The Unbounded Systems Thinking Cybersecurity Paradigm CPT Ryan
The Unbounded Systems Thinking Cybersecurity Paradigm CPT Ryan F Kelly
Example PHPmy. Admin Attack The hacker must use the trusted credentials of both the web server and database server for his attack to work. 2
The Induction Problem Pedro Domingos framed the induction problem in his 2015 book “The Master Algorithm” with the question “How can we ever be justified in generalizing from what we’ve seen to what we haven’t? ” (Domingos, 2015, p. 58). When new threat vectors are exploited, cyber-defense analysts are incapable of predicting the cause, because conception a priori is more a matter of chance than recognition. According to David Hume’s philosophy, “it is impossible to discover causes and effects for any new observation, and any supposition thereon is completely arbitrary” (Hume, 2005, p. 17). - 1748 Domingos, P. (2015). The master algorithm: How the quest for the ultimate learning machine will remake our world. New York, NY: Basic Books. Hume, D. (2005). Sceptical Doubts Concerning the Operations of the Understanding. In An enquiry concerning human understanding (Vol. IV). Stilwell, Kansas, Digireads. com. 3
Unbounded Systems Thinking Ian Mitroff offered “Unbounded Systems Thinking” to handle the “messy” inputs to an inquiry system. Unbounded systems thinking combines Technical (objective), Organization (constructive), and Personal (subjective) perspectives into a single inquiry system. Kelley’s Covariation model applies consensus, consistency, and distinctiveness to attribute behaviors to a person or some outside circumstance. Tech Org Personal Mitroff, I. , and Linstone, H. (1993). The Unbounded Mind: Breaking the Chains of Traditional Business Thinking. Oxford: Oxford University Press. 4
Data Relationship - Behavior 5
A Way Forward – New Research Current research is looking at relationships as objects within data models (Dolk, Anderson, Busalacchi, and Tinsley, 2012). Attribution theories like Kelley’s Covariance Model can be modeled in VRDM. Vector Relational Data Modeling (VRDM) consist of data relationships that are, by definition, configurable, extensible, and reconfigurable and yet require no computer code programming (Anderson et al. , 2014). VRDM shown to be capable of emulating the investigative and threat response processes of an expert cybersecurity analyst (Baugess et al. , 2014). Behavior-based network management (BBNM), a recent Air Force–applied information science research program, revealed that data models can selfmaintain contextual relevance (Seng, 2016). Dolk, D. , Anderson, T. , Busalacchi, F. , and Tinsley, D. (2012, January). GINA: System interoperability for enabling smart mobile system services in network decision support systems. In 2012 45 th Hawaii International Conference on System Science (HICSS) (pp. 1472 -1481). IEEE. Anderson, T. , Mc. Kenzie, S. A. , Blais, C. L. , and Brutzman, D. (2014), ‘Geospatial Mapping of Internet Protocol Addresses for Real-time Cyber Domain Visual Analytics and Knowledge Management Using the Global Information Network Architecture. ’ National Cybersecurity Institute Journal 1 (2), 33 -50. Baugess, K. G. , Chamberlain, J. R. , Chung, S. K. , and Kelly, R. F. (2014). Reactive aggregate model protecting against real-time threats (Masters Thesis, Monterey, California: Naval Postgraduate School). Seng, J. M. (2016, May). ‘Behavior-based Network Management: a Unique Model-based Approach to Implementing Cyber Superiority. ’ In SPIE Defense+ Security (pp. 98260 H-98260 H). International Society for Optics and Photonics. 6
- Slides: 6