics

    View Usage Statistics

    If you believe that any material in VTechWorks should be removed, please see our policy and procedure for Requesting that Material be Amended or Removed. All takedown requests will be promptly acknowledged and investigated.

    Virginia Tech | University Libraries | Contact Us