December 3, 2024 –
The UC2 Winter Workshop brought together a diverse group of researchers and experts to present innovative solutions to pressing cybersecurity challenges. The event featured presentations from FY24 and FY23 contributors, focusing on topics ranging from modeling and simulation to persona influence, data management, and cyber risk mitigation. The workshop centered on the following key themes and insights.
1. Implementing Zero Trust at the Tactical Warfighting Edge (FY23)
Presented by Dr. Prasad Calyam and Rohit Chadha (University of Missouri-Columbia), Vijay Anand (University of Missouri-St. Louis), and Reshmi Mitra (Associate Professor, Southeast Missouri State University), the Arculus framework offers a low-overhead Zero Trust (ZT) solution tailored for resource-constrained and DDIL (denied, disrupted, intermittent, limited) environments. By leveraging Task-Based Access Control (TBAC), predictive modeling, and microsegmentation, the framework enhances security for mission-critical operations like reconnaissance and disaster recovery. Despite its effectiveness, challenges remain in adapting ZT principles to resource-limited settings while mitigating advanced threats such as GPS spoofing and adversarial AI. The initiative underscores the importance of balancing security and usability in dynamic battlefield scenarios.
2. Managing Cyber Risks to Missions (FY23)
The CR2M framework, developed by Dr. Shouhaui Xu of the University of Colorado Colorado Springs, provides a comprehensive methodology for addressing cyber risks during mission planning and execution phases. This approach emphasizes automation to reduce cognitive load, enhance decision-making, and improve resilience across space, army, and cyber domains. By transitioning from fires-centric to maneuver-centric operations, the framework quantifies mission-specific risks while addressing interdependencies and human errors. Challenges include managing advanced threats like zero-day vulnerabilities and deepfakes. Integration into the Joint All-Domain Command and Control (JADC2) system demonstrates CR2M's potential to bolster mission assurance and adaptability in complex operational environments.
3. Modeling and Predictive Analytics (FY24)
Presentations from Dr. Timothy Clancy, University of Maryland, and Drs. Natalie Bolton and Vijay Anand from the University of Missouri highlighted the role of simulations and predictive analytics in addressing cybersecurity threats. Dr. Clancy’s modeling of hacktivism as a social contagion provided insights into how ideological scripts spread across platforms, enabling early detection and intervention. Dr. Bolton and Dr. Anand’s Active Defense with an Adversarial Mindset (ADAM) framework employs predictive frameworks to assess resilience and adaptability in real-time. These initiatives underline the importance of maintaining simulation validity and balancing transparency with security in rapidly evolving technological landscapes.
4. Persona and Influence (FY24)
Addressing the increasing sophistication of social engineering and influence operations, tools like the Foreign Influence Network Detector (FIND), developed by Clemson University’s Dr. Patrick Warren, and Honeypot LLM Chatbots (HLLMs), created by a team at the University of California, San Diego, including Nikolai Vogler, Dr. Daniel Spokoyny, and Dr. Taylor Berg-Kirkpatrick, offer scalable solutions for countering malicious campaigns. FIND focuses on detecting malign influence networks, while HLLMs deploy decoy personas to extract adversary tactics. Challenges include mitigating false positives, adapting to adversaries' evolving strategies, and addressing ethical concerns regarding data use. These advancements highlight the need for adaptive defenses to combat the rising threat of AI-driven social manipulation.
5. Data and Permeability (FY24)
Dr. Shouhuai Xu’s Multi-Domain Range (MDR) infrastructure integrates land, air, space, and cyber domains to generate high-fidelity datasets for wargaming, training, and research. Using Generative AI (GenAI), MDR facilitates scalable and secure data production while ensuring anonymization for cross-classification sharing. This aligns with the DoD’s data-centric strategy, enhancing operational readiness and collaboration. However, challenges such as domain integration, compliance with data sanitization standards, and evolving cyber threats necessitate ongoing innovation to maintain effectiveness.
The UC2 Workshop provided an interdisciplinary platform to explore advanced cybersecurity strategies and solutions. The diverse range of presentations highlighted the critical need for adaptive, innovative approaches to combat dynamic threats in military and civilian domains. The event emphasized the integration of predictive analytics, automated frameworks, and advanced infrastructure to ensure resilience, operability, and mission assurance in the face of evolving cyber challenges.