Next-Generation Architecture and Autonomous Cyber-Defense

  • Carol SmidtsEmail author
  • Xiaoxu Diao
  • Pavan Kumar Vaddi
Part of the Advances in Information Security book series (ADIS, volume 75)


This chapter introduces the motivation for and emerging developments in next-generation network architectures to enable autonomous cyber-defense (ACD), including promising studies on cyber-defense approaches and mechanisms applied to contemporary industrial control systems (ICSs).


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    P. Smith et al., Network resilience: A systematic approach. IEEE Commun. Mag. 49(7), 88–97 (2011)CrossRefGoogle Scholar
  2. 2.
    C.G. Rieger, D.I. Gertman, M.A. McQueen, Resilient control systems: Next generation design research, in Proceedings of the 2nd Conference on Human Systems Interactions (HSI), (2009), pp. 632–636Google Scholar
  3. 3.
    J.P.G. Sterbenz et al., Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Comput. Netw. 54(8), 1245–1265 (2010)CrossRefGoogle Scholar
  4. 4.
    C. Smidts et al., Support for reactor operators in case of cyber-security threats, in ANS Annual Winter Meetings 2017, vol. 117, (2017), pp. 929–932Google Scholar
  5. 5.
    K. Stouffer, J. Falco, K. Kent, Guide to Industrial Control Systems (ICS) Security recommendations of the National Institute of Standards and Technology, in NIST SP-800-82, (2008)Google Scholar
  6. 6.
    M. Farsi, K. Ratcliff, M. Barbosa, An overview of controller area network. Comp. Contr. Eng. J. 281(21), 113–120 (1999)CrossRefGoogle Scholar
  7. 7.
    ARINC, Full duplex switched ethernet (AFDX) data bus. ARINC 664, 2007 (2015)Google Scholar
  8. 8.
    E. Tovar, F. Vasques, Real-time fieldbus communications using Profibus networks. IEEE Trans. Ind. Electron. 46(6), 1241–1251 (1999)CrossRefGoogle Scholar
  9. 9.
    B.F. Lian, J.R. Moyne, D.M. Tilbury, Ethernet, ControlNet, and DeviceNet. SIMULATION, 66–83 (2001)Google Scholar
  10. 10.
    Homeland Security, Recommended practice: Improving industrial control systems cybersecurity with defense-in-depth strategies. ICS-CERT, 1–56 (2016)Google Scholar
  11. 11.
    J. Jang-Jaccard, S. Nepal, A survey of emerging threats in cybersecurity. J. Comput. Syst. Sci. 80(5), 973–993 (2014)MathSciNetCrossRefGoogle Scholar
  12. 12.
    S. Hansman, R. Hunt, A taxonomy of network and computer attacks. Comp. Secur. 24(1), 31–43 (2005)CrossRefGoogle Scholar
  13. 13.
    M. Uma, G. Padmavathi, A survey on various cyber-attacks and their classification. Int. J. Network Sec. 15(5), 390–396 (2013)Google Scholar
  14. 14.
    C.A. Myers, S.S. Powers, D.M. Faissol, Taxonomies of cyber-adversaries and attacks: A survey of incidents and approaches, in Lawrence Livermore National Laboratory Report No. LLNL-TR-419041, (2009). URL Scholar
  15. 15.
    H. Okhravi, F.T. Sheldon, Data diodes in support of trustworthy cyber infrastructure, in Optimization and Security Challenges in Smart Power Grids (Energy Systems), ed. by V. Pappu, M. Carvalho, P. Pardalos, (2010), pp. 203–216. URL Scholar
  16. 16.
    S. Shah, A modern approach to cybersecurity analysis using vulnerability assessment and penetration testing. Int. J. Elect. Commun. Comp. Eng. 4(6), 47–52 (2013)Google Scholar
  17. 17.
    P. Vinod, V. Laxmi, M.S. Gaur, Survey on malware detection methods, in Proceedings of the 3rd Hackers’ Workshop on Computer and Internet Security, (2009), pp. 74–79Google Scholar
  18. 18.
    National Institute of Standards and Technology, Security and Privacy Controls for Federal Information Systems and Organizations. NIST SP-800-53, Rev. 4 (2012)Google Scholar
  19. 19.
    National Institute of Standards and Technology, An Introduction to Information Security. NIST SP-800-12, Rev. 1, p. 85 (2017)Google Scholar
