Analysis of Programmable Logic Controller Firmware for Threat Assessment and Forensic Investigation

ABSTRACT

Industrial Control Systems are developing into highly networked collections of
distributed devices. The next generation of threats is likely to focus on PLC firmware. Just as traditional computer malware evolved to hide itself using operating system-level rootkits, so will ICS attacks evolve to embed themselves in the PLC equivalent: the firmware. This paper discusses the techniques and procedures required to access, inspect, and manipulate the firmware of an Allen-Bradley PLC. A detailed analysis provides details about the capabilities and methods required by an attacker, and the effectiveness of recovering PLC firmware for forensic investigation of a potential attack.

AUTHORS

Zachary Basnight

Department of Electrical & Computer Engineering
Air Force Institute of Technology
Wright-Patterson Air Force Base, OH, United States

Zachary Basnight (1st Lt, USAF) 90th Information Operations Squadron San Antonio-Lackland AFB, TX. 1st Lt Zachry Basnight is a Deputy Flight Commander with the 90th Information Operations Squadron. He received an MS in Cyber Operations from the Air Force Institute of Technology in 2013, and a BS in Computer Science from the US Air Force Academy in 2009. He is currently serving on active duty at Joint Base San Antonio-Lackland Air Force Base in San Antonio, Texas.

Jonathan Butts

Department of Electrical & Computer Engineering
Air Force Institute of Technology
Wright-Patterson Air Force Base, OH, United States

Jonathan Butts, PhD (Major, USAF) Center for Cyberspace Research Air Force Institute of Technology Dr. Jonathan Butts is an assistant professor of computer science and member of the Center for Cyberspace Research at the Air Force Institute of Technology. He received his PhD in Computer Science from the University of Tulsa in 2010, an MS in Information Assurance from the Air Force Institute of Technology in 2006, and a BS in Computer Science from Chapman University in 2001. Jonathan is an active duty Major in the United States Air Force with 15 years of service. He is a fellow of the National Board of Information Security Examiners and committee Chair for the International Federation for Information Processing Working Group on Critical Infrastructure Protection. He has performed research and worked extensively with the Department of Defense, Department of Homeland Security, Department of Energy, National Security Agency, Central Intelligence Agency and US Secret Service.

Thomas Dube

Department of Electrical & Computer Engineering
Air Force Institute of Technology
Wright-Patterson Air Force Base, OH, United States

Thomas Dube, PhD (Major, USAF) Center for Cyberspace Research Air Force Institute of Technology Dr. Thomas Dube is an assistant professor of computer science and member of the Center for Cyberspace Research at the Air Force Institute of Technology. He received a PhD in Computer Engineering from the Air Force Institute of Technology in 2011, an MS in Information Assurance form the Air Force Institute of Technology in 2006, and a BS in Computer Engineering from Auburn University in 2000. His research interests include reverse engineering, malware analysis, vulnerability discovery, operating systems and software engineering.

Published In

Volume 12, Issue 2

Keywords

Industrial Control Systems

Programmable Logic Controller

Firmware

Embedded Device

Forensics

Threat Assessment

Read the article

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

3D-Printed Gun

3G UMTS

Access Management

Act of War

Action Learning

Active Cyber Defense

Active Response

Active Sensor

Activist Intelligence

Acts of Violence

AdaBoost

Adaptive Red Team

Adaptive Security

Admiralty Law

Advance Encryption Standard (AES) Algorithm

Advanced Encryption Standard (AES)

Advanced Persistent Threat

Advanced Persistent Threat (APT)

Advanced Persistent Threats

Advanced Persistent Threats (APT)

Adversarial Adaptability

Adversarial Attacks

Adversarial Learning

Adversary Behaviour

AFSIM

Agenda Building Theory

Agenda Setting Theory

Agenda-Setting Theory

Agent-Based Modelling

Agile Governance

Agile Mission Groups

Agile Security

AI

Air Warfare

Alarms

Algorithm

Algorithms

Allocation Cost

Ambidextrous Framework

Ambiguous Self-Induced Disinformation Attacks

ANAKONDA-16

Analogue Network Security

Analysis

Analytics

Android

Anomaly Detection

Anonymised Network

Anonymity

Ant Colony Optimisation (ACO)

