Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167513
Siim Alatalu
With cyber on NATO's agenda since 2002 and cyberspace declared a domain of operations for the Alliance at its 2016 Summit, one can ask a straightforward question — how will the Alliance make this declaration work? Starting from defining cyber operations to establishing procedures and delivering practical capability, much needs to be discussed amongst the NATO nations. In a predictable security environment and following all the conventional capacity building steps each of these issues could take years to deliberate. In cyber, however, there is less predictability every moment. One of the ideas that have been proposed as a quick remedy for NATO to deliver on the Warsaw declaration, is the setup of a NATO Cyber Command. One year after Warsaw NATO has yet to take a decision that would establish a NATO-owned cyber-command. Although thus somewhat speculative, the article analyses how and where in the current NCS (NATO Command Structure) a cyber-command can be set up and what should be the key considerations — the ends, ways and means — for NATO in agreeing to its tasks.
{"title":"One year after Warsaw: The growing need for a NATO cyber command","authors":"Siim Alatalu","doi":"10.1109/CYCONUS.2017.8167513","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167513","url":null,"abstract":"With cyber on NATO's agenda since 2002 and cyberspace declared a domain of operations for the Alliance at its 2016 Summit, one can ask a straightforward question — how will the Alliance make this declaration work? Starting from defining cyber operations to establishing procedures and delivering practical capability, much needs to be discussed amongst the NATO nations. In a predictable security environment and following all the conventional capacity building steps each of these issues could take years to deliberate. In cyber, however, there is less predictability every moment. One of the ideas that have been proposed as a quick remedy for NATO to deliver on the Warsaw declaration, is the setup of a NATO Cyber Command. One year after Warsaw NATO has yet to take a decision that would establish a NATO-owned cyber-command. Although thus somewhat speculative, the article analyses how and where in the current NCS (NATO Command Structure) a cyber-command can be set up and what should be the key considerations — the ends, ways and means — for NATO in agreeing to its tasks.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114839970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167505
Rock Stevens
Since the 1970s, the United States has integrated technology into combat platforms to maintain its military superiority. Modern digital vulnerabilities within these platforms place U.S. capabilities and military forces at risk for cyber attack. This paper discusses the impact of digital vulnerabilities for operational commanders through the lens of joint functions and operational factors. The undisciplined pursuit of a technological advantage within its weapons systems stands to revert U.S. military capabilities back to the World War I era. A cursory analysis of these implications yields two policy recommendations that will mitigate risk if adopted. Primarily, the United States needs to extend existing vulnerability disclosure programs to classified capabilities and programs. Secondly, the DoD must implement unscripted attack scenarios within combat readiness exercises that allow commanders to experience the brunt of a cyber attack before lives are at stake in a real-world scenario.
{"title":"Identifying self-inflicted vulnerabilities: The operational implications of technology within U.S. combat systems","authors":"Rock Stevens","doi":"10.1109/CYCONUS.2017.8167505","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167505","url":null,"abstract":"Since the 1970s, the United States has integrated technology into combat platforms to maintain its military superiority. Modern digital vulnerabilities within these platforms place U.S. capabilities and military forces at risk for cyber attack. This paper discusses the impact of digital vulnerabilities for operational commanders through the lens of joint functions and operational factors. The undisciplined pursuit of a technological advantage within its weapons systems stands to revert U.S. military capabilities back to the World War I era. A cursory analysis of these implications yields two policy recommendations that will mitigate risk if adopted. Primarily, the United States needs to extend existing vulnerability disclosure programs to classified capabilities and programs. Secondly, the DoD must implement unscripted attack scenarios within combat readiness exercises that allow commanders to experience the brunt of a cyber attack before lives are at stake in a real-world scenario.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"13 20","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133205162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167508
J. Willis, R. Mills, L. Mailloux, S. Graham
Traditionally, the focus of security and ensuring confidentiality, integrity, and availability of data in spacecraft systems has been on the ground segment and the uplink/downlink components. Although these are the most obvious attack vectors, potential security risks against the satellite's platform is also a serious concern. This paper discusses a notional satellite architecture and explores security vulnerabilities using a systems-level approach. Viewing attacks through this paradigm highlights several potential attack vectors that conventional satellite security approaches fail to consider. If left undetected, these could yield physical effects limiting the satellite's mission or performance. The approach presented aids in risk analysis and gives insight into architectural design considerations which improve the system's overall resiliency.
