Research Establishes Foundation for Dynamic, Self-Organizing Cyber Threat Response Model
Research Establishes Foundation for Dynamic, Self-Organizing Cyber Threat Response Model

Redefining the Metrics System: Research Establishes Foundation for Dynamic, Self-Organizing Cyber Threat Response Model

With the number and severity of cybersecurity breaches skyrocketing, researchers at Embry-Riddle Aeronautical University’s College of Security and Intelligence at the Prescott Campus are creating a framework that may ultimately allow computer networks to autonomously detect intrusions and protect themselves accordingly.

Assistant Professor Gregory Vert, former Embry-Riddle graduate student Bryce Barrette and Bilal Gonen, assistant professor at the University of West Florida, are coauthors of Towards a Mathematical Model for Autonomously Organizing Security Metric Ontologies.

Peer reviewed and published at the 2016 International Conference on Security and Management, their research identifies operational cyber system security metrics, and then organizes these into larger classes of metrics, or ontologies, based on their similarities.

“Research groups have attempted to develop security metrics over the years; however, the issue with current security metric systems is their static nature. They often only account for a single indicator,” Vert says. Grouping metrics into classes based on how they apply to threat events within a system makes them more meaningful for decision-making regarding threat response, he explains.

Using computational math, researchers can assess potential threat events, looking at how closely those events occur together in time and space — the theory being that the closer they are together, the more likely the threat. If a threat is indicated, the model may react by dynamically self-reorganizing or recombining into larger classes of metrics that can deal with the threat as it moves across the network. Vert and his team define this dynamic model as the Adaptive Security Metric Method. “By determining which ontologies fit best with one another, frameworks can be determined for a best security model,” Vert says.

Vert adds that the work is conceptual at this point and that more empirical testing and validation are necessary. However, the model lays the mathematical groundwork for a future cybersecurity system that could dynamically and autonomously combat a cyber intrusion (i.e., spyware) or attack.

The research is being developed further for journal publication with undergraduates at Embry-Riddle’s Prescott Campus.


You know WHERE you’re going. We help you GET THERE.

Learn about Security, Intelligence, and Safety Degrees @ Embry-Riddle

Add a Comment

Embry-Riddle Aeronautical University, the world’s largest, fully accredited university specializing in aviation and aerospace, is a nonprofit, independent institution offering more than 80 baccalaureate, master’s and Ph.D. degree programs in its colleges of Arts & Sciences, Aviation, Business, Engineering and Security & Intelligence. Embry-Riddle educates students at residential campuses in Daytona Beach, Fla., and Prescott, Ariz., through the Worldwide Campus with more than 125 locations in the United States, Europe, Asia and the Middle East, and through online programs. The university is a major research center, seeking solutions to real-world problems in partnership with the aerospace industry, other universities and government agencies. For more information, visit, follow us on Twitter (@EmbryRiddle) and, and find expert videos at