  20. 20.
    National Institute of Standards and Technology, Guide for Applying the Risk Management Framework to Federal Information Systems. NIST SP-800-37, Rev. 1, p. 93 (2010)Google Scholar
  21. 21.
    V. Gunes, S. Peter, T. Givargis, F. Vahid, A survey on concepts, applications, and challenges in cyber-physical systems. KSII Transact. Int. Inform. Syst. 8(12), 4242–4268 (2014)Google Scholar
  22. 22.
    Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., and Hahn A., Guide to industrial control systems (ICS) Security. NIST SP-800-82, Rev. 2 (2015)Google Scholar
  23. 23.
    N.J. McCormick, Reliability and Risk Analysis: Methods and Nuclear Power Applications (Academic Press, New York, 1981)Google Scholar
  24. 24.
    J.C. Knight, E.A. Strunk, K.J. Sullivan, Towards a rigorous definition of information system survivability, in Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX 2003), vol. 1, (2003), pp. 78–89CrossRefGoogle Scholar
  25. 25.
    P.E. Heegaard, K.S. Trivedi, Network survivability modeling. Comput. Netw. 53(8), 1215–1234 (2009)CrossRefGoogle Scholar
  26. 26.
    A. Avižienis, J.C. Laprie, B. Randell, C. Landwehr, Basic concepts and taxonomy of dependable and secure computing. IEEE Transact. Depend. Secure Comp. 1(1), 11–33 (2004)CrossRefGoogle Scholar
  27. 27.
    D. Wei, K. Ji, Resilient industrial control system (RICS): Concepts, formulation, metrics, and insights, in Proceedings of the 3rd International Symposium on Resilient Control Systems (ISRCS 2010), (2010), pp. 15–22CrossRefGoogle Scholar
  28. 28.
    U. Franke, J. Brynielsson, Cyber-situational awareness: A systematic review of the literature. Comput. Secur. 46, 18–31 (Oct. 2014)CrossRefGoogle Scholar
  29. 29.
    J. Li, J. Yackoski, N. Evancich, Moving target defense, in Proceedings of the 2016 ACM Workshop on Moving Target Defense (MTD 2016), (2016), pp. 69–79CrossRefGoogle Scholar
  30. 30.
    E. Tyugu, Artificial intelligence in cyber-defense, in 2011 3rd International Conference on Cyber Conflict, (2011), pp. 1–11Google Scholar
  31. 31.
    R. Colbaugh, K. Glass, Proactive defense for evolving cyber-threats, in Proceedings on the 2011 IEEE International Conference on Intelligence and Security Informatics (ISI 2011), (2011), pp. 125–130CrossRefGoogle Scholar
  32. 32.
    M. Zhu, Z. Hu, P. Liu, Reinforcement learning algorithms for adaptive cyber-defense against Heartbleed, in Proceedings of the First ACM Workshop on Moving Target Defense (MTD 2014), (2014), pp. 51–58Google Scholar
  33. 33.
    J. Raiyn, A survey of cyber-attack detection strategies. Int. J. Secur. Appl. 8(1), 247–256 (2014)Google Scholar
  34. 34.
    F. Pasqualetti, S. Zampieri, F. Bullo, Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)MathSciNetCrossRefGoogle Scholar
  35. 35.
    A.L. Buczak, E. Guven, A survey of data-mining and machine-learning methods for cybersecurity intrusion detection. IEEE Commun. Surveys Tutor. 18(2), 1153–1176 (2015)CrossRefGoogle Scholar
  36. 36.
    R. Zuech, T.M. Khoshgoftaar, R. Wald, Intrusion detection and big heterogeneous data: A survey. J. Big Data 2(3) (2015). URL:
  37. 37.
    R. Mitchell, I.-R. Chen, A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surveys (CSUR) 46(4), 1–29 (2014)., art. 55CrossRefGoogle Scholar
  38. 38.
    K. Tiwary, S. Weerawardhana, I. Ray, A. Howe, PDDLAssistant: A tool for assisting construction and maintenance of attack graphs using PDDL, in Proceedings of the ACM Conference on Computer and Communications Security 2017 (CCS 2017), (2017). URL: Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Reliability and Risk Laboratory, Department of Mechanical and Aerospace EngineeringThe Ohio State UniversityColumbusUSA

Personalised recommendations