Volume 1, Issue 2

Volume 1, Issue 2 Editorial

Stylized Image of the Word Editorial

DECEMBER 2001

Welcome to the second issue of JIW. The journal was launched at InfoWarCon in Washington early in September, despite some problems with the delivery of the hard copies.

This issue contains eleven papers. Four of them (Armstrong; Furnell; Fawcett and Sowerbutts; Busuttil and Warren) were selected from those presented at the 2nd Australian Information Warfare and Security conference in Perth, Western Australia (November, 2001). We are also privileged to have three eminent information warfare experts (Schwartau; Dearth; Tyrell) offer position papers. Another excellent paper from Noel et al examines anomaly detection, Chirathamjaree and Gururajan look at threat to wireless systems. Broucek and Turner delve into the expanding area of Forensic Computing whilst Davey and Armstrong give us an approach to teaching cyber warfare. I hope you find this a diverse and interesting issue.

Asymmetrical Adversarialism in National Defense Policy, The Marketplace and Personal Privacy

ABSTRACT

I once calculated, on the back of a napkin thoroughly drenched in Outback steak juice, that it takes a whole lot of paper to wage a war. I mean, a terrific amount of paper: something like 3,412.7 pieces of papers for every combatant and support soldier in the chain of command. If the war or Operation Other Than War (OOW) or a peace keeping mission carries on for more than six weeks, the paperwork jungle doubles and as the war continues into months, the paperwork increases, but at a lesser rate of bureaucratic indulgence

All of this war-fighting paper means there has to be a whole lot of paper pushers to push the paper needed to fight the war. To support the paper pushers, you have to have people to buy the paper and the pens at the right price; a price that the government would be proud to pay as long as they’re fighting a war. And of course, you have to have bean counters to count how much paper the paper pushers are pushing which is what really makes the whole war business worth doing in the first place. You see, war is a lot about paper.

Network-Based Anomaly Detection Using Discriminant Analysis

ABSTRACT

Anomaly-based Intrusion Detection Systems (IDS) can be a valuable tool for detecting novel network attacks. This paper analyzes the use of linear and non-linear discriminant analysis on packet header information from Transport and Internet layers of the TCP/IP model to classify packets as normal or abnormal. By training on normal traffic for a particular service (web and secure shell) and known attacks, the classifier can automatically identify differences between packets that may be used to classify future unknown traffic.

Denial of Service and Protection of Critical Infrastructure

ABSTRACT

Denial of service attacks generate massive volumes of illegitimate traffic and utilize system resources in a way that renders the system inoperable, thus denying access to authorised personnel. Denial of service attacks can be projected against systems controlling critical information infrastructure and have the potential to be an effective weapon in cyberwarfare. This paper explains the concept of a denial of service attack, discusses the different methods of achieving denial of service and looks at the impact this type of attack may have on critical infrastructure. Although there are no fail-safe ways to protect against denial of service attacks, several means of minimising damage to information systems are discussed.

Categorising Cybercrime and Cybercriminals: The Problem and Potential Approaches

ABSTRACT

Cybercrime is now recognised as a major international problem, with continual increases in incidents of hacking, viruses, and other forms of abuse having been reported in recent years. However, although many people may recognise cybercrime-related terminology, agreeing and defining what they actually mean can prove to be somewhat difficult. As a result, alternative classifications have emerged from a range of authoritative sources, which are similar in some respects, but markedly different in others. This paper considers the difficulty associated with categorising cybercrime, and identifies that a harmonised nomenclature would be beneficial to individuals and organisations concerned with combating the problem, as well as to those concerned with reporting the issue to the general public.

On Wireless Network Security

ABSTRACT

We discuss practical security of 802.11b wireless networks through three anecdotal case studies. The dangers facing a university faculty, a small business and a home user are explored. Information Burglary—industrial espionage against telecommuters—is introduced. We investigate the underlying causes of security holes, spanning theoretic algorithmic flaws, deployment errors and end-user naivety. Failures to appreciate the range of radio coverage are highlighted and features interactions with other technologies are explored. Technical and ethical suggestions for improvements by the industry and network administrators are made.

Intelligent Agent Technology Within Information Warfare

ABSTRACT

Research into Intelligent Agent (IA) technology and how it can assist computer systems in the autonomous completion of common office and home computing tasks is extremely widespread. The use of IA’s is becoming more feasible as the functionality moves into line with what users require for their everyday computing needs. However, this does not mean that IA technology cannot be exploited or developed for use in a malicious manner, such as within an Information Warfare (IW) scenario, where systems may be attacked autonomously by agent system implementations. This paper will discuss the current state of malicious use of IA’ s as well as focusing on attack techniques, the difficulties brought about by such attacks as well as security methods, both proactive and reactive, that could be instated within compromised or sensitive systems.

Critical Infrastructures and the Human Target in Information Operations

ABSTRACT

When people speak of “targeting” in the context of Information Operations and Information Warfare, many tend to make direct analogies to kinetic warfare: Attacks on Critical Infrastructure, attacks on command - and - control centres and capabilities, attacks on computers and information systems, etc. Interest in attacking Critical Infrastructures comes easily and readily to mind, as it is generally a legacy of the sort of strategic bombing envisioned by the earliest airpower advocates and developed to a relatively high art during and since the Second World War.

Potential Security Breaches and Threats in a Wireless Computing Environment

ABSTRACT

Recent technological innovations in computing such as wireless computing have opened up new dimensions of threats to data security. These new technologies reveal users’ location and hence make the availability of information vulnerable. Further, by identifying individuals using wireless computing technologies, it is possible to access corporate data, leading to security breaches. This paper discusses the potential for security breaches in wireless computing with respect to location identification technologies.

Protecting the National Critical Infrastructure: The Human Dimension From a Government Perspective

ABSTRACT

The history of mankind has been punctuated by events of a seminal nature: those events which have had a profound and lasting impact upon the development of human society. The discovery of fire, the introduction of the wheel, the use of speech and writing to communicate complex ideas are all examples of those events, possibly almost trivial in themselves, which have moulded the human race. We take them for granted, along with the knowledge gleaned by Homo Sapiens collectively over the last 100,000 years. We can only guess, however, at the social upheaval and cultural havoc wrought by each of these changes as they were adopted into human society.

An Approach to Teaching Cyber Warfare Tools and Techniques

ABSTRACT

This paper looks at an approach to teaching offensive and defensive skills in cyberwarfare. The teaching strategy presented has been developed in an active defense education environment. Action learning is an important facet of this cyberwarfare learning environment allowing students to experience application of the theory and reflect on the learning process whilst gaining proficiency in the tools and techniques.

Forensic Computing

ABSTRACT

Forensic computing (FC) is an emerging academic discipline that is difficult to define. This paper attempts to define taxonomy and to explore the interrelationships between specific academic and scientific disciplines involved. The paper also aims to highlight the significance of the forensic computing approach and how this approach can aid the development of defensive/offensive approaches in the era of information warfare (IW).

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Media Parner to JIW.

Media Partner

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com