July 30, 2024

An Introduction to Quantum Computing and Its Applications

Winning is much easier if you have an edge, whether that be better personnel, strategy, and/or technology. Quantum Information Science (QIS) - which includes quantum sensing, networking, communications, and computing - provides a technology that both tactical and strategic commanders will leverage to seize the initiative and create positions of advantage. Optimizing the exploitation of quantum technology will require that senior leaders understand enough about the technology and its fast-evolving applications to outmaneuver and outthink our adversaries. This does not require expertise in all facets of QIS, any more than a computer user needs to know computer design. This article attempts to be an introduction to quantum technology and some of its potential uses in the military operational environment.

July 30, 2024

Data as Ammunition – A New Framework for Information Warfare

This article presents a new framework for thinking about data and the risks posed to national security. Taking issue with the prevailing analogy of “data as oil,” this article argues that viewing data as ammunition provides a clearer understanding of the real threats and a familiar path toward risk mitigation in the information space. The “data as ammunition” analogy carries a better intuitive depiction of the risk and why, in the days of increasing storage which keeps data easily accessible seemingly forever, categorizing data through the lens of ordnance classifications can help clarify the risks to force and national security. We close this article with recommendations to adapt current privacy, security, and commercial policies to mitigate the new risks to force and personnel on and off the battlefield.

July 30, 2024

Overcoming the Labeled Training Data Bottleneck: A Route to Specialized AI

This article explores the potential of large language models (LLMs) to transform dataset creation and analysis in cybersecurity. The proposed method leverages LLMs to overcome the labeled data bottleneck by generating high-quality, task-specific datasets for AI model tuning. Existing network intrusion analysis datasets are synthesized with domain knowledge extracted from cybersecurity literature to create a new dataset tailored for supervised training of zero-day exploit detection systems. LLMs interpret the semantic content of relevant literature to identify crucial characteristics and values of zero-day exploit signatures in network traffic. The resulting synthesized dataset is primarily based on 'organic' data collected by genuine sensors, with key feature characteristics intelligently interpolated by LLMs. This approach enables the creation of suitable training data for high-performance ML models. This article demonstrates the effectiveness of this method by utilizing advanced AI techniques to generate a dataset for zero-day exploit detection, illustrating the potential for accelerated progress in specialized AI for cybersecurity. The proposed solution offers a promising approach to address the challenge of labeled data scarcity in developing specialized AI for cybersecurity, facilitating more efficient and effective protection against emerging threats.

April 26, 2024

From the Editor

I am honored and humbled to be selected as the editor-in-chief of The Cyber Defense Review. I believe the CDR and the combined efforts of this community will push the envelope on the concepts that will keep the competitive balance tilted in our favor. As we look into the future, to where today’s disruptive technologies and innovation converge, I look forward to having an interactive dialog with readers and writers from across the community to help solve the problems of today as we adapt to long-term global competition and build the campaigns that will have lasting impacts ten years out and beyond.

April 26, 2024

Can you hear me now?

A senior civilian in USCYBERCOM asked me “What matters more: the message or the ability to send that message?” I pondered it momentarily, trying to decide on what message was critically important—was it a 911 call? A call for fire at a critical point in battle? These are critically important. However, the message is meaningless if you do not have a way to send it. It suddenly became clear to me where he was going: it is the ability to send a message that is important. The ability to communicate is paramount to just about everything we do, and cyber turns that ability on or off. After more than a year as the Director of the Army Cyber Institute, I’m not so sure anymore. The articles in this edition of the CDR display that even in this one cyber journal, we look to the history of what we know to help describe the future of cyber, yet there are gaps, and it is difficult.

April 26, 2024

Operational Perspectives from the Field – ARCYBER in the Cyberspace Domain

As I look back on 2023, increased tension and conflict around the world highlight the importance of our capabilities and the need for continued efforts to deter aggression and remain fully prepared to prevail in conflict when necessary. Every Soldier and civilian of ARCYBER is keenly aware of these conflicts, and more pointedly, conflict in cyberspace is now an integral element of enduring strategic competition amongst nations. Conflicts in both Ukraine and Gaza have revealed that all belligerents are operating in the cyber domain to support their tactical and strategic objectives. The persistent nature of around-the-clock cyber competition, and continuous preparations for crisis and conflict, requires constant adaptation to optimally employ our limited resources. Often, I am asked, “How exactly does ARCYBER contribute to or support the Army, U.S. Cyber Command (USCYBERCOM), and our overall National Defense?” This simple, straightforward question has a five-part answer.

April 26, 2024

2023 Executive Order on Trustworthy AI Misses Issues of Autonomy and AI Multi-Threat Challenges

On October 30, 2023, the Administration released Executive Order (EO) 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). For several reasons this EO lays a light hand on the Department of Defense (DoD). The DoD had and was already implementing “responsible AI” safeguards for defense programs. A public debate over AI for some time has been in progress among political and IT capital goods elites over a rising concern that uncontrolled commercial and government use of AI is spreading too rapidly into all private and consequential aspects of citizens’ lives but these are areas in which DoD generally plays a limited role. However, adversaries and vendors also get a vote in the future of trust with AI and DoD.

April 26, 2024

Mission Thread Analysis: Establishing a Common Framework in a Multi-Discipline Domain to Enhance Defensive Cyberspace Operations

ARCYBER is challenged to balance the demands of mission commanders requesting defense of critical missions, Congress directing actions to defend critical resources, and intelligence reports, all resulting in diversion of resources to address perceived threats. Mission Thread Analysis (MTA) is a process to help build understanding and consensus between customers (operational force) and providers (network operators and defenders), offering an analytical framework where both sides detail their operational and technical requirements. ARCYBER redesigned and formalized the MTA process to help inform prioritization, training, team employment, and optimization of Defensive Cyber Forces.

April 26, 2024

Beyond U.S. CYBERCOM: The Need to Establish a Dedicated U.S. Cyber Military Force

The question of a Cyber Military Force is not new, although most studies lack practical solutions. This article explores the requirement to establish a separate U.S. Cyber Military Force, detailing threats, precedent, and current gaps and provides a framework for the DoD to recommend Congress establish a separate U.S. Cyber Military Force. Establishing a separate cyber military force under the Department of the Army is a critical and necessary step in addressing the evolving cyber threats facing the United States. Such a force will enable the U.S. to be better positioned to defend its national interests in the cyber domain, develop advanced capabilities, and maintain a competitive advantage over potential adversaries.

April 26, 2024

Violent Limitations: Cyber Effects Reveal Gaps in Clausewitzian Theory

The U.S. military describes and understands war within the Clausewitzian frame of physical violence to accomplish a political goal by enforcing will on the military of an opposing state through physical actions. However, the cyber domain and the effect of cyber actions reveal that our understanding of war can no longer be restricted to the Clausewitz paradigm. Cyber effects can cause destruction without kinetic actions and brought the cognitive dimension to the forefront of many military leaders’ and planners' thinking. Cyber activities reveal that while new technology may not have changed war, a theoretical foundation built upon Clausewitz narrowly restricts the understanding of war for the modern era.