Volume 12, Issue 2

Volume 12, Issue 2 Editorial

Stylized Image of the Word Editorial

JULY 2013

The Journal of Information Warfare (JIW) is turning a new page.  We are moving forward with a new staff that retains the best of the past, present, and future of our field.  My name is Leigh Armistead and I am the new chief editor for JIW, having received my PhD in IW from Edith Cowan University and published three books, which focus on cyber warfare.

Analysis of Programmable Logic Controller Firmware for Threat Assessment and Forensic Investigation

ABSTRACT

Industrial Control Systems are developing into highly networked collections of
distributed devices. The next generation of threats is likely to focus on PLC firmware. Just as traditional computer malware evolved to hide itself using operating system-level rootkits, so will ICS attacks evolve to embed themselves in the PLC equivalent: the firmware. This paper discusses the techniques and procedures required to access, inspect, and manipulate the firmware of an Allen-Bradley PLC. A detailed analysis provides details about the capabilities and methods required by an attacker, and the effectiveness of recovering PLC firmware for forensic investigation of a potential attack.

The Weakest Link : The ICT Supply Chain and Information Warfare

ABSTRACT

This paper proposes a unified model of best practice for ICT Supply Chain Risk Management (SCRM). Ensuring proper ICT-SCRM practice is an important national priority because of the vulnerability of current supply chains to attack by nation states and other adversaries. This paper presents a comprehensive set of standards-based lifecycle practices designed to address ICT product integrity concerns in the global marketplace.

Exercising State Sovereignty in Cyberspace: An International Cyber-Order under Construction?

ABSTRACT

Cyberspace is erroneously characterized as a domain that transcends physical space and thereby is immune to state sovereignty and resistant to international regulation.  The purpose of this paper is to signify that cyberspace, in common with the other four  domains (land, sea, air and outer space) and despite its unique characteristics, is just a reflection of the current international system and, thereby, is largely affected by the rules that characterize it. The issue of state sovereignty in cyberspace raises critical questions about the need to regulate the cyber domain and gradually reach an international cyber-order.

Survivability in Cyberspace Using Diverse Replicas: A Game-Theoretic Approach

ABSTRACT

Survivability represents the quantified ability of a system, subsystem, equipment, process or procedure to function continually during and after a disturbance. Almost invariably, replication of a subsystem or procedure is necessary to meet a system’s survivability requirements. Diversity will prevent the same fault or attack from damaging all the replicas so that they can continue the mission. This research shows that the more dangerous vulnerabilities (that is, those that affect more replicas) in a system are sometimes less likely to be exploited. This work uses the mathematical framework of game theory to show the significance of replica diversity for mission survival in cyberspace.

The Emergence of Cyber Activity as a Gateway to Human Trafficking

ABSTRACT

Today, according to the U.S. Department of State’s 2012 Trafficking in Persons Report it is estimated as many as 27 million people around the world are victims of trafficking into the sex trade and other forms of servitude known as modern slavery or trafficking in persons. This paper will assist in creating a deeper understanding of the impact of cyber activity on the human trafficking industry in the effort to find greater solutions for the prevention and prosecution of, as well as the protection of the innocent from the growing incidence of cyber activity as it relates to human trafficking around the globe.

Functional Resilience, Functional Resonance and Threat Anticipation for Rapidly Developed Systems

ABSTRACT

Network-centric rapid-development teams focus on functionality: integrating Commercial off-the-Shelf (COTS) and Government off-the-Shelf (GOTS) technologies to meet specific goals for a compressed development schedule. In most cases, basic security will be implemented, but there is an assumption that the integrated COTS and GOTS systems are secure, despite the introduction of new development and integration into existing programs of record. Functional resilience for rapidly developed systems is rarely considered and can result in operational failure in real-world scenarios due to long recovery times following an adverse effect. Testing for functional resiliency prior to deployment will identify inherent or introduced vulnerabilities.

Cyber Macht: Laying the Groundwork for a New Comprehensive Academic Theory

ABSTRACT

The authors outline a comprehensive academic theory on Cyber Macht (Cyber Power) that updates Soft Power or Noopolitik and includes elements of Information Operations (IO) and the practical aspects of diplomacy and warfare. Centered on communication paths and changes in connectivity and focused around the theme that power is now globally distributed because of huge increases in 1) access to information for people around the world and 2)their ability to influence events far beyond previous ranges, this theory references power and influence operations.

Results from a SCADA-Based Cyber Security Competition

ABSTRACT

On April 1 2011, Regis University hosted the 7th Computer and Network Vulnerability Assessment Simulation (CANVAS) competition with a turnout of 68 event competitors and at least two dozen faculty and spectators. The event was a major success. The competition sought primarily to introduce a Critical Infrastructure Protection (CIP) theme to a cyber competition to raise awareness of these types of attacks. This paper will discuss the goals and intricacies of developing the CANVAS cyber competition, including technical details, extensibility of CIP-focused cyber competitions, as well as the continued development and value of CIP simulation infrastructure.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Media Parner to JIW.

Media Partner

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com