Towards Centralized Orchestration of Cyber Protection Condition (CPCON)
- URL: http://arxiv.org/abs/2505.12613v1
- Date: Mon, 19 May 2025 01:53:28 GMT
- Title: Towards Centralized Orchestration of Cyber Protection Condition (CPCON)
- Authors: Mark Timmons, Daniel Lukaszewski, Geoffrey Xie, Thomas Mayo, Donald McCanless,
- Abstract summary: U.S. Cyber Command (USCYBERCOM) Cyber Protection Condition (CPCON) framework mandates graduated security postures across DoD networks.<n>Current implementation remains largely manual, inconsistent, and error-prone.<n>This paper presents a prototype system for centralized orchestration of CPCON directives, enabling automated policy enforcement and real-time threat response.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The United States Cyber Command (USCYBERCOM) Cyber Protection Condition (CPCON) framework mandates graduated security postures across Department of Defense (DoD) networks, but current implementation remains largely manual, inconsistent, and error-prone. This paper presents a prototype system for centralized orchestration of CPCON directives, enabling automated policy enforcement and real-time threat response across heterogeneous network environments. Building on prior work in host-based intrusion response, our system leverages a policy-driven orchestrator to standardize security actions, isolate compromised subnets, and verify enforcement status. We validate the system through emulated attack scenarios, demonstrating improved speed, accuracy, and verifiability in CPCON transitions with human-in-the-loop oversight.
Related papers
- Toward an Intent-Based and Ontology-Driven Autonomic Security Response in Security Orchestration Automation and Response [1.0027737736304287]
We bridge the gap between two research directions: Intent-Based Cyber Defense and Autonomic Cyber Defense.<n>We propose a unified, ontology-driven security intent definition leveraging the MITRE-D3FEND cybersecurity ontology.<n>We also propose a general two-tiered methodology for integrating such security intents into decision-theoretic Autonomic Cyber Defense systems.
arXiv Detail & Related papers (2025-07-16T09:17:53Z) - General Autonomous Cybersecurity Defense: Learning Robust Policies for Dynamic Topologies and Diverse Attackers [3.6956995102043164]
autonomous cybersecurity defense (ACD) systems have become essential for real-time threat detection and response with optional human intervention.<n>Existing ACD systems rely on limiting assumptions, particularly the stationarity of the underlying network dynamics.<n>This work explores methods for developing agents to learn generalizable policies across dynamic network environments.
arXiv Detail & Related papers (2025-06-28T01:12:13Z) - CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
arXiv Detail & Related papers (2025-06-12T12:22:45Z) - CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
arXiv Detail & Related papers (2025-05-14T13:37:07Z) - Designing Control Barrier Function via Probabilistic Enumeration for Safe Reinforcement Learning Navigation [55.02966123945644]
We propose a hierarchical control framework leveraging neural network verification techniques to design control barrier functions (CBFs) and policy correction mechanisms.<n>Our approach relies on probabilistic enumeration to identify unsafe regions of operation, which are then used to construct a safe CBF-based control layer.<n>These experiments demonstrate the ability of the proposed solution to correct unsafe actions while preserving efficient navigation behavior.
arXiv Detail & Related papers (2025-04-30T13:47:25Z) - PICO: Secure Transformers via Robust Prompt Isolation and Cybersecurity Oversight [0.0]
We propose a robust transformer architecture designed to prevent prompt injection attacks.<n>Our PICO framework structurally separates trusted system instructions from untrusted user inputs.<n>We incorporate a specialized Security Expert Agent within a Mixture-of-Experts framework.
arXiv Detail & Related papers (2025-04-26T00:46:13Z) - ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - SDN-Based Smart Cyber Switching (SCS) for Cyber Restoration of a Digital Substation [0.4749981032986242]
This paper proposes a cybersecurity framework to bolster the resilience of substations based on the IEC-61850 standard.
The framework's effectiveness is validated through comprehensive simulations and a hardware-in-the-loop (HIL) testbed.
arXiv Detail & Related papers (2024-11-11T23:22:02Z) - Smart Grid Security: A Verified Deep Reinforcement Learning Framework to Counter Cyber-Physical Attacks [2.159496955301211]
Smart grids are vulnerable to strategically crafted cyber-physical attacks.
Malicious attacks can manipulate power demands using high-wattage Internet of Things (IoT) botnet devices.
Grid operators overlook potential scenarios of cyber-physical attacks during their design phase.
We propose a safe Deep Reinforcement Learning (DRL)-based framework for mitigating attacks on smart grids.
arXiv Detail & Related papers (2024-09-24T05:26:20Z) - Automated Cybersecurity Compliance and Threat Response Using AI, Blockchain & Smart Contracts [0.36832029288386137]
We present a novel framework that integrates artificial intelligence (AI), blockchain, and smart contracts.
We propose a system that automates the enforcement of security policies, reducing manual effort and potential human error.
arXiv Detail & Related papers (2024-09-12T20:38:14Z) - Cooperative Cognitive Dynamic System in UAV Swarms: Reconfigurable Mechanism and Framework [80.39138462246034]
We propose the cooperative cognitive dynamic system (CCDS) to optimize the management for UAV swarms.
CCDS is a hierarchical and cooperative control structure that enables real-time data processing and decision.
In addition, CCDS can be integrated with the biomimetic mechanism to efficiently allocate tasks for UAV swarms.
arXiv Detail & Related papers (2024-05-18T12:45:00Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - SemProtector: A Unified Framework for Semantic Protection in Deep Learning-based Semantic Communication Systems [51.97204522852634]
We present a unified framework that aims to secure an online semantic communications system with three semantic protection modules.
Specifically, these protection modules are able to encrypt semantics to be transmitted by an encryption method, mitigate privacy risks from wireless channels by a perturbation mechanism, and calibrate distorted semantics at the destination.
Our framework enables an existing online SC system to dynamically assemble the above three pluggable modules to meet customized semantic protection requirements.
arXiv Detail & Related papers (2023-09-04T06:34:43Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.