Cyber Security

Preparation, Modelling, and Visualisation of Cyber Common Operating Pictures for National Cyber Security Centres

Abstract:

Common Operating Pictures (COPs) have long been a common denominator of effective cyber defence operations (for example, in law enforcement and the military). COPs are widely used to represent, visualise, and assess situations. In recent years, Cyber COPs (CCOPs) have become important in establishing cyber situational awareness. 

Should ‘RuNet 2020’ Be Taken Seriously? Contradictory Views about Cyber Security Between Russia and the West

Abstract:

Russia aims to create an independent state information system that ensures the network’s overall stability by controlling the Internet routing architecture inside Russia. A tightly regulated and secure ‘information space’ will not only ensure stronger defence against external attacks, but also increase offensive capabilities.

An Open-Source Tool to Support the Quantitative Assessment of Cyber Security for Software Intensive System Acquisition

Abstract:

This paper presents an open-source tool to support the quantitative assessment of software reliability and cyber security. The tool enables assessment of a system’s security from penetration-testing data and can be used to estimate the number of vulnerabilities remaining. This approach will enable organisations that acquire software to establish quantitative requirements for inclusion in contracts, thereby providing clear requirements for software and system developers to meet. The tool will enable contractors to regularly assess the security of their software, which will facilitate the identification and reporting of programs that may fail to achieve contractually specified security objectives.

Managing Cybercrimes through the Implementation of Security Measures

Abstract:

Today’s global environment has seen tremendous growth in the number of online transactions and Internet subscribers. This increase is creating a situation in which businesses are now largely dependent on information systems and their inherent technologies. The increase, however, is also causing a rise in the volume and extent of cybercrimes and security lapses.

Security-Information Flow in the South African Public Sector

Abstract:

Information-security management programs are becoming increasingly important in enabling organisations to promote a high level of accountability and good governance. Organisations need accurate and relevant real-time information to make effective and efficient decisions pertaining to cyber threats and attacks. Based on a qualitative study, this article introduces and discusses the components of an information-security management program.

The Role of the U.S. Military in Cyberspace

Abstract:

As the United States has grown dependent on cyberspace, the U.S. military has come to have an increasingly important role to play in protecting U.S. national interests in the cyber domain. In addition to operating and defending its own cyberspace resources and supporting other military missions, the U.S. military must now be prepared to defend the country as a whole. These missions require the military to innovate and to collaborate effectively with a whole host of international, governmental, and private sector actors.

A Century of Convergence: Technology, Ideology, and U.S. National Security

Abstract:

‘Convergence’ is a term typically used to denote the conflation of several technologies. In a larger sense, convergence can signify the blending of technology, law, policy, doctrine, and capability in ways that boost knowledge and power for those who compel or defend states. The world has become globalized in the sense that virtually anyone, anywhere, can be targeted. These awesome powers of surveillance and force are still growing, but their oversight lags far behind. Ironically, efforts to limit surveillance have helped to spur the overall growth of surveillance capabilities, in part to answer the growing demand for intelligence for precision targeting. Understanding the origins and current breadth of that gap is key to resolving it.

Cybersecurity and Global Governance

ABSTRACT

To understand better the challenges of developing a unified system of global cyber governance, a comparative analysis of national cybersecurity strategy and frameworks in 10 countries and the European Union from diverse regions in both the developed and developing world was conducted. Based on empirical research and an analysis of national and international cybersecurity strategies and policies, this paper explores the challenges and benefits of establishing a global legal and policy framework for cyber activity that advances the goals of national intelligence and technological innovation, while enhancing confidence and improving legal certainty in the global electronic marketplace.

A Human-Centric Approach to Cybersecurity: Securing the Human in the Era of Cyberphobia

ABSTRACT

Cybersecurity relates to the threats posed to a nation’s critical infrastructure, but should not be limited to the traditional concept of national security. The militarization of the cybersecurity discourse has produced a security dilemma, which is not sufficiently addressing the needs of people. This article highlights this shortcoming and views cybersecurity through a human-centric perspective. The challenge ahead is to establish a governance regime for cyberspace that successfully addresses human rights norms.

A Case Study in the Security of Network-enabled Devices

ABSTRACT

It is becoming increasingly common for appliances and other electronic devices to be network-enabled for usability and automation purposes. There have been fears that malicious users can control such devices remotely. Since the installation base of such network-enabled household devices is still relatively small, we examine the types of vulnerabilities that another such appliance has, the network-enabled printer, which is commonly found in the education and business sector. In this paper we analyze the source of the vulnerabilities and present detailed threat scenarios. In addition, we examine four organizations in Australia and Europe. Based on the results of the case study, we draw conclusions on the effects of an information warfare attack using network-enabled devices as the medium.

If You Go Down to the Internet Today – Deceptive Honeypots

ABSTRACT

This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools have a place in modern network defense architecture.

