Research Frontier and Trends of Science of Cybersecurity

doi:10.3969/j.issn.1671-1122.2015.03.001

Abstract

Abstract:

With the rapid development of information technology, Internet is playing an increasingly important role across the world. A trustworthy cyberspace has been closely related to national interests and has become a focus of national security and social stability. However, current security research often focuses on specific technical problems and challenges.This methodology is sometimes termed engineering . We don’t have a clear understanding of many fundamental problems and universal laws of cybersecurity. That is, cybersecurity research lacks a firm scientific foundation and disciplined approach to transcend specific systems, attacks, and defenses. In contrast to the engineering approach, the past few years we have seen a growing push within the research community to promote the study of cybersecurity as a science. In this paper, we introduce the background of developing a science of cybersecurity , depict the scientific connotation of cybersecurity and discuss five of the “hard problems” in the science of cybersecurity . Finally , the perspective of research is also proposed.

Key words: cybersecurity, scientific foundation, hard problems

CLC Number:

TP309

CHEN Hua-shan, PI Lan, LIU Feng, LIN Dong-dai. Research Frontier and Trends of Science of Cybersecurity[J]. Netinfo Security, 2015, 15(3): 1-5.

References 30

[1]	韩红. 美国网络空间战略浅析[J]. 新远见. 2011(12)
[2]	National Science and Technology Council, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program (
[3]	钱惠新. 美国网络空间安全研发战略规划的作用与影响[J]. 信息与电脑(理论版). 2013(09)
[4]	Meushaw, Robert,Carl Landwehr. NSA Initiatives in Cybersecurity Science. Next Wave, volume 19, No. 4, pages 8-13, 2012.
[5]	Kott, Alexander.Towards Fundamental Science of Cyber Security. Network Science and Cybersecurity. Springer New York, pages 1-13, 2014.
[6]	Landwehr C E.Cybersecurity: From Engineering to Science. Developing a Blueprint for a Science of Cybersecurity, pages 2-5, 2012.
[7]	F.B. Schneider, Blueprint for a Science of Cybersecurity. Next Wave, volume 19, No. 2, pages 47-57, 2012.
[8]	The Science of Security: Introduction from the Perspective of Secure Collaboration. Presented at School of Computing and Communications, University of Lancaster, Lancaster, February 2014.
[9]	J. Willis.Defining a Field: Content, Theory, and Research Issues. Contemporary Issues in Technology and Teacher Education [Online serial] 1(1)
[10]	D. Akhawe, A. Barth, P Lam.Towards a Formal Foundation of Web Security. Proc.23rd IEEE.
[11]	JASON,The Science of Cyber Security. Report JSR-10-102, MITRE, McLean VA (
[12]	David M. Nicol, William H. Sanders,William L..
[13]	A Roadmap for Cybersecurity Research, Department of Homeland Security Science and Technology Directorate, November 2009
[14]	T. Longstaff.Barriers to Achieving a Science of Cybersecurity.Next Wave, volume 19, No. 4, 2012.
[15]	Canetti R.Universally Composable Security: A New Paradigm for CryptographicProtocols. Proceedings of the 42nd IEEE symposium on Foundations of Computer Science. IEEE Computer Society, pages 136-145, 2001.
[16]	S. Bellovin.On the Brittleness of Software and the Infeasibility of Security Metrics,IEEE Security and Privacy , volume 4, no. 4, pages96, 2006.
[17]	吕欣.信息系统安全度量理论和方法研究[J].计算机科学. 2008(11).
[18]	Schnerier B.Attack Trees-modeling security threats. Dr Dobb,S Journal, volume 24, No. 12,pages 21-29, 1999.
[19]	B. Schneier. Secrets and Lies: Digital Security in a Networked World: John Wiley &Sons, 2004.
[20]	林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报.2005(12)
[21]	王元卓,林闯,程学旗,方滨兴.基于随机博弈模型的网络攻防量化分析方法[J].计算机学报.2010(09).
[22]	王永杰,鲜明,刘进,王国玉. 基于攻击图模型的网络安全评估研究[J]. 通信学报. 2007(03)
[23]	W. Jensen.Directions in Security Metrics Research. National Institute of Standards and Technology, (NISTIR 7564), Apr 2009.
[24]	Hall A,Pomm C,Widmayer P.A Combinatorial Approach to Multi-domain Sketch Recognition. Proceedings of the 4th Eurographics Workshop on Sketch-based Interfaces and Modeling . 2007.
[25]	Ajayi O,Sinnott R,Stell A.Trust Realisation in Multi-domain Collaborative Environments. Proceedings of the 6th IEEE/ACIS International Conference on Computer and Information Science . 2007.
[26]	金莉. 面向多域的安全互操作机制研究[D]. 华中科技大学 2009
[27]	金莉,卢正鼎,赵峰.多域环境下安全互操作研究进展[J].计算机科学.2009(02).
[28]	王超,马建峰,朱建明. 网络系统的可生存性研究综述[J]. 网络安全技术与应用. 2006(06)
[29]	邬江兴.网络空间拟态安全防御[J].保密科学技术.2014(10).
[30]	M. Boyce, K. Duma, L. Hettinger, T. Malone, D. Wilson, J. Lockett-Reynolds.Human Performance in Cyber Security: a Research Agenda. in Proceedings of the Human Factors and Ergonomics Society 55th Annual Meeting, volume 55, 2011.