The scope of this effort involves research in two key areas. The first is a rigorous mathematical characterization of a valid security metric using fundamental principles of mathematical analysis leading toward laws of information assurance. The second is development of laws of information assurance analogous to those developed in well known, traditional science and engineering disciplines. The objectives and goals of this proposed program are to deliver useful laws of information assurance that have been experimentally validated both with information assurance models and in concert with other DARPA projects.
The intent of the IASET Program is the creation of science-based metrics, methodologies, and tools for the implementation of assurance properties during information system design and assessment processes. The program seeks to overcome inherent deficiencies in the present processes in order to address assurance considerations with a true system-level viewpoint. Success will lead to more robust and secure systems that can be developed more rapidly and will have lower life-cycle costs.
- New Ideas:
- Theory of functions and composability
- Automata models and theory
- Physical analogies
- SWARM-based analysis
- Impact:
- Fundamental understanding of metrics
- Reduction to elegant laws
- Vulnerability analysis tool enhancement
- Schedule:
- Year 1
- Analysis and model
- Year 2
- Physical analogies
- Year 3
- Enhance tool
- SWARM-based analysis
Advantages/impact
Advantages of Information Assurance include the following:
- Steps toward precise and useful measures of information vulnerability
- New approaches to the optimization of safeguard deployment in the design of security in systems
- New attempts to understand emergent behaviors in secure composition of systems
- Rigorous, fundamental relationships characterizing information assurance
Publications related to Information Assurance include the following:
- Active Virtual Network Management Prediction: Complexity as a Framework for Prediction, Optimization, and Assurance by Stephen F. Bush, Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002), IEEE Computer Society Press, pp. 534-553, ISBN 0-7695-1564-9, May 29-30, 2002, San Francisco, California, USA.
- Network Security Through Conservation of Complexity by Scott Evans and Bruce Barnett, MILCOM 2002, The Disneyland Resort, Anaheim, CA, USA, October 7-10, 2002.
- A Fundamental Science-Based Approach to Information Assurance by Stephen F Bush and Scott Evans, GE CR&D, 2001.
- Information Assurance through Kolmogorov Complexity by Scott Evans, Stephen F. Bush, and John Hershey, Accepted for publication at the DARPA Information Survivability Conference and Exposition II (DISCEX-II 2001) 12-14 June 2001 in, Anaheim, California
- Detecting Distributed
Denial-of-Service Attacks using Kolmogorov Complexity
Metrics by Amit B. Kulkarni, Stephen F. Bush, and
Scott C. Evans, GE CRD Technical Report 2001CRD176, December
2001.
- Complexity-Based Information Assurance by Stephen F. Bush and S.C. Evans 2001CRD084, October 2001.
- Symbol Compression Ratio
for String Compression and Estimation of Kolmogorov
Complexity by S.C. Evans and Stephen F. Bush,
2001CRD159, November 2001.
- Fundamental Approaches to Information Assurance by Stephen F. Bush, April 25, 2000, DARPA Information Assurance PI Meeting Presentation
Introduction to Kolmogorov Complexity
Go to other graphics:
| Additional Information Assurance details Related Information Assurance applications | Related publication
|
GE home page | GE Research & Development
Direct comments or questions about Self-Evolving Systems to Stephen
Bush.
Updated August 1, 2001.