THE SCIENCE OF CYBERSECURITY AND A ROADMAP TO RESEARCH -- THE SCIENCE OF CYBERSECURITY AND A ROADMAP TO RESEARCH -- CONTENTS -- PREFACE -- Chapter 1 SCIENCE OF CYBERSECURITY -- Abstract -- 1. executive Summary -- 2. Problem Statement and Introduction -- 3. Cyber-Security as Science - An Overview -- 3.1. Attributes for Cyber-Security -- 3.2. Guidance from other Sciences -- 3.2.1. Economics -- 3.2.2. Meteorology -- 3.2.3. Medicine -- 3.2.4. Astronomy -- 3.2.5. Agriculture -- 3.3. Security Degrades Over Time -- 3.3.1. Unix passwords -- 3.3.2. Lock bumping -- 3.4. The Role of Secrecy -- 3.5. Aspects of the Science of Cyber-Security -- 3.6. Some Science -- 3.6.1. Trust -- 3.6.2. Cryptography -- 3.6.3. Game theory -- 3.6.4. Model checking -- 3.6.5. Obfuscation -- 3.6.6. Machine learning -- 3.6.7. Composition of components -- 3.7. Applying the Fruits of Science -- 3.8. Metrics -- 3.9. The Opportunities of New Technologies -- 3.10. Experiments and Data -- 4. Model Checking -- 4.1. Brief Introduction to Spin and Promela -- 4.2. Application to Security -- 4.2.1. The Needham-Schroeder Protocol -- 4.2.2. Promela model of the protocol -- 4.3. Scaling Issues -- 4.4. Extracting Models from Code -- 4.5. Relationship to Hyper-Properties -- 5. The Immune System Analogy -- 5.1. Basic Biology -- 5.2. Learning from the Analogy -- 5.2.1. The need for adaptive response -- 5.2.2. A mix of sensing modalities -- 5.2.3. The need for controlled experiments -- 5.2.4. Time scale differences -- 5.2.5. Responses to detection -- 5.2.6. Final points -- 6. Conclusions and Recommendations -- A. Appendix: Briefers -- References -- Chapter 2 A ROADMAP FOR CYBERSECURITY RESEARCH -- Executive Summary -- Introduction -- Historical Background -- Current Context -- Document Format -- Background -- Future Directions -- Acknowledgments -- Current Hard Problems in INFOSEC Research.

1. Scalable Trustworthy Systems -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- What are the major research gaps? -- Near term -- Medium term -- Long term -- What are the challenges that must be addressed? -- What approaches might be desirable? -- What R&D is evolutionary and what is more basic, higher risk, game changing? -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 2. Enterprise-Level Metrics (ELMs) -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- Definition -- Collection -- Analysis -- Composition -- Adoption -- What are the major research gaps? -- What are some exemplary problems for R&D on this topic? -- What R&D is evolutionary, and what is more basic, higher risk, game changing? -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 3. System Evaluation Life Cycle -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- Requirements -- Design.

Development and Implementation -- Testing -- Deployment and Operations -- Decommissioning -- What are the major research gaps? -- What are some exemplary problems for R&D on this topic? -- What R&D is evolutionary, and what is more basic, higher risk, game changing? -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 4. Combatting Insider Threats -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- What are the major research gaps? -- What are some exemplary problems for R&D on this topic? -- Collect and Analyze -- Detect -- Deter -- Protect -- Predict -- React -- What are the near-term, midterm, long-term capabilities that need to be developed? -- Near Term -- Medium Term -- Long Term -- What R&D is evolutionary and what is more basic, higher risk, game changing? -- Resources -- Measures of success -- To what extent can we test real systems? -- 5. Combatting Malware and Botnets -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- What are the major research gaps? -- What are some exemplary problems for R&D on this topic? -- What R&D is evolutionary, and what is more basic, higher risk, game changing? -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems?.

6. Global-Scale Identity Management -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide the topic? -- What are the major research gaps? -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 7. Survivability of Time-Critical Systems -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide the topics? -- What are the major research gaps? -- Detect -- React -- What are the challenges that must be addressed? -- What R&D is evolutionary and what is more basic, higher risk, game changing? -- Near term -- Medium term -- Long term -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 8. Situational Understanding and Attack Attribution -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of the practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide this topic? -- What are the major gaps? -- What are some exemplary problems for R&D on this topic? -- What R&D is evolutionary and what is more basic, higher risk, game changing? -- Resources -- Measures of success.

What needs to be in place for test and evaluation? -- To what extent can we test real systems? -- 9. Provenance -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide the topic? -- What are the major research gaps? -- What are some exemplary problem domains for R&D in this area? -- What R&D is evolutionary, and what is more basic, higher risk, game changing? -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- 10. Privacy-Aware Security -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide the topic? -- What are the major research gaps? -- Selective disclosure and privacy-aware access -- Specification frameworks -- Policy issues -- What are some exemplary problems for R&D on this topic? -- What R&D is evolutionary and what is more basic, higher risk, game changing? -- Near term -- Medium term -- Long term -- Game changing -- Resources -- Measures of success -- What needs to be in place for test and evaluation? -- 11. Usable Security -- Background -- What is the problem being addressed? -- What are the potential threats? -- Who are the potential beneficiaries? What are their respective needs? -- What is the current state of practice? -- What is the status of current research? -- Future Directions -- On what categories can we subdivide the topic? -- What are the major research gaps? -- Hard problems.

Other areas we might draw on.