Ant Tree Miner (ATM)

Anthropology

Anti-Tamper

Anticipatory

Anticipatory Cyber Defence

Anticipatory Ethics

Antifragility

Antivirus

Applications of Intelligence

Applied Probability

Approving Officials

APT

Architecture

Armed Conflict

Armenia

Arms

Arms Control

Army

Artefact

Artificial Intelligence

Artificial Intelligence (AI)

ArtificialIntelligence

Artificially Driven Hybrid Warfare

ASCOPE

ASEAN

Aspectual Analysis

Asset Discovery

Asset Inventory

Assurance

Asymmetric Threats

Asymmetric Warfare

Attack

Attack Lifecycle

Attack Process

Attack Scenarios

Attack Tree

Attack Vectors

Attacks

Attestation

Attitude

Attitudes (KSA)

Attribution

Audit

Augmented Reality

Australia

Australian Constitution

Australian Defence Force

Authentication

Authorities

Authorization Based Access Control

Automated Response Action

Automation

Automobiles

Autonomous Drones

Autonomous Systems

Availability

Awareness

Awareness Training

a

and Information Warfare

B

Babylonia

Backfire

Backup Protection

Barton Whaley

Battle Management

Battlespace

Bayesian Networks

Bayesian-Nash Equilibrium

Behaviour Change

Behavioural Profiling

Belgium

Belief Networks

Belief Systems

Bias

Big Brother

Big Data

Big Data Analytics

Big Five

Binary Analysis

Bio-inspired

Bioinformatics

Biological Warfare

Biometrics

Bitcoin Technology

Blockchain

Blue Team

Book Review

Bot

Bot Controller

Botnet Discovery

Botnets

Bots

Boundaries

Breach

BreakingPoint

Broadband Access

Brute-Force Attacks

Budapest Convention

Burnout

Bush/Obama Doctrine

Business Continuity

Business Process Modeling Notation

Byzantine Generals Playing Evolutionary Games

C

C2

C2S

Cache-Timing Attack

Cache-Timing Countermeasures

Caesar

CANbus

CANVAS

Capability Development

Capability Maturity Model

Capability Packages

Capacity Building

Case Study

Castells

CCDC

CDX

Center of Gravity

Certification

Channel-Estimation

Channel-PUFs

Charter of the United Nations

Cheap Talk Game

China

CIA

CIEDI

CIP

Cipher

Clausewitz

Client Forensics

Closed National Networks

Cloud

Cloud and Big Data

Cloud Computing

Cloud Computing Services

Cloud Data Platform

Cloud Forensics

Cloud Privacy

Cloud Services

Cloud Storage Service

CMMC

CNCI

CNSSI No. 1253

CNSSP 22

Co-Evolution

Coburg Intrusion Detection Data Sets (CIDDS)

CoCom

Cognition

Cognitive Bias

Cognitive Dissonance

Cognitive Domain

Cognitive Malware

Cognitive Rigidity

Cognitive Security

Cognitive Task Analysis

Cognitive Warfare

Cognitive Workload

Cold War

Collaboration

Collateral Damage

Collective Defence

Collective Intelligence

Collective Security

Combat Camera (CC)

Command and Control

Command and Control (C2)

Commercial Security

Commercial Solutions for Classified

Commodity Value Chain

Common Data Model

Communication

Communication Behaviour

Communications Security

Community of Interest

Companies

Competences

Complexity

Complexity Science

Comprehensive

Comprehensive Approach (CA)

Computational Intelligence

Computer

Computer Attack

Computer Audit

Computer Crime

Computer Forensics

Computer Network Attack

Computer Network Defence (CND) Choices and Behaviours

Computer Network Defense

Computer Network Operations Development Program

Computer Security

Conceptual Model

Confidentiality

Confusion

Consumer Awareness

Content Analysis

Contested Cyber Environment

Context Manipulation

Contextual Analysis

Contextual Query

Continuity

Continuous Identity Verification

Control

Control Measