Dissertation/Thesis Abstract

Addressing Issues with Defense-in-Depth, APTs, and IoT with Active Cyber Defense Cycle and Cyber Resilience
by Orme, Steve, M.S., Utica College, 2019, 53; 27672467
Abstract (Summary)

Defense-in-Depth practices are failing as a result of the significant changes brought by advanced persistent threats (APTs) and globally scaled networks utilized by the internet of things (IoT). APTs evade Defense-in-Depth architecture by accessing resources, building unique attack methods that can change, and sustaining an attack. IoT challenges Defense-in-Depth practices in that its devices have custom platforms and use low resources; moreover, a projection of 50 billion devices by 2020 makes anti-virus and monitoring difficult to implement. Countering threats perpetrated by APTs and IoT is a matter of changing the approach of cyber-defense thinking. This research project examined how Defense-in-Depth’s idea of preventing all cyber incidents is unsustainable. It further examined the active cyber defense cycle (ACDC) and cyber resilience to show that anticipating cyber incidents and controlling failure mitigates the impact of a cyber incident. ACDC anticipates cyber incidents by changing the monitoring and response to an incident by using threat intelligence and threat environment manipulation. Cyber resilience controls the failure domain by adding diversity and redundancy to systems. Two key findings are that ACDC and cyber resilience do not account for IoT devices and that they do not consider the impact of people during cyber incidents. Future research should apply ACDC and cyber resilience to IoT and to the role of people in a cyber incident with a focus on confidentiality and integrity attacks.

Indexing (document details)
Advisor: Pantani, Paul, Plude, David
Commitee: Mercado, Carmen
School: Utica College
Department: Cybersecurity
School Location: United States -- New York
Source: MAI 81/7(E), Masters Abstracts International
Source Type: DISSERTATION
Subjects: Information Technology, Computer science
Keywords: Active cyber defense cycle, Advanced persistent threat, Cyber resilience, Cybersecurity, Defense-in-depth, Internet of Things
Publication Number: 27672467
ISBN: 9781392617021
Copyright © 2020 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest