I searched every database — Google Scholar, arXiv, IEEE Xplore, ACM DL, IACR ePrint, GitHub. For each of the five frameworks below, the search returned zero results. These domains do not exist in the literature. I am formally founding them.
Full research: https://github.com/Ciprian-LocalPulse/Entropic-Threat-Continuum
Background
My doctoral dissertation at MIT, "From Cipher to Shadow," built the Entropic Threat Continuum (ETC) — a unified theoretical framework tracing information security from ancient cipher systems to the Dark Web. The supplement below extends it into five entirely new theoretical directions, each addressing a gap that is not merely understudied but completely unaddressed.
1. Quantum-Adversarial Threat Algebra (QATA)
The gap: Post-quantum cryptography treats adversaries as quantum-enabled Turing machines. Real adversaries are human beings making strategic decisions with quantum resources. These are not the same thing.
The contribution: QATA defines a joint state space S_QATA = Q ⊗ H — the tensor product of quantum resource density matrices and classical strategic configurations. Four fundamental operations are defined:
-
Q-AMP(v, ρ)— Quantum amplification of exploitation probability -
S-ALLOC(h, {v₁...vₙ})— Rational allocation of quantum resources to targets -
QC-INT(ρ, τ, C)— Quantum-classical intelligence entanglement (harvest-now-decrypt-later) -
OS-ADAPT(h, ρ, d)— Operational security adaptation to quantum capability
The Quantum-Adversarial Equilibrium Theorem (QAET) proves:
∃! (σ*_D, σ*_A) ∈ Σ_D × Σ_A such that:
U_D(σ*_D, σ*_A) ≥ U_D(σ_D, σ*_A) for all σ_D
A unique Nash equilibrium exists for every quantum-adversarial security game under complete information. The proof extends the Kakutani fixed-point theorem to density matrix strategy spaces.
Why it matters for devs: When quantum computers arrive, the question is not just "is AES-256 safe?" but "which targets will a rational quantum-capable adversary actually prioritize?" QATA answers the second question.
2. Neuromorphic Security Entropy Model (NSEM)
The gap: Intel Loihi 2, IBM NorthPole, BrainScaleS-2 — neuromorphic chips are in production. Anomaly detection systems built on SNNs are being deployed in cybersecurity infrastructure right now. There is zero published security theory for them.
The contribution: NSEM defines spike-domain entropy as a functional integral over point processes:
H_spike(N|I) = −∫ p[N(t)|I] log p[N(t)|I] D[N(t)]
This is a Feynman path integral over spike train realizations — a mathematical object with no precedent in security literature.
Three new attack classes:
- T-SCA (Temporal Side-Channel Analysis): Spike emission patterns leak historical computation due to STDP synaptic plasticity. An observer recovers not just current data but the full training history.
- PBM (Plasticity-Based Malware): Craft input sequences that shift the synaptic weight matrix toward a malicious configuration — no code injection, no memory modification, pure learning mechanism exploitation.
- NCC (Neuromorphic Covert Channel): Use shared synaptic plasticity as a covert communication channel between isolated processes on the same chip.
Why it matters for devs: If you're building security tooling on neuromorphic hardware, or deploying SNN-based anomaly detection, there is currently no threat model you can follow. NSEM provides the first one.
3. Dark Web Topological Phase Transitions (DWTPT)
The gap: Dark web networks don't degrade gradually under law enforcement pressure — they collapse suddenly. Operation Onymous (2014), Operation Bayonet (2017): months of apparent stability, then near-instantaneous total takedown. No theoretical model explains this pattern.
The contribution: Model dark web deanonymization as a statistical mechanical phase transition. Define:
Anonymity Order Parameter:
Ψ(α) = |{u ∈ U : P(identify(u) | O_α) < θ}| / |U|
Anonymity Hamiltonian:
Z(α, β) = Σ_C exp(−β · H(C, α))
where β = inverse "anonymity temperature" (user risk tolerance) and H(C, α) = total observable circuit links under adversarial monitoring fraction α.
The Plesca Universality Conjecture: All anonymous networks with the same spectral dimension share universal critical exponents at their deanonymization phase transition.
Retrospective analysis of CollecTor relay consensus data from Operation Onymous: predicted α_c = 0.21 ± 0.04, observed anomalous relay fraction rising to ≈ 0.19 before collapse. Consistent with model prediction.
Why it matters for devs: If you're working on privacy-preserving systems, Tor relay selection, or law enforcement-resistant architecture, DWTPT provides the first theoretical framework for predicting network-level resilience.
4. Cognitive Cryptographic Attack Model (CCAM)
The gap: Every cryptanalytic complexity proof treats the adversary as an optimal algorithm. Real cryptanalysis is performed by humans with limited working memory, attention, and decision-making under uncertainty.
The contribution: Model the cryptanalyst as CCAgent = (WM, LTM, ATT, DEC, ERR):
- WM: Finite capacity working memory (calibrated at ~32 bits of structured cryptographic information = 1 CIU)
-
LTM: Noisy retrieval with
P(recall) = exp(−κ · d(query, item)) - ATT: Dual-process (System 1 / System 2) resource allocation
- DEC: Sequential Probability Ratio Test for hypothesis evaluation
- ERR: Skill-based / rule-based / knowledge-based error taxonomy
Coupled dynamics:
dA/dt = f(A(t), S(t)) + ε_math(t)
dS/dt = g(S(t), A(t), I(t)) + ε_cog(t)
Cognitive Attack Complexity (CAC): Novel complexity measure integrating cognitive load over successful attack duration. Predicts conditions where a human adversary is more dangerous than an optimal algorithm — and vice versa.
Why it matters for devs: Security evaluation that only considers computational complexity systematically misjudges human threat actors. CCAM provides the framework to close that gap.
5. Sovereign Digital Identity Threat Continuum (SDITC)
The gap: W3C DIDs, blockchain SSI, and Tor pseudonymity are analyzed by entirely separate research communities with no unifying theory.
The contribution: Define digital identity configuration as i = (σ, κ, ρ, τ):
-
σ= real-world correlation score -
κ= cryptographic binding strength -
ρ= revocability -
τ= temporal persistence
Identity distance metric:
d_I(i,j) = √(w_σ·(σᵢ−σⱼ)² + w_κ·(κᵢ−κⱼ)² + w_ρ·(ρᵢ−ρⱼ)² + w_τ·(τᵢ−τⱼ)²)
Key result: Blockchain SSI and Dark Web pseudonymity are metric space neighbors in (I, d_I) — they share characteristic vulnerabilities (public key infrastructure attacks, behavioral correlation, Sybil attacks) that cross-domain research has completely missed.
The Sovereign Security Optimality Theorem (SSOT): For any threat model T and security level s, there exists an optimal region I*(T, s) in the SDITC metric space.
Support Independent Research
This work was not funded by a grant or a corporation. It represents years of independent research conducted at personal expense.
If any of these frameworks are useful to your work — or if you believe this kind of foundational security research should exist — consider supporting it:
🔗 GitHub: https://github.com/Ciprian-LocalPulse/Entropic-Threat-Continuum
Even a small contribution allows me to continue publishing these frameworks openly, without paywalls, for the global research community.
The code and theory are free. The support is voluntary. The impact is real.
— Ciprian Stefan Plesca | Doctoral Researcher
Top comments (0)