A novel automatic discovery system of critical assets in cyberspace-oriented military missions

Abstract

As result of the digitalization of the military operations, the need for capabilities able to facilitate the acquisition of cyber situation awareness are increasingly demanded. In this context, augmenting the conscious of the context and warfare environment, risks and impacts of cyber threats on kinetic actuations became a critical rule-changer that military decision-makers must consider. Among the challenges that developing these solutions addresses, it is worth to highlight the dynamically assessment of the impact of the ICT infrastructure that enables the modern military operations, regarding the mission expectations and goals. In this context, the identification of Key Cyber Terrains (KCT) becomes an essential task, which requires the analysis of cross-domain knowledge from the tactical environment combined by feeds from the cyberspace. Bearing this in mind, the aim of the research presented in this paper is to explore the existing gaps and challenges concerning the dynamic cyber asset valuation and based on that, design a supporting system able to automatically identify KCT on military missions that rely on the cyberspace. Accordingly, the proposed KCT identification solution was not only a cyber risk management analysis tool for dual-use cyber assets, but a full procedure for their mission-centric identification. The approach explored the dependency degrees among tasks and assets defined by commanders as part of the assessment criteria. They were correlated with the discoveries on the operational network and the asset vulnerabilities identified thorough the supported mission development. In order to facilitate the understanding of the introduced method, an illustrative use case that combined a hypothetical mission scenario with real network traffic has been defined and discussed.