{"title":"Considerations for secure and resilient satellite architectures","authors":"J. Willis, R. Mills, L. Mailloux, S. Graham","doi":"10.1109/CYCONUS.2017.8167508","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167508","url":null,"abstract":"Traditionally, the focus of security and ensuring confidentiality, integrity, and availability of data in spacecraft systems has been on the ground segment and the uplink/downlink components. Although these are the most obvious attack vectors, potential security risks against the satellite's platform is also a serious concern. This paper discusses a notional satellite architecture and explores security vulnerabilities using a systems-level approach. Viewing attacks through this paradigm highlights several potential attack vectors that conventional satellite security approaches fail to consider. If left undetected, these could yield physical effects limiting the satellite's mission or performance. The approach presented aids in risk analysis and gives insight into architectural design considerations which improve the system's overall resiliency.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"190 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123400996","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167500
J. Rivera
This paper demonstrates a methodology for how the organizations that employ complex enterprise systems of systems can significantly improve cyber defense while decreasing overall operating costs by using formal methods. The paper demonstrates an approach that uses an event-based methodology to formalize all types of enterprise behavior, to include system, human, and environmental events.
{"title":"Cyber security via formal methods: A framework for implementing formal methods","authors":"J. Rivera","doi":"10.1109/CYCONUS.2017.8167500","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167500","url":null,"abstract":"This paper demonstrates a methodology for how the organizations that employ complex enterprise systems of systems can significantly improve cyber defense while decreasing overall operating costs by using formal methods. The paper demonstrates an approach that uses an event-based methodology to formalize all types of enterprise behavior, to include system, human, and environmental events.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122861135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167501
Mohammed Almukaynizi, Eric Nunes, Krishna Dharaiya, M. Senguttuvan, Jana Shakarian, P. Shakarian
The number of software vulnerabilities discovered and publicly disclosed is increasing every year; however, only a small fraction of them is exploited in real-world attacks. With limitations on time and skilled resources, organizations often look at ways to identify threatened vulnerabilities for patch prioritization. In this paper, we present an exploit prediction model that predicts whether a vulnerability will be exploited. Our proposed model leverages data from a variety of online data sources (white-hat community, vulnerability researchers community, and darkweb/deepweb sites) with vulnerability mentions. Compared to the standard scoring system (CVSS base score), our model outperforms the baseline models with an F1 measure of 0.40 on the minority class (266% improvement over CVSS base score) and also achieves high True Positive Rate at low False Positive Rate (90%, 13%, respectively). The results demonstrate that the model is highly effective as an early predictor of exploits that could appear in the wild. We also present a qualitative and quantitative study regarding the increase in the likelihood of exploitation incurred when a vulnerability is mentioned in each of the data sources we examine.
{"title":"Proactive identification of exploits in the wild through vulnerability mentions online","authors":"Mohammed Almukaynizi, Eric Nunes, Krishna Dharaiya, M. Senguttuvan, Jana Shakarian, P. Shakarian","doi":"10.1109/CYCONUS.2017.8167501","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167501","url":null,"abstract":"The number of software vulnerabilities discovered and publicly disclosed is increasing every year; however, only a small fraction of them is exploited in real-world attacks. With limitations on time and skilled resources, organizations often look at ways to identify threatened vulnerabilities for patch prioritization. In this paper, we present an exploit prediction model that predicts whether a vulnerability will be exploited. Our proposed model leverages data from a variety of online data sources (white-hat community, vulnerability researchers community, and darkweb/deepweb sites) with vulnerability mentions. Compared to the standard scoring system (CVSS base score), our model outperforms the baseline models with an F1 measure of 0.40 on the minority class (266% improvement over CVSS base score) and also achieves high True Positive Rate at low False Positive Rate (90%, 13%, respectively). The results demonstrate that the model is highly effective as an early predictor of exploits that could appear in the wild. We also present a qualitative and quantitative study regarding the increase in the likelihood of exploitation incurred when a vulnerability is mentioned in each of the data sources we examine.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133979827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167514
P. Stockburger
Attribution in cyberspace is one of the most difficult questions facing policy makers, lawyers, and jurists. Indeed, the first question often asked in the wake of a cyber incident is “who did it?” The answer to this question is often critical when dealing with the application of international law because it will dictate the rights and responsibilities of States both from an offensive and defensive perspective. Without proper attribution, for example, a State's responsive capabilities are limited. Making matters worse, attribution is difficult to establish factually. Non-State actors often mask their identity, and State actors often hide their true intentions. The degree to which the international rules governing State attribution apply in cyberspace is therefore a matter of great public importance.
