IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART A: SYSTEMS AND HUMANS, VOL. 31, NO.4, JULY 2001 331 [3] J. H. B. Deane, C. Smythe, and D. J. Jeffries. (1996, June). Long Range Order in Network Traffic Dynamics [Online]. Available: http://www.ee.surrey.ac.uk/Personal/D.Jefferies/Selfsim/html- paper.html. [4] W. E. Leland et al., “On the self-similar nature of Ethernet traffic (ex- tended version),” IEEE/ACM Trans. Networking, vol. 2, pp. 1–15, Feb. 1994. [5] S. Robert and J. LeBoudec, “A Markov modulated process for self-sim- ilar traffic,” Lab. Res. Commun., Lausanne, Switzerland, Tech. Rep., Sept. 1995. [6] V. Paxson, “Fast approximation of self-similar traffic,” Lawrence Berkeley Lab., EECS Div., University of California, Berkeley, Tech. Rep. LBL-36 750, Apr. 1995. [7] M. W. Garret and W. Willinger, “Analysis, modeling and generations of self-similar VBR video traffic,” in Proc. ACM SIGCOMM Conf., London, U.K., 1995, pp. 269–280. [8] A. Haar, “Zur theorie der orthogonalen funktionen-systeme,” Math. Ann., vol. 69, pp. 331–371, 1910. [9] I. Daubechies, “Orthonormal bases of compactly supported wavelets,” Commun. Pure Appl. Math., vol. 41, no. 7, pp. 909–996, Oct. 1988. [10] H. Peitgen et al., Chaos and Fractals: New Frontiers of Science, New York: Springer-Verlag, 1992. [11] B. B. Mandelbrot, “Some long-run properties of geophysical records,” Water Resources Res., vol. 5, no. 2, pp. 321–340, Apr. 1969. [12] H. E. Hurst, “Long-term storage capacity of reservoirs,” Trans. Amer. Soc. Civil Eng., vol. 116, pp. 770–799, 1951. [13] O. Rose, “Estimation of the Hurst parameter of long-range dependent time series,” Dept. Comput. Sci., Univ. Würzburg, Würzburg, Germany, Tech. Rep. TR-137, Feb. 1996. [14] M. Bourges-Sévenier, “Réalization d’une bibliothéque C de fonctions ondelettes,” Inst. Res. Informat. Syst. Aléatoires, France, Tech. Rep. 864, Sept. 1994. DARPA Information Assurance Program Dynamic Defense Experiment Summary Dorene L. Kewley and Julie F. Bouchard Abstract—Several types of experiments are being conducted by the De- fense Advanced Research Projects Agency (DARPA) Information Assur- ance (IA) Program in DARPA’s IA Lab. This research program is driven by concepts of strategic cyberdefense. Each experiment involves a carefully formulated hypothesis that is intended to be either supported or refuted by the experimental testing. In many cases, “red team” attackers participate in all phases of the experiment and contribute to generating the data re- quired to test the hypothesis. The red team is usually structured to model a well-resourced adversary, such as a foreign, national intelligence agency. The particular experiment described here explored one aspect of the IA program’s grand hypothesis of dynamic defense: “Dynamic modification of defensive structure improves system assurance.” This experiment concen- trated on the assertion that autonomic response mechanisms can improve overall system assurance by thwarting an attack while it is underway. In most cases, each attack in this experiment was run first with only “prevent and detect” mechanisms enabled, then repeated with “prevent, detect, and respond mechanisms” enabled. The key result of this experiment is that the hypothesis was supported. Index Terms—Command and control systems, computer network secu- rity. I. INTRODUCTION The Defense Advanced Research Projects Agency (DARPA) Infor- mation Assurance (IA) Program is conducting leading-edge research and development in strategic cyberdefense, specifically those areas the commercial world is not yet likely exploring. Information assurance may be defined as a guarantee that information presented by a system is accurate, properly represented, and available [1]. In short, the goal of information assurance is to develop an information system “that can be depended upon to behave as it is expected to [2].” A well-resourced adversary could pose a significant threat to our nation by using cyber means to disrupt critical information infrastructure activities, such as electric power distribution, financial clearinghouse operations, and air transportation. Therefore, the work of protecting national assets that de- pend on a common network infrastructure is more important and diffi- cult now than it has ever been [3]. The IA program has been challenged to conduct research into defending our nation’s cyberassets and explore “dark spaces” of cyberdefense, that is, explore security problem areas in which the commercial world does not yet offer solutions. One of the dark spaces being examined is dynamic defense. In the kinetic world, it is generally agreed that it is effective to modify your defensive posture in an attempt to hinder the adversary’s intelli- gence gathering process [4]. It has been suggested that dynamic de- fense theory can also be effectively applied to defending cyberassets. It follows that one of the IA program’s grand hypotheses that “dynamic modification of defensive structure improves system assurance.” Response to adversary action is an area that has intrigued the net- work security world for quite some time [5]. An experiment conducted in the Fall of 1999 explored at a fundamental level whether a cyber ad- versary’s attack could successfully be thwarted by a defender’s ability Manuscript received September 1, 2000; revised April 5, 2001. D. L. Kewley is with BBN Technologies, Arlington, VA 22209 (e-mail: dkewley@bbn.com). J. F. Bouchard was with Sandia National Labs, Albuquerque, NM 87185. She is now with SRI International, Albuquerque, NM 87185. (e-mail: julie.bouchard@sri.com). Publisher Item Identifier S 1083-4427(01)05292-4. 1083–4427/01$10.00 © 2001 IEEE