The internet no longer is the territory of only the technologically savvy. The intertwining of cyberspace with everyday activities demands that most everyone have at least a basic understanding of cyber concepts. Active cyber defense is one of those concepts.
Active defense is relatively easily defined in the land, air, sea, and space domains, but it has not attained the same congruity in the cyber domain. There is not yet universal agreement on what constitutes active cyber defense—although most definitions share the theme of taking action—and many defensive measures differ from offensive measures only in intent. The military doctrine for patrol base operations offers one model for understanding active cyber defense.
1. Robert S. Dewar, “The ‘Triptych of Cyber Security’: A Classification of Active Cyber Defence,” in 2014 6th International Conference on Cyber Conflict, ed. P. Brangetto, M. Maybaum, and J. Stinissen (Tallinn, Estonia: NATO CCD COE Publications, 2014); Irving Lachow, “Active Cyber Defense: A Framework for Policymakers,” Center for a New American Security, February 2013, www.cnas.org/files/documents/ publications/CNAS_ActiveCyberDefense_Lachow_0.pdf.
2. Center for Strategic and International Studies, “CSIS/DOJ Active Cyber Defense Experts Roundtable,” 10 March 2015, http://csis.org/publication/csisdoj-active-cyber-defense-experts-roundtable; Lachow, “Active Cyber Defense”; James A. Lewis, “Cyberwar Thresholds and Effects,” IEEE Security & Privacy (September/October 2011): 23−29; Pierluigi Paganini, “The Offensive Approach to Cyber Security in Government and Private Industry,” INFOSEC Institute, 18 July 2013.
4. Wenlian Lu, Shouhuai Xu, and Xinlei Yi, “Optimizing Active Cyber Defense,” in Decision and Game Theory for Security: 4th International Conference, GameSec 2013, Fort Worth, TX, 11−12 November 2013, Proceedings, ed. Sajal K. Das, Cristina Nita-Rotaru, and Mura Kantarcioglu (Switzerland: Springer International Publishing, 2013), 206.