{"title":"The control & capabilities test: How a new legal regime is shaping attribution in cyberspace","authors":"P. Stockburger","doi":"10.1109/CYCONUS.2017.8167514","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167514","url":null,"abstract":"Attribution in cyberspace is one of the most difficult questions facing policy makers, lawyers, and jurists. Indeed, the first question often asked in the wake of a cyber incident is “who did it?” The answer to this question is often critical when dealing with the application of international law because it will dictate the rights and responsibilities of States both from an offensive and defensive perspective. Without proper attribution, for example, a State's responsive capabilities are limited. Making matters worse, attribution is difficult to establish factually. Non-State actors often mask their identity, and State actors often hide their true intentions. The degree to which the international rules governing State attribution apply in cyberspace is therefore a matter of great public importance.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126449032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167504
Jeffrey Guion, Mark Reith
The Air Force is shifting its cybersecurity paradigm from an information technology (IT)-centric toward a mission oriented approach. Instead of focusing on how to defend its IT infrastructure, it seeks to provide mission assurance by defending mission relevant cyber terrain enabling mission execution in a contested environment. In order to actively defend a mission in cyberspace, efforts must be taken to understand and document that mission's dependence on cyberspace and cyber assets. This is known as cyber terrain mission mapping. This paper seeks to define mission mapping and overview methodologies. We also analyze current tools seeking to provide cyber situational awareness through mission mapping or cyber dependency impact analysis and identify existing shortfalls.
{"title":"Cyber terrain mission mapping: Tools and methodologies","authors":"Jeffrey Guion, Mark Reith","doi":"10.1109/CYCONUS.2017.8167504","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167504","url":null,"abstract":"The Air Force is shifting its cybersecurity paradigm from an information technology (IT)-centric toward a mission oriented approach. Instead of focusing on how to defend its IT infrastructure, it seeks to provide mission assurance by defending mission relevant cyber terrain enabling mission execution in a contested environment. In order to actively defend a mission in cyberspace, efforts must be taken to understand and document that mission's dependence on cyberspace and cyber assets. This is known as cyber terrain mission mapping. This paper seeks to define mission mapping and overview methodologies. We also analyze current tools seeking to provide cyber situational awareness through mission mapping or cyber dependency impact analysis and identify existing shortfalls.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115769598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167503
S. Hart, Marcus Klink
The Twenty-First Century has seen the dawn of the Internet as a pervasive medium by which nearly all information flows. However, the permissive environment in which the Internet was founded fostered a community plagued by Internet trolls, individuals who deliberately post inflammatory, off-topic, or offensive material on online message boards to elicit angst, or other emotions, from their targets. Then American adversaries weaponized information using trolling, and stories of its increased use and technology to influence behavior dominated headlines over the past year. Foreign influence in cyberspace directed towards the 2016 Presidential Election demonstrates how trolling has changed the political environment in the United States. Americans are vulnerable to the influence of these foreign actors, and most troubling, some will not realize foreign intelligence services target their online activities. Adversaries leverage access through Internet trolling to shift public opinion in a new and original way by distributing politically charged narratives and suppressing the free exchange of ideas through a variety of means. By combining cyber operations, information warfare, and military intelligence with automated infrastructure in one military unit, the Troll Battalion, leaders can influence military operations by shaping adversaries' social and political environments while protecting Americans from the effects of foreign trolls. The practical application of influencing strategic and tactical outcomes via cyber-personas requires further analysis for use on the battlefield, and the protection and defense of American leaders, institutions, and persons must also be analyzed to protect Americans from information warfare.
