Volume 16, Issue 3

Volume 16, Issue 3 Editorial

Styled jiw editorial image

Summer 2017

Most of the papers in this latest edition of the Journal of Information Warfare represent the best presentations from the 2017 International Conference on Cyber Warfare and Security (ICCWS) held in Dayton, Ohio, and co-sponsored by Wright State University and the U.S. Air Force Institute of Technology (AFIT). This issue of JIW contains a wide variety of research focusing on the broad spectrum of cyber warfare, with an emphasis on Industrial Control Systems (ICS), 

A Qualitative Exploration of Adversarial Adaptability, Group Dynamics, and Cyber-Intrusion Chains

Abstract:

Conventional cyber attack management is reactive, which is ineffective in curbing sophisticated adversaries, especially Advanced Persistent Threats (APTs). There is an immediate need for proactive cyber-security measures that reflect the adaptive and dynamic nature of these adversaries. Using empirical evidence of observations and interviews conducted at the Industrial Control Systems Computer Emergency Response Team’s (ICS-CERTs) Red-Team/Blue-Team cyber-security training exercise held at Idaho National Laboratory (INL), this paper highlights the human aspects of cyber attacks, with a specific focus on adversarial intrusion chains, adaptability after attack disruptions, and group dynamics.

A Detailed Look at ‘I Think I CAN’

Abstract:

Components within modern automobiles communicate across a Controller Area Network (CAN), which has been demonstrated to be vulnerable to external adversarial attention. To better integrate effective security for the CAN protocol at the design level, the standard can be defined in temporal logic. Translating the temporal logic into a module for a real-time network emulator complements a greater goal to reduce security testing overhead. Comparing performance metrics while attempting to exploit modified CAN designs provides analysts with a readily accessible source of information as to whether a solution can be supported by module developers in industry.

An Open-Source Tool to Support the Quantitative Assessment of Cyber Security for Software Intensive System Acquisition

Abstract:

This paper presents an open-source tool to support the quantitative assessment of software reliability and cyber security. The tool enables assessment of a system’s security from penetration-testing data and can be used to estimate the number of vulnerabilities remaining. This approach will enable organisations that acquire software to establish quantitative requirements for inclusion in contracts, thereby providing clear requirements for software and system developers to meet. The tool will enable contractors to regularly assess the security of their software, which will facilitate the identification and reporting of programs that may fail to achieve contractually specified security objectives.

Wireless Security Within New Model Vehicles

Abstract: 

Vehicles currently on the market are more like computers on wheels than most consumers would even begin to imagine. In fact, consumers rarely consider whether their new vehicles could be hacked in a fashion similar to their home PCs. Recently, attacks on vehicles have been brought into the spotlight, a reality that is making vehicle cyber security a priority with both vehicle manufacturers and politicians, and through both manufacturers’ designs and U.S. Senate bills. This paper explores the means by which a vehicle could potentially be hacked, what ramifications come from a hacking attack, and how a vehicle could be protected against attacks.

Evaluating System on a Chip Design Security

Abstract:

In this paper, the security of an increasingly popular concept called System on a Chip (SoC) is considered. SoC consists of pairing a Field Programmable Gate Array (FPGA) and a processor on a single chip. The researchers contend that security is permanently influenced by initial design decisions; and, if aware of the trade-offs, designers incorporating SoCs into their systems can improve security of their applications.

Enabling the Development and Deployment of NATO Cyber Operations: An Analysis of Modern Cyber Warfare Operations and Thresholds of Global Conflict

Abstract:

This article presents an overview of cyberspace operational cognition within the North Atlantic Treaty Organization (NATO). This paper likens submarine warfare tactics used during the Cold War to current cyberspace tactics used in modern warfare. As the European Union moves toward a market governed by digital economies, the influx of cyber security technologies and nation-state support should match this influx to prevent, holistically, malicious compromise. 

Simulcasted Power Line Communication Network (SPN) Configuration Validation for Home Automation Applications Using Wired Signal Distinct Native Attribute (WS-DNA) Fingerprinting

Abstract:

By utilising existing infrastructure, Power Line Communication (PLC) is a cost- effective, practical solution that supports home automation and critical national infrastructure systems. However, current home automation PLC implementations are inherently unsecure, susceptible to network intrusion, and vulnerable to unauthorised configuration changes. 

Cyber-Physical War Gaming

Abstract:

This  paper  presents  general  strategies  for  cyber  war  gaming  of  Cyber-Physical Systems (CPSs) that are used for cyber security research at the U.S. Army Research Laboratory (ARL). 

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com