CSIAC JOURNAL

Step into the future with the latest advancements and trends in cybersecurity. 

We blend research with subject matter expertise to provide an outlet for publicly releasable articles on new and emerging science, engineering, and technology within the cybersecurity community.

Latest Articles

Artificial Intelligence in Cybersecurity: How Substituting and Scaling Impact Investment Returns

With the growing integration of artificial intelligence (AI) in cybersecurity, this article investigates the economic principles of substitution and scale’s elasticity to evaluate their impact on the return on security investment. Recognizing the potential of AI technologies to substitute human labor and traditional cybersecurity mechanisms and the significance of cost ramifications of scaling AI solutions within cybersecurity frameworks, the study theoretically contributes to understanding the financial and operational dynamics of AI in cybersecurity. It provides valuable insights for cybersecurity practitioners in public and private sectors. Through this analysis, ways in which AI technologies can redefine economic outcomes in cybersecurity efforts are highlighted. Strategic recommendations are also offered for practitioners to optimize the economic efficiency and effectiveness of AI in cybersecurity, emphasizing a dynamic, nuanced approach to AI investment and deployment.

Read More

Optimization and Analysis for Defense Simulation Models

When performing defense system analysis with simulation models, a great deal of time and effort is expended creating representations of real-world scenarios in U.S. Department of Defense (DoD) simulation tools. However, once these models have been created and validated, analysts rarely retrieve all the knowledge and insights that the models may yield and are limited to simple explorations because they do not have the time and training to perform more complex analyses manually. Additionally, they do not have software integrated with their simulation tools to automate these analyses and retrieve all the knowledge and insights available from their models.

Read More

Navigating Challenges and Opportunities in the Cyber Domain With Sim2real Techniques

In the digital age, the cyber domain has become an intricate network of systems and interactions that underpin modern society. Sim2Real techniques, originally developed with notable success in domains such as robotics and autonomous driving, have gained recognition for their remarkable ability to bridge the gap between simulated environments and real-world applications. While their primary applications have thrived in these domains, their potential implications and applications within the broader cyber domain remain relatively unexplored. This article examines the emerging intersection of Sim2Real techniques and the cyber realm, exploring their challenges, potential applications, and significance in enhancing our understanding of this complex landscape.

Read More

Low-Power Cybersecurity Attack Detection Using Deep Learning on Neuromorphic Technologies

Neuromorphic computing systems are desirable for several applications because they achieve similar accuracy to graphic processing unit (GPU)-based systems while consuming a fraction of the size, weight, power, and cost (SWaP-C). Because of this, the feasibility of developing a real-time cybersecurity system for high-performance computing (HPC) environments using full precision/GPU and reduced precision/neuromorphic technologies was previously investigated. This work was the first to compare the performance of full precision and neuromorphic computing on the same data and neural network and Intel and BrainChip neuromorphic offerings. Results were promising, with up to 93.7% accuracy in multiclass classification—eight attack types and one benign class.

Read More

Extreme Zero Trust

Zero Trust Architecture (ZTA) has become a mainstream information security philosophy. Many commercial enterprises are in varying stages of their journeys in adopting and implementing ZTA. Similarly, federal policy has moved toward ZTA, motivated by actions such as Executive Order 14028 and guided by NIST 800-207 and CISA’s Zero Trust Maturity.

Read More

The Post-Quantum Cryptography

Safe digital communication for organizations and individuals is protected online by using cryptography, whether making an online purchase from a favorite online store or sending an email to a friend or colleague. Imagine the impact if cybercriminals could break the cryptographic algorithms used to encrypt all our banking, medical information and history, or any sensitive data we use in our day-to-day digital life.

Read More

Modeling & Simulation: Battle Readiness in a Virtual World

As the world becomes more complex, the U.S. Department of Defense (DoD) faces a range of challenges that demands innovative solutions. One tool that has proven invaluable in this regard is modeling and simulation (M&S)—the process of creating a representation of a system or process and then using that representation to explore and test different scenarios.

Read More

Dark Net Usage for Countries in Conflict

For many, the “dark web” harbors a stigma. After the rise of notorious “dark net markets” like “Silk Road” and “AlphaBay” in the early 2010s, pop culture has come to equate the “dark web” with illegality and contraband.

Read More

Improving the U.S. Air Force’s Cyber Defense Strategy

April 2007 marks the month when the internet became weaponized [1]. In Estonia’s capital city of Tallinn, the government decided to move a bronze statue of a Russian soldier from the city center to a war memorial cemetery on the outskirts of town (Figure 1). They wanted to move the statue during the 60th anniversary of its erection in 1947, which memorialized the sacrifices of Russian soldiers liberating eastern Europe from the Nazis.

Read More

A Defense-In-Depth and Layered Approach to Software Supply Chain Security

In this article, we will discuss the confluence and utility of using software supply chain (SSC)-focused frameworks (The Updated Framework [TUF] and the in-toto framework), combined with behavioral approaches using artificial intelligence (AI) aligned with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), to generate a truly comprehensive approach for SSC security [1]. Such a “defense-in-depth” approach recognizes that these frameworks by themselves fall short of addressing the guidelines for the integrity of SSCs.

Read More