{"title":"1st Troll Battalion: Influencing military and strategic operations through cyber-personas","authors":"S. Hart, Marcus Klink","doi":"10.1109/CYCONUS.2017.8167503","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167503","url":null,"abstract":"The Twenty-First Century has seen the dawn of the Internet as a pervasive medium by which nearly all information flows. However, the permissive environment in which the Internet was founded fostered a community plagued by Internet trolls, individuals who deliberately post inflammatory, off-topic, or offensive material on online message boards to elicit angst, or other emotions, from their targets. Then American adversaries weaponized information using trolling, and stories of its increased use and technology to influence behavior dominated headlines over the past year. Foreign influence in cyberspace directed towards the 2016 Presidential Election demonstrates how trolling has changed the political environment in the United States. Americans are vulnerable to the influence of these foreign actors, and most troubling, some will not realize foreign intelligence services target their online activities. Adversaries leverage access through Internet trolling to shift public opinion in a new and original way by distributing politically charged narratives and suppressing the free exchange of ideas through a variety of means. By combining cyber operations, information warfare, and military intelligence with automated infrastructure in one military unit, the Troll Battalion, leaders can influence military operations by shaping adversaries' social and political environments while protecting Americans from the effects of foreign trolls. The practical application of influencing strategic and tactical outcomes via cyber-personas requires further analysis for use on the battlefield, and the protection and defense of American leaders, institutions, and persons must also be analyzed to protect Americans from information warfare.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116303638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167506
D. Trimble, Jonathon Monken, Alexander F. L. Sand
Nearly all global economic trade flows through the ports and a broader intermodal transit system in which supporting technology networks are often privately owned and operated. The majority of government oversight and industry cooperation focuses on physical access and the safe construction and operation of ships. The cybersecurity of critical maritime and interconnected infrastructure remains largely unregulated with minimal, if any, assessment or mitigation of cybersecurity risks. These critical infrastructure networks encompass industrial control, SCADA, and information technology systems — much of it proprietary and dependent on operational support or interdependencies in intersecting domains, from energy to transportation. While many operators of the infrastructure are concerned about cybersecurity, the complexity of their systems, interdependence with other sectors, and an outsized public interest in mitigating cyber risks against such crucial economic arteries demonstrates a compelling need for standardized frameworks for assessing cybersecurity risk in the maritime domain. Our work identifies cyber risk factors affecting maritime infrastructure, present barriers to mitigating risks, and proposes the creation of an independent public/private entity for assessing, containing, and mitigating potential risks.
{"title":"A framework for cybersecurity assessments of critical port infrastructure","authors":"D. Trimble, Jonathon Monken, Alexander F. L. Sand","doi":"10.1109/CYCONUS.2017.8167506","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167506","url":null,"abstract":"Nearly all global economic trade flows through the ports and a broader intermodal transit system in which supporting technology networks are often privately owned and operated. The majority of government oversight and industry cooperation focuses on physical access and the safe construction and operation of ships. The cybersecurity of critical maritime and interconnected infrastructure remains largely unregulated with minimal, if any, assessment or mitigation of cybersecurity risks. These critical infrastructure networks encompass industrial control, SCADA, and information technology systems — much of it proprietary and dependent on operational support or interdependencies in intersecting domains, from energy to transportation. While many operators of the infrastructure are concerned about cybersecurity, the complexity of their systems, interdependence with other sectors, and an outsized public interest in mitigating cyber risks against such crucial economic arteries demonstrates a compelling need for standardized frameworks for assessing cybersecurity risk in the maritime domain. Our work identifies cyber risk factors affecting maritime infrastructure, present barriers to mitigating risks, and proposes the creation of an independent public/private entity for assessing, containing, and mitigating potential risks.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126535665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.1109/CYCONUS.2017.8167509
Rebecca K. Lively, M. Curran
This paper addresses contract and fiscal limitations in the acquisition process often seen as a constraint on real-time cyber capability development. First, the paper advocates for increased use of Operations and Maintenance (O&M) funds for low-cost cyber capability development. Using the Air Force's Real Time Operations and Innovation model, the paper suggests a near-term solution for other services to expand their use O&M funds for certain types of cyber capability development. Next, the paper outlines a course of action to better define and expand Department of Defense authority to spend O&M funds for low-cost cyber capability development.
{"title":"Solving the fiscal challenge of real-time cyber capability development: How low-cost cyber capability development can be accelerated through the use of Operations and Maintenance funds and what congress can do to help","authors":"Rebecca K. Lively, M. Curran","doi":"10.1109/CYCONUS.2017.8167509","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167509","url":null,"abstract":"This paper addresses contract and fiscal limitations in the acquisition process often seen as a constraint on real-time cyber capability development. First, the paper advocates for increased use of Operations and Maintenance (O&M) funds for low-cost cyber capability development. Using the Air Force's Real Time Operations and Innovation model, the paper suggests a near-term solution for other services to expand their use O&M funds for certain types of cyber capability development. Next, the paper outlines a course of action to better define and expand Department of Defense authority to spend O&M funds for low-cost cyber capability development.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127177586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: