Volume 7, Issue 3

Volume 7, Issue 3 Editorial

Stylized Image of the Word Editorial

DECEMBER 2008

This final edition of JIW for 2008 covers vulnerability in IPSec tunnels, malware analysis, wireless deployment in the defence forces, and a discussion of the lessons that could be learnt from modern military conflict.

Becoming the Enemy…and How Not To: Strategic Communications and the Challenges of the War on Terror

ABSTRACT

This opinion piece argues that there are lessons to be learned from past applications of Psychological Operations and Information Operations for the current practice of Strategic Communications.  The Information War on Terror is going so badly that something must be done.  Already longer than World War Two, western strategic communication directed towards the Arab and Muslim world has failed because the military, while being quite good at tactical operational propaganda, is not by itself equipped to work at the strategic or political level.  This is because western militaries regard information as a support tool.  For Al Qaida and the Taliban it is the main weapon.

Malware-based Information Leakage over IPSec Tunnels

ABSTRACT

IPSec-based protocols are often presented by practitioners of information security as an efficient solution to prevent attacks against data exchange. More generally, use of encryption to protect communication channels or to seclude sensitive networks is seen as the ultimate defence. Unfortunately, this confidence is illusory since such “armoured” protocols can be manipulated or corrupted by an attacker to leak information whenever an access is managed with simple user’s permission. In this paper, we present how an attacker and/or a malware can subvert and bypass IPSec-like protocols to leak data from the system under attack. By using a covert channel, we show how to code the information to be stolen, how to insert it in the legitimate encrypted traffic and finally collect/decode the information on the attacker’s side. We first present how to exploit the covert channel and to steal sensitive data without triggering any alert. Subsequently, the detailed results of extensive experiments to validate the attack techniques on an operational level are given. Finally, some potential prevention and protection techniques are presented to limit such attacks. However, this analysis demonstrates that residual weaknesses are bound to remain unless the communication protocols involved are significantly modified.

Malware Analysis Framework from Static to Dynamic Analysis

ABSTRACT

Today, malicious software on networks is the major threat to internet security. Analysis of the malicious software is a multi-step process that can provide insight into its structure, functionality and behaviour that can be used to create an antidote. This paper focuses on how the analysis of malicious software can be used and how details of events gathered from an infected system can be used to detect a new infection. This strategy makes it possible to detect an infection on a honeypot that has been deployed to detect zero-day attacks. This paper demonstrates the steps taken in the analysis of malicious software from static to dynamic analysis, then the same methodology is used to analyse an infection on the honeypot. The paper concludes with an explanation of the difference between the static and dynamic analysis of malicious code. 

Australian Defence Force Policy and the use of WPA2 as a Security Option for Deployment of 802.11 Wireless Networks in the Field

ABSTRACT

The wireless function is an under utilised resource for many military organisations. Until recently, Defence wireless local area network assessments have highlighted wireless inadequacies in relation to data security and the protection of sensitive information. But since the introduction of WPA2 and the acquisition of wireless applications into U.S Dept. of Defence networking infrastructure, global defence departments are testing wireless applications for advantages in the military domain. This paper examined WPA2’s security mechanisms and their relationship with the Australian Defence Force policy and military operational environments. Though still officially unacknowledged in the Australian military landscape, WPA2 offers a robust security solution that can potentially provide the Australian Defence Force with the networking flexibility that only wireless delivers. The analysis conducted here suggests that the use of wireless networks to support military operations when secured using WPA2 methods is feasible.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com