Volume 14, Issue 3

Volume 14, Issue 3 Editorial

Stylized Image of the Word Editorial

JULY 2015

From an IO and Cyber Warfare aspect, it is a very interesting period. For many, attribution has always been a stumbling block with cyberattacks, but two recent events in widely divergent arenas have opened up the ability to know the identity of the individual, group, organization, or nation that probably conducted the incident. With both the hacks on Sony Pictures and the Office of Personal Management, the National Security Agency has come forward and, using its capabilities, acknowledged to the world, that North Korea and China, respectively, were responsible for these attacks. We are also seeing widespread use of perception management by ISIS, once again around the globe, through the use of social media to incite and recruit potential warriors to their cause. In all of these cases, the use of IW as a tool to conduct action from abroad has been very successful.

Observed Correlations of Unsolicited IP Traffic across Five Distinct Network Telescopes

ABSTRACT

Using network telescopes to monitor unused IP address space provides a favourable environment for researchers to study and detect malware, denial of service, and scanning activities on the Internet. This research focuses on comparative and correlation analysis of traffic activity across five IPv4 network telescopes, each with an aperture size of /24 over a 12-month period. Time series representations of the traffic activity observed on these sensors were constructed. Using the cross- and auto-correlation methods of time series analysis, sensor data was quantitatively analysed with the resulting correlation of network telescopes’ traffic activity found to be moderate to high, dependent on grouping.

Towards the Establishment of an African Cyber-Army

ABSTRACT

Cybersecurity has become a critical element of the national security of countries. A cyber-army is a group of soldiers highly skilled in information technology with cyber skills. Cyber-armies are the unseen military cyber power which countries should employ to maintain national cybersecurity. A cyber-army has the ability to launch cyberattacks and collect information in order to gain a strategic military advantage. In this paper, selected cyber-armies are compared. The focus is on the establishment of an African Cyber-Army to defend and protect cyber sovereignty. An African Cyber-Army has to serve nations whose citizens often have low levels of cybersecurity awareness in conjunction with rapidly growing rates of access to cyberspace.

Public/Private Partnerships in Cyberspace: Building a Sustainable Collaboration

ABSTRACT

Much has been written about the legal rights and interests of government, private industry, and individual users in cyberspace. However, relatively little has been written about how codes of conduct, public/private partnerships, and standards and collaborative efforts can be used to structure advancement in technological knowledge for the benefit of all users, or how these efforts could better prioritize the rights and responsibilities of each of the actors in cyberspace. Based on empirical research, this paper presents a conceptual framework for building sustainable partnerships between government and private industry, and looks to models of successful partnerships both nationally and internationally.

Specifying Functional Requirements for Simulating Professional Offensive Cyber Operations

ABSTRACT

Several nations are acquiring the capability for conducting professional offensive cyber operations to fight wars and combat crime and terrorism. They need to know how the attack process works, what resources are required, and how to command and control operations. Simulation is a powerful technology for gaining understanding about such issues. This article presents the functional requirements specification for an agent-based simulator of professional offensive cyber operations in a networked environment. Requirements cover the simulation infrastructure, including time handling, stochastic behaviour, modelling representation, interfacing, and simulation control. Cyber-specific use cases are grouped by stakeholder and phase of operation.

Cyber Maturity as Measured by Scientific-Based Risk Metrics

ABSTRACT

One of the major challenges of information warfare is how to effectively combat existing and future cyber threats and vulnerabilities. In this paper, a quantifiable and rigorous approach for entities (governments, organizations, etc.) is proposed to better assess their ‘cyber maturity’ level. The authors also propose to examine the reliability and security of networks in terms of scientific-based risk metrics. The risk metrics are built upon (1) a ‘modified’ CVSS Base Score using the Analytic Hierarchy Process (AHP), and (2) the foundation of repeatable quantitative characteristics (‘for example’ vulnerabilities). A case study is examined which highlights the resulting benefits and challenges.

The Potential of Collective Intelligence in Online Community Projects

ABSTRACT

This paper introduces the theoretical model of CI (Collective Intelligence) Potential Index for a scientific discussion. The index will allow users to identify and to analyse conditions that lead online communities to become more intelligent, inclusive, reflective, and safe. The subject of the research is online community projects, which include collective decision-making tools and innovation mechanisms fostering creativity, entrepreneurship, collaboration, new forms of self-regulation, and self-governance. The CI Potential Index (CIPI) will show the state and dynamics of the CI according to changes of various internal and external parameters. The data necessary for the identification of the CI Potential Index dimensions were collected using quantitative and qualitative research and will be revised during the scientific experiment. A longitudinal observation of a number of networked platforms will be undertaken to measure agreed-upon representative parameters. The value of the Index is that it defines capacity of the online community for aggregating and creating knowledge, for creativity and decision making, for self-organising, for adaptivity, and for the emergence of “swarm effect”.

A Study of Perceptions of Graphical Passwords

ABSTRACT

Depending on the graphical password schema, the key-space can be even bigger than alpha-numeric passwords. However, in conventional passwords, users will re-use letters within a password. This study investigates graphical passwords for symbol-reuse and finds that users do not re-use symbols with the same frequency as conventional passwords. The user-selected key- space for graphical passwords is smaller than theoretically expected. This study also reports on perceptions of graphical passwords: 52% of people do not support the use of graphical passwords within their organization. Furthermore, 57% of respondents do not support the use of such technology in their financial institutions.

An Information Operations Roadmap for South Africa

ABSTRACT

The latest arms race can be considered to be information-based, revolving around Information Operations (IO). As with any developing concept, there are innovators, early adopters, and laggards. However, complexities in the constructs of IO result in a number of potential adopters struggling to implement their own brand of IO. A modified Capability Maturity Model is proposed and applied to the case of South Africa. Using guidance from previous studies and publicly available documentation, capability gaps for IO in South Africa are identified. Based on these gaps, a roadmap for developing IO capacity in South Africa is proposed.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com