Active Cyber Defense: A Vision for Real-Time Cyber Defense

ABSTRACT

Cyber operations consist of many functions spanning cyber management, cyber attack, cyber exploitation, and cyber defense, all including activities that are proactive, defensive, and regenerative in nature. A subset of cyber defense, Active Cyber Defense (ACD) focuses on the integration and automation of many services and mechanisms to execute response actions in cyber-relevant time. ACD is comprised of a set of logical functions to capture details from enterprise-level architecture to operational realization with the primary objective to become a living part of DoD cyber operations to help defend the nation from cyber-based adversaries.


AUTHORS

Michael Herring

Information Assurance Directorate, National Security Agency

Michael Herring currently serves as the Technical Director for the National Security Agency Active Cyber Defense Initiative and is responsible for identifying candidate technologies for integration into holistic ACD solutions to defend U.S. Government networks. He also teaches graduate courses in Risk Analysis, Process Strategy, and Information Technology Strategy as a member of the Loyola University Maryland Information Systems and Operations Management Department. Mr. Herring is a graduate of Mississippi State University with a degree in Electrical Engineering, and of Loyola University Maryland with a master’s in Business Administration.

Keith Willett

Information Assurance Directorate, National Security Agency

Keith Willett is the lead architect for Active Cyber Defense (ACD). Mr. Willett has a B.S. in Computer Science with Mathematics minor from Towson University (1984); an M.S. in Business and Information Systems from University of Baltimore (1986); an M.S. in Information Assurance from Norwich University (2005); and is currently working on a Ph.D. in Systems Engineering Security at Stevens Institute of Technology (~2017). Mr. Willett holds (ISC)2 CISSP and ISSAP certifications and has over 30 years’ commercial and government experience in technology and security as an educator, programmer, database administrator, operations manager, systems engineer, enterprise architect, and enterprise security architect. Mr. Willett is the co- author of two books How to Achieve 27001 Certification and the Official (ISC)2 Guide to the ISSMP CBK; and sole-author of the book Information Assurance Architecture all published by Auerbach Publishing.


Published In

Volume 13, Issue 2

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

(

2

3

4

8

9

A
AI
APT

a

B

C
C2
C2S
CDX
CIA
CIP
CPS

D
DNS
DoD
DoS

E

e

F

G

H

I
IA
ICS

i

J

K

L

M

N

O

P
PDA

Q

R

S
SOA

T

t

U

V

W

X
XRY

Y

Z

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com