Accessing Security Incident Information on the Internet

ABSTRACT

Computer security Incident Response teams have emerged due to the increase of computer crime. These can be national, international or organization based. Maintaining a CSIRT poses a number of problems. In this paper the authors describe two of the technical problems that CSIRT’s have, the storage and the acquisition of incident data. The paper describes a system based on the CORBA model that can be used for the efficient management of the incident recording database. The proposal also provides for alternative ways of accessing the database by companies and security analysts.

Dominating the Attacker: Use of Intelligence and Counterintelligence in Cyberwarfare

ABSTRACT

In the event of cyberwarfare the defender must harden the attacker’s target by secure design, a defined security perimeter, and a suite of tools. Indeed, the defender must be ever alert and ready to react to attack. Over many years, defenders in traditional warfare have learned to predict the style, magnitude and possible outcomes of a physical attack, and how to deceive and confuse an attacker with the objective of changing the outcome. Perhaps the cyberwarfare defender can take a similar approach, by employing intelligence and counterintelligence techniques that are superior to those of the attacker.

Design of a High Performance Implementation of the Rijndael Cipher Using Three-Level Architecture

ABSTRACT

For a long period of time, the Data Encryption Standard (DES) was considered as a standard for the symmetric key encryption. It has a key length of 64 bits. Due to the vast growing of processing speed, this small key length can easily be broken. According to the National Institute of Standards and Technology (NIST), the Advanced Encryption Standard (AES) will replace DES, as it is based on a key length of 128-bits or more. In the present paper, a design of a high performance implementation of the AES cipher will be proposed. An experimental performance evaluation of the proposed design will be provided. The experimental study will be applied for different block size lengths of the message to be encrypted. The performance of the proposed design will be evaluated considering a set of criteria such as the average execution encryption time per round, average encryption speed, speedup, and efficiency.

Cybersecurity’s Can of Worms

ABSTRACT

Security frameworks are reassessed and recreated in response to political paradigm shifts or revolutions, as was the case at the abrupt end of the Cold War. The two decades since however, have seen the advent of a different type of revolution, namely that of information and communication technologies, leading to a world interconnected and globalised as never before. The daily reliance on cyberspace and its criminal usage by some raises questions of security for individuals, states and international systems alike. Given this level of dependence and interdependence it is surprising to note how little these aspects feature in current security frameworks. The aim of this paper is to address cybersecurity in relation to Hansen and Nissenbaum’s view of the Copenhagen School and as a result to propose an initial alternative model.

Survivability in Cyberspace Using Diverse Replicas: A Game-Theoretic Approach

ABSTRACT

Survivability represents the quantified ability of a system, subsystem, equipment, process or procedure to function continually during and after a disturbance. Almost invariably, replication of a subsystem or procedure is necessary to meet a system’s survivability requirements. Diversity will prevent the same fault or attack from damaging all the replicas so that they can continue the mission. This research shows that the more dangerous vulnerabilities (that is, those that affect more replicas) in a system are sometimes less likely to be exploited. This work uses the mathematical framework of game theory to show the significance of replica diversity for mission survival in cyberspace.

Antivirus False-Positive Alerts, Evading Malware Detection, and Cybersecurity Issues

ABSTRACT

The continuous development of evolving malware types creates a need to study and understand how antivirus products detect and alert users. This paper investigates today’s antivirus solutions and how their false-positive alerts affect software development and the distribution process. The authors discuss and demonstrate how antivirus detection deals with bespoke applications and how this can be reversed and manipulated to evade detection, allowing the process to be used by malicious software developers. The paper also demonstrates how an undetected malicious piece of software can be developed without using advanced hiding techniques, which will also be capable of overcoming reputation-based detection systems.

Strategic Communication for Cyber-security Leadership

ABSTRACT

The purpose of this paper is to form a preliminary hypothesis about how to identify characteristics that a leader needs to focus on when aiming at cyber-security leadership. The paper studies the key concepts and terms of cyber security and presents the physical world and the cyber world framework. The paper refers to a system model of a society and uses that model to analyze the results of two limited media surveys about cyber-related newspaper articles.  The media surveys indicate a strong need to organize the cyber world.

Critical Infrastructure Protection Policy: The Israeli Experience

ABSTRACT

This article presents the Critical Infrastructure Protection (CIP) policy in Israel and analyses its evolution. Israel established a centralist national critical infrastructure protection system in late 2002, which was implemented rather harmoniously. However, the evolving cyber-environment has led to renewed discussions. After years of discontent, a comprehensive review of national cyber-posture was conducted in 2011. Significant policy changes, fostering coordinated cooperation between public, security, academic, and private sectors, are now in progress. This examination of the Israeli CIP approach may assist policy-making in other countries.

PrEP: A Framework for Malware & Cyber Weapons

ABSTRACT

The contemporary debate over cybersecurity rests on a set of linguistic artifacts that date from the Cold War. Attempting to glean a starting point for debate over use of terms such as ‘cyber attack’ or ‘cyber war’ is difficult, largely because there is little agreement on what constitutes a weapon in cyberspace. This paper proposes a new framework to classify malware and cyber weapons based on the different pieces of malicious code that constitute them, then evaluates competing definitions of cyber weapons, and concludes with implications for this approach.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com