Abstract
Currently, cyber defense remains a pre-eminently human-driven endeavor, lacking fundamental capabilities for comprehensive and timely detection, response, and prediction. Here, we present transformative concepts to mature cyber defense toward automated anomaly detection, prediction, and response. Our concepts treat the underlying problem at its most basic and essential level: violation of the predictability of correct actions and correct system and service performance, representing unintended relationships and change. We mathematically generalize prediction to explore relationships between dependencies, predict correct action sets, discern and anticipate both intended and unintended change, and mitigate the effects of correlated nested risk to enhance defense capabilities within and across organizations.
These general attributes can also provide the principal knowledge and mechanisms essential for new generations of cyber defense and information assurance. Our concepts directly address immediate and long-term, broad and fundamental needs in defense and, we believe, will be studied indefinitely. The fundamental nature of these concepts leads to their broad applicability across scientific, engineering, and human endeavors, including social, economic, and political systems, where incomplete knowledge-supported decisions steadily increase untenable manipulation and control. These general attributes can also provide the principal knowledge and mechanisms essential for new generations of cyber defense and information assurance.