The Army is concerned that near-peer adversaries will one day use cyberattacks to target soldiers’ laptops, radios or other small computers that surround them in vehicles and weapon systems on the battlefield. The enemy might insert malicious software to steal, destroy or fake information, or to misdirect a flying drone, send a soldier spoofed orders or detonate some ordnance prematurely.
To fight back, the Army Research Laboratory is exploring how soldiers one day might calculate risk, detect intrusions and make networks agile to evade attacks as part of a newly formed consortium of academic institutions, the defense industry and the Army Communications-Electronics Research, Development and Engineering Center. It’s also researching the psychosocial perspective on attackers, defenders and the soldiers who use the networks.
It could inform future acquisitions, training, doctrine and tactical decisions, said Alexander Kott, associate director for science and technology for the lab’s Computational and Information Sciences Directorate.
The recently launched collaborative research alliance is set to run for five years, with an optional five-year renewal at $3.3 million to $5.2 million annually.
It is led by Penn State University and includes Carnegie Mellon University, Indiana University and the University of California-Davis and Riverside.
The first area, “risk research,” seeks to develop theories and more fluid models for risk assessment.
“We need to have much better abilities to change our ways on the fly, depending on what we observe the enemy doing,” Kott said.
The next, “detection research,” would shape cyber threat detection and recognition capabilities.
“The faster we can detect the enemy, the faster we can change our tactics to become less vulnerable to them,” Kott said. “Malware is the enemy on our networks, and if we can’t see it, it will stay on our networks and keep harming us.”
The last, “agility research,” supports planning and control of cyber maneuvers, ways to rapidly adjust Army networks and defenses to defeat or mitigate cyber threats and effects. As a frequency-hopping radio adjusts to evade would-be eavesdroppers, networks can be made more dynamic to shake off intrusive malware.
One of the most unique research areas is psychosocial or human factors on the network, which includes not only how to out-think and anticipate the enemy but better protect soldiers and civilians. Why do soldiers and civilians who, in defiance of their training, create weak passwords and click on suspicious links, and how can that be improved? The research will explore how to psychologically prepare a soldier for a sophisticated cyberattack.
“I think we’ll have to get more sophisticated,” Kott said. “Just like ... [with improvised explosive devices], I think there’s a little bit of an analogy here.”