Welcome to USMA Athena
USMA Athena is a secure digital service managed by the United States Military Academy Library to make the work of USMA scholars freely available, while also ensuring these resources are organized to preserve the legacy of USMA scholarship. The mission of USMA Athena is to showcase the academic impact and intellectual capital that has become synonymous with the celebrated heritage of educational prowess attributed to the Long Gray Line. Scholarship submitted to USMA Athena benefits from added visibility and discoverability via Google Scholar in addition to the use of persistent URLs that will provide enduring access to the work over time.
Recent Submissions
Item type:Item, No Privacy for Privates: How Military Communities Experience and Perceive the Privacy Risks of Military-Marketed Mobile Apps(Privacy Enhancing Technologies Symposium, 2026)A subset of mobile applications is explicitly marketed to military-affiliated personnel. These Military-Marketed Mobile Apps (MMMapps) collect privacy-sensitive data using the same mechanisms as general-purpose apps. However, when such data belongs to military-affiliated personnel, it may be exploited by malicious actors in ways that threaten personal safety, unit operations, and national security. Despite these risks, the data practices and code provenance of MMMapps, as well as how this population perceives and attempts to mitigate these risks, remain poorly understood. In this paper, we address this gap by combining large-scale app analysis with a user study. We first curate a dataset of 242 MMMapps and leverage app analysis techniques to characterize their data practices and code provenance. Then, we conduct a user study with 103 military-affiliated participants in the United States to examine which data practices and code provenance characteristics they consider inappropriate, what threat scenarios they believe those practices enable, and which mitigations they view as most effective. Our results show that MMMapps frequently exhibit data practices and code provenance characteristics that are misaligned with the privacy expectations of military-affiliated personnel. For instance, 40% of MMMapps collect more data than they disclose in their privacy labels or data safety sections. 83.5% of our study participants report using at least one MMMapp that engages in data practices they are uncomfortable with. Additionally, although military-affiliated personnel are generally concerned about third-party libraries accessing their data, 64% of MMMapps include third-party SDKs, some developed in countries perceived as adversarial by a majority of the participants. Overall, our findings reveal a substantial misalignment between the privacy expectations of military-affiliated personnel and the data practices and software supply chains of MMMapps. We propose recommendations at the federal, DoD, app store, and device levels to improve privacy risk mitigation for this at-risk population.Item type:Item, A Human-AI Teaming Approach to Closing the Gap in Critical Infrastructure(Cyber Defense Review, 2025)Many critical infrastructure sectors are facing significant talent gaps among their workforce. The Industrial Internet of Things revolution has introduced new technologies and requirements for workers to understand while continuing to perform the duties for which they were hired, and the introduction of these data-driven technologies has concurrently created the need for new team roles with their own sets of capabilities. One possible solution for overcoming these talent gaps is the integration of artificially intelligent teammates. Research suggests human-AI teaming could potentially offload tedious, repetitive, or dangerous human work and accomplish tasks that, while difficult for a human to complete, cater well to what computers do best. This paper proposes a simple 3-steps guiding framework for teams in critical infrastructure organizations to determine a) the gaps on their team, by distinguishing between gaps caused by insufficient personnel (capacity) and those driven by new technological demands (capability), b) which roles are well-suited for an AI teammate, based on the match between task demands and AI capabilities, and c) the human-centered design considerations, including presence, explainability, autonomy management, and ethical alignment, that are essential to its integration as an effective teammate.Item type:Item, Cybersecurity Recommendations for Confronting the Army's Industrial Internet of Things Challenges(The Gray Space, 2025-07-01)Recently, the U.S. has seen an evolution in attacks on critical infrastructure, where attackers have been able to exploit vulnerabilities in information technology systems to gain access to operational technologies (OT) and cause damaging and disruptive effects to the physical systems themselves (Lehto, 2022). With the pedal to the metal on updating decades-old equipment to operate in the age of the internet, the nation must consider quick and effective methods to better secure that equipment. The Army should be heavily invested in this process for multiple reasons, including its role in Defense support of civil authorities and responsibility to various critical infrastructure sectors reliant on the U.S. Army Corps of Engineers (USACE). Here, at the Army Cyber Institute (ACI), we are spearheading research and practice for the protection of critical infrastructure with an emphasis on critical infrastructure resilience (Fontes, 2020). As we explore ways to do this, it has become apparent that the most immediate and effective way for the Army to protect critical infrastructure within its control is not some new technological innovation or complex program. Rather, it is through better cybersecurity management practices that ensure Army personnel are a part of the solution, not part of the problem.Item type:Item, Grand Challenges in Agentic AI for Cyber Operations: A Research Agenda(Cyber Defense Review, 2026)Agentic AI systems are reshaping cyber operations at a pace that outstrips the mechanisms needed to deploy them responsibly. The first documented autonomous cyber attack, in September 2025, demonstrated that the technology has crossed the threshold from research capability to operational threat, yet the technical robustness, human-AI trust, and governance frameworks required for responsible adoption remain underdeveloped. This paper argues that the resulting gaps constitute a control deficit manifested through a set of grand challenges across four reinforcing dimensions: technical limitations and vulnerabilities, the trust deficit between operators and AI agents, insufficient governance, and dual-use escalation risks. Through a structured expert analysis that draws on operational, technical, human, and policy perspectives, we characterize the interactions among these dimensions. We then propose a research agenda to help the cyber operations community address these grand challenges in a coordinated manner, accounting for both the dependencies among dimensions and the operational urgency posed by the adversary's adoption of the same technology. In doing so, the paper calls on researchers, practitioners, and policy-makers to collectively shape the responsible integration of agentic AI into cyber operations without ceding the advantages it provides.Item type:Item, I Tutor: A Systematic Review of Artificially Intelligent Tutors for the Classroom(Artificial Intelligence in Educational Research, 2025-11-29)This systematic review aims to understand what research has been done on the use of AI as a classroom tutor and how that body of work should shape future research. A systematic review was conducted using key term searches in four major, peer-reviewed journal databases for relevant research and categorized them by research type, AI type, assistance type, and education level and analyzed them for study measures and key findings. After applying inclusion and exclusion criteria, a total of 35 research articles were analyzed for key findings. The review found that most studies have focused on chatbots supporting undergraduate level education. Key findings show that AI tutors may be most useful for students beginning at a lower level of expertise than their peers, and the use of techniques such as RAG may significantly enhance AI’s usefulness as a tutor with niche and higher-level subjects. This systematic review uniquely considers the last decade of research on AI use as a classroom tutor and provides insights into where future research on the subject may be most useful and impactful to the field of education.
Communities in USMA Athena
Select a community to browse its collections.
