Editorial

Welcome to the second issue of JIW for 2011 and the 29^th issue overall. The Journal of Information Warfare is committed to an involvement in the wider discipline of information warfare and information operations. This issue considers a range of issues relating to Information Warfare.

This issue has five papers.  The paper by Garramone and Likaresh examines the pressing need for security-related educational material in their vision of a Public Repository for Information Security Materials (PRISM) web portal. In particular, the article examines the challenges facing the implementation of a dynamic taxonomy-based content management system. The difficulties of servicing an ever-changing Information Warfare landscape are underscored by the need to provide information in an efficient, functional, and reliable setting.

The paper by Rohret and Kraft presents a step-by-step case study that employs a highly mistrustful approach to remaining anonymous. The paper explains a set of procedures using only open source tools, that considers identity issues born from vulnerabilities in transactions, communications and internet traffic. The paper makes a strong case for a more nuanced understanding of the true “real-time” capabilities of governments in any potential efforts to deploy advanced cyber techniques for the purpose of positive online identification.

The third paper by Flaherty and Green presents a novel model for last minute counter terrorism action. The piece explains a terrorist attack scenario that is examined as a time and action study of the immediate minutes and seconds leading up to a terrorist attack. From this analysis, the authors posit that it is possible to establish ground rules for modelling an approach to the problem, including the deployment of evacuation strategies in public places such as railway stations.

The paper by Ulf Haeussler shows how existing legal and policy frameworks interconnect with the practical aspects of cyber warfare and its associated intelligence functions. The paper analyses the way in which new strategy documents develop and change an existing policy framework, as well as discussing the consequences for any interpretation and application of the law of armed conflict.  The paper also explains how new strategy documents inform legal discourse, and support the continued efforts to maintain cyber activities that are lawful and legitimate.

The final paper by Alexandru Nitu looks closely at issues regarding the compatibility between international legal provisions on armed conflict and new forms of warfare. The paper also considers the response issues to long-established legal principles such as National Sovereignty. The paper calls for the drafting of new rules that provide opportunities to rectify translation problems that adversely affect Information Warfare under the Law of War. As such, the issues raised here can be used to give states and their military groups a clear sense of the rules of engagement for the information age.

David Cook

Coordinating Editor

October 2011

d.cook@ecu.edu.au

Authors

Alexandru Nitu, 33, is a legal counsellor at the Romanian Intelligence Service, with ten years of experience in matters regarding human rights protection and in the substation and elaboration of legal drafts regulating various fields connected with national security. He is also involved in legal studies that relate to the impact of the intelligence activities on respected citizens and their fundamental rights and liberties

Chris Flaherty has been based in London since 2008, and is an active contributor on security, terrorism early warning and related international intelligence issues. He is currently involved in the development of a ‘Scripted Agent Based Microsimulation Project’, developed at the University of Wollongong (NSW, Australia). He currently specializes in the area of Mass Gathering Vulnerability analysis in the United Kingdom, and the US. He advises on risk analysis projects for building facilities. His work covers a broad spectrum of risk-related endeavours including resilience, counter-terrorism, critical infrastructure protection, 3D tactics, fragmentation and vulnerability analysis. Chris has a PhD in Economic Relations from the University of Melbourne.

Dan Likarish is an assistant professor in the School of Computing & Information Sciences with responsibility for Information Assurance program coordination, students and research at Regis University.  He is Director of the Colorado Front-range Center on Information Assurance Studies.  His research and teaching interests are in the design and implementation of student cyber security competitions, security of critical SCADA infrastructure and virtualization of student lab exercises.  He has installed and is calibrating a Radio Telescope for use as a K-College teaching instrument and directs the Rocky Mountain Collegiate Cyber Defense Competition.  He is the recipient of various state, industry and federal grants and awards.

Tony Green is an active consultant and researcher in Catastrophic Risk Assessment, Risk Simulation and Fire and Explosion in the UK and Australia. He is Visiting Principle Fellow in the School of Computer Science and Software Engineering at the University of Wollongong. His work in Catastrophic Risk Assessment has resulted in the development of novel approach to incorporating risk events at the catastrophic end of the risk spectrum. His technique incorporates spatial modeling of behaviours and risk in complex systems. Some applications which are currently being developed are for terrorism and policing, explosion and fire, pandemics and biosecurity. This is being developed as a real time decision support systems for emergency planning and other uses. He is a recognised leader in modeling of fire, fire spread and explosion, to give realistic predictions of damage and injury.

Ulf Haeussler is the NATO Fellow for the U.S. National Defense University’s Center for Transatlantic Security Studies (CTSS), and a member of the Legal Service of the German Armed Forces.  Prior to his assignment at CTSS he was Assistant Legal Advisor at the Headquarters, the Supreme Allied Commander Transformation (NATO HQ SACT).  Earlier, he has served in several positions as a legal advisor in the German Armed Forces, including on two Balkans deployments and a secondment to NATO Heaquarters, and was a research fellow and lecturer in law at the Universities of Regensburg, Wuerzburg, and Konstanz.  He has focused his research and writing on international law and its relationship with strategy, dealing with various aspects of the law of armed conflict and international military operations, international and comparative human rights law, status and functions of the armed forces, and international migration law.

David Rohret works as a Senior Principal Systems Engineer for the North American Public Sector in enforcement, security and intelligence. He has over 30 years of programming and information technology experience; from designing neural networks for intelligent weapon systems to multimedia educational software.  Since 1999 Dave has focused on network security, specifically the development of exploits and attack methodologies for use in securing networks and department of defense weapons systems.  Dave has authored and presented over 15 research papers at international conferences to include the Institute of Electrical  and Electronic Engineers (IEEE), International Conference on Information Warfare (ICIW), and the European Conference on Information Warfare (ECIW). Dave’s current research is centred on supply-chain network attacks and data exfiltration.  Dave has served as the Chairperson for the S.W. Texas IEEE Computer Society and provides pro-bono network security audits for small companies and under-privileged schools.

Michael E. Kraft, works at the Joint Information Operations Warfare Center (JIOWC)  For the last ten years he has been deeply involved with network security stemming from his time working as an analyst at the Air Force Computer Emergency Response Team (AFCERT).  For the last two years Michael has been working with the Joint Information Operations Warfare Center (JIOWC) / Joint Vulnerability Assessment Team (JVAT).  He researches developing world cyber attacks and accomplishes network assessments based on his research.  This includes, but is not limited to: current and emerging network-centric technologies associated with R&D, pre-assessment enumeration and exploitation testing; and finally, researching and implementing adversarial attack techniques.  Michael’s credentials include a Masters in Information Assurance from Capitol College of Maryland and the following certifications: CISSP, CEH, CHFI, ECSA/LPT, CDNA, and Sec+.

Vincent Garramone holds a Master’s degree in information assurance from Regis University. His professional interests include network defense, digital forensics, and information assurance education. Vincent currently works in the National Capitol Region as an information security specialist.

David Rohret works as a Senior Principal Systems Engineer for the North American Public Sector in enforcement, security and intelligence. He has over 30 years of programming and information technology experience; from designing neural networks for intelligent weapon systems to multimedia educational software.  Since 1999 Dave has focused on network security, specifically the development of exploits and attack methodologies for use in securing networks and department of defense weapons systems.  Dave has authored and presented over 15 research papers at international conferences to include the Institute of Electrical  and Electronic Engineers (IEEE), International Conference on Information Warfare (ICIW), and the European Conference on Information Warfare (ECIW). Dave’s current research is centred on supply-chain network attacks and data exfiltration.  Dave has served as the Chairperson for the S.W. Texas IEEE Computer Society and provides pro-bono network security audits for small companies and under-privileged schools.

Michael E. Kraft, works at the Joint Information Operations Warfare Center (JIOWC)  For the last ten years he has been deeply involved with network security stemming from his time working as an analyst at the Air Force Computer Emergency Response Team (AFCERT).  For the last two years Michael has been working with the Joint Information Operations Warfare Center (JIOWC) / Joint Vulnerability Assessment Team (JVAT).  He researches developing world cyber attacks and accomplishes network assessments based on his research.  This includes, but is not limited to: current and emerging network-centric technologies associated with R&D, pre-assessment enumeration and exploitation testing; and finally, researching and implementing adversarial attack techniques.  Michael’s credentials include a Masters in Information Assurance from Capitol College of Maryland and the following certifications: CISSP, CEH, CHFI, ECSA/LPT, CDNA, and Sec+.