As we grow the IACD framework, we also participate with academia to further the science. Here you will find links to our published articles.
Abstract: Computer technology is the nexus of our critical infrastructures, yet it remains extremely vulnerable to cyberattacks. A proposed a healthy cyber ecosystem by automating many risk decisions and optimizing human oversight of security processes too complex or important for machines alone to solve.
Abstract: Strengthening the security and resilience of the cyber ecosystem requires reducing the number of vulnerabilities and the ability to automatically mitigate attack methodologies. This article draws from various research reports to categorize the underlying attack methodologies and summarizes current perspectives on the capabilities needed within the cyber ecosystem to strengthen its security and resilience, while protecting the privacy of the authorized users of the ecosystem.
Abstract: This paper presents a high-level overview of the IACD reference architecture to inform, guide, and facilitate feedback from cyber service providers, network owners and operators, and product vendors on the capabilities and interfaces that can enable an agile, dynamically responsive, and resilient cyber infrastructure.
Abstract: Cyber operations consist of many functions spanning cyber management, cyber attack, cyber exploitation, and cyber defense, all including activities that are proactive, defensive, and regenerative in nature. A subset of cyber defense, Active Cyber Defense (ACD) focuses on the integration and automation of many services and mechanisms to execute response actions in cyber-relevant time. ACD is comprised of a set of logical functions to capture details from enterprise-level architecture to operational realization with the primary objective to become a living part of DoD cyber operations to help defend the nation from cyber-based adversaries.
Abstract: This paper explores a future – a “healthy cyber ecosystem” – where cyber devices collaborate in near‐real time in their own defense. In this future, cyber devices have innate capabilities that enable them to work together to anticipate and prevent cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state.