Automated Computer Network Defence Architectures in Coalition Environments

PDF

Authors
  1. Magar, A.
Corporate Authors
Defence Research and Development Canada, Ottawa Research Centre, Ottawa ON (CAN);Bell Canada, Ottawa ONT (CAN);Sphyrna Security, Kanata ON (CAN)
Abstract
The Cyber Decision Making and Response (CDMR) project is conducting research on approaches to Computer Network Defence (CND) information sharing within coalition environments. The ARMOUR automated computer network defence Technology Demonstrator (TD), a component of CDMR that is currently being developed by General Dynamics Mission Systems – Canada, will provide a means to compute, prioritize, and execute courses of action in the cyber domain. The ARMOUR system will collect and integrate internal network data with external data such as vulnerabilities, threats, and mission information. ARMOUR utilises an attack-graph approach to generating courses of action (COAs) for remediating vulnerabilities, and computes various metrics (e.g., operational priority, security posture, costs) in order to recommend and/or initiate appropriate COAs. The ARMOUR system is designed for modularity, and its core feature is an integration framework with interfaces based on open standards. ARMOUR is currently being designed as a centralised system aimed at defending traditional enterprise networks. However, ARMOUR’s collection, analysis, and output of network, vulnerability, and mission data can contribute to improving cyber defence situational awareness in more than just enterprise environments.
Keywords
cyber securiy;information sharing;automated defence
Report Number
DRDC-RDDC-2016-C330 — Contract Report (Final Report)
Date of publication
01 Mar 2016
Number of Pages
52
DSTKIM No
CA043191
CANDIS No
804486
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: