Cyber Security

Radio Frequency Fingerprinting through Preamble Manipulation

ABSTRACT

This paper demonstrates a novel and complementary approach to exploiting physical-layer differences among wireless devices. This research records packets with standard-length IEEE 802.11b preambles using a software defined radio, manipulates the recorded preambles by shortening their length, then replays the altered packets toward the transceivers under test. Five transceiver types from three manufacturers are distinguishable by analysing differences in packet reception with respect to preamble length with greater than 99% accuracy using a small number of test packets.  The results demonstrate that preamble manipulation is effective for multi-factor device authentication, network intrusion detection, and remote transceiver type fingerprinting.

Cyber-Mugging: Summary and Analysis of a Simulated ICS/SCADA Attack

ABSTRACT

In a representative Industrial Control System (ICS)/Supervisory Control And Data Acquisition (SCADA) laboratory environment, a simulated cyber attack suggests that an attacker with a low to moderate level of technical proficiency may utilize common, publicly-available tools and techniques to obtain complete control of the ICS environment. The cyber-physical relationship between information systems and industrial machinery has created environments where limited resources may be leveraged to trigger significant physical effects. The feasibility that such an incident has the potential to cause significant disruptive effects directly challenges the current paradigm that state-level resources are required to inflict catastrophic results.

Securing the Cloud

ABSTRACT

This paper will review cloud technology utilized to support the Intelligence Community and will specifically address the National Security Agency’s research into vulnerabilities and risks related to cloud-based systems. Current implementation plans will be discussed for a multi- agency private cloud architecture that is under development. The paper will also review security challenges for a cloud architecture and will address specific technologies, such as data tagging, digital policy management, encryption, identity and access management, and auditing, along with intrusion detection and prevention.

Using Classified Intelligence to Defend Unclassified Networks

ABSTRACT

Intelligence services, such as the National Security Agency, have access to unique information about adversarial cyber-exploitation and -attack capabilities. Nations such as the United States should be employing this unique but sensitive information in the defense of national security, government, critical infrastructure, and other networks, but doing so may expose the sources and methods behind the intelligence. Once exposed, access to that unique information may be lost. This paper describes the dilemma, presents a partial taxonomy of use cases for which solutions are needed, and offers avenues for supplying those solutions. In particular, solutions to the problem of using classified intelligence for defense of unclassified networks fall into three approaches. Properties and examples for each approach are presented, and advantages and disadvantages discussed.

To Catch a Thief in the Cloud: A Paradigm for Law Enforcement

ABSTRACT

Control over most of the world’s data including national security, criminal investigations, medical secrets, intellectual property, and a host of other important rights and responsibilities is governed by a paradigm that is conducted in the Internet ‘cloud’. Based on empirical research and an analysis of international and national legal regimes, case decisions, and forensic case analysis, this paper explores the challenges of reaching into the cloud and the proactive measures that will be necessary to improve legal certainty in the global electronic marketplace. The paper then considers the international and national frameworks necessary for control over the predators in the cloud, and the nature and type of evidentiary and jurisdictional issues that may arise in courts of law and tribunals around the globe.

On Operational-Level Cybersecurity Strategy Formation

ABSTRACT

An operational-level cybersecurity strategy formation reveals ways of figuring out an optimal sequence of the most efficient and effective actions that may lead to the success of a cyber operation. Unfortunately, it is not well explored. This paper proposes a new operational-level cybersecurity-strategy-formation framework, which is capable of linking various strategies together in a systematic and consolidated way so that the most optimal and effective solution can be quickly selected. This paper also evaluates the proposed approach and suggests areas for further study.

Cybersecurity Economics: Induced Risks, Latent Costs, and Possible Controls

ABSTRACT

Financial decisions indirectly affect and are affected by the effort towards Information Security. The ‘Economics of Cybersecurity’ should thus constitute a significant part of the Information Security Posture Assessment process and should be directly addressed in this context. As the complexity and interdependency of Information Systems augments and new technologies lead to the de-materialisation of Information Systems assets, it becomes progressively evident that the conflicting interests and incentives of the various stakeholders of an Information System affect its overall Information Security Posture, perhaps even more significantly than technical or policy limitations do. This paper examines economic considerations from an Information Systems Security/Cybersecurity viewpoint and proposes new directions that may both help reduce the problem from a collective point of view, as well as lead to the creation of methodologies to ultimately integrate economics, along with technical and non-technical issues, into an Organisation’s Information Security Posture Assessment process.

Cyber Counterintelligence: Back to the Future

ABSTRACT

It is generally accepted that conventional cyber security generally has failed.  As such, Cyber Counterintelligence (CCI) is fast gaining traction as a practicable approach to secure and advance our own interests effectively. To be successful, CCI should be an integral part of multi-disciplinary Counterintelligence (CI)–conceptually and in practice. With a view to informing sound CCI practice, this paper conceptualises CCI as a part of CI. It proceeds with going back to some time-tested CI constructs and applies these to the cyber realm. In so doing, this paper aims to offer a few building blocks toward a future of sound CCI theory and practice.

Developing a Strategic Framework for Managing Security in SCADA Systems

ABSTRACT

The Internet, originally an open distributed system, has gradually evolved into a complex network as a platform for global connectivity. Today, the Internet hosts complex electronic and engineering systems (such as Supervisory Control and Data Acquisition – SCADA – systems) deployed to manage critical infrastructures. The Internet has become a platform for transporting high volumes of critical information worldwide. Securing sensitive information and safeguarding operations of critical infrastructure management systems has become critical. SCADA systems are deployed, complex operations that play a vital role in managing critical resources. This paper elaborates on the need for a holistic approach for managing the security of complex infrastructures and recommends a strategic model for security management of SCADA systems.

Understanding the Co-Evolution of Cyber Defenses and Attacks to Achieve Enhanced Cybersecurity

ABSTRACT

This article examines the notion of cyberattack-and-defend co-evolution as a mechanism to better understand the influences that the opposing forces have on each other. The concept of co-evolution has been most commonly applied to a biological context involving living organisms and nature-based adaptations, but it can be applied to technological domains as well. Cybersecurity strategies based solely on technological features of attack-and-defend adaptations do not immediately reveal a co-evolutionary relationship and are typically seen more as cyber arms races. In order to leverage cyber co-evolution in support of cybersecurity, the human-driven behaviors of cyberattack-and-defend adaptations have to be incorporated. In other words, the mission must serve to drive human motives and goals, and in many cases, must limit the scope of an attacker’s adaptations.

I Want My Smartphone. I Want It Now. And I Want to Connect to Everything from Anywhere… Now!

ABSTRACT

Even the classified enterprise is going mobile. Trolls and Luddites cannot prevent it. But the bridge to be crossed to mobility nirvana (a secure, cheap, and user-beloved system) is still rickety with many places where one can fall into the chasm of lost data. The forces of malware, user sloth, shoddy component design, and poor system architecture are arrayed against safe passage. But one is not alone. Assisting the crossing are a number of laws requiring privacy and security measures, government programs that induce superior products, policies written for both public and private sector enterprises, standards bodies, and, most of all customers demanding security from vendors. This paper will look at the mobility mission, the threat to mobile, the secure enterprise architectures using defense in depth, the state of security in system components and how that is being improved through a number of efforts, and the impact of new technology.

Public/Private Partnerships in Cyberspace: Building a Sustainable Collaboration

ABSTRACT

Much has been written about the legal rights and interests of government, private industry, and individual users in cyberspace. However, relatively little has been written about how codes of conduct, public/private partnerships, and standards and collaborative efforts can be used to structure advancement in technological knowledge for the benefit of all users, or how these efforts could better prioritize the rights and responsibilities of each of the actors in cyberspace. Based on empirical research, this paper presents a conceptual framework for building sustainable partnerships between government and private industry, and looks to models of successful partnerships both nationally and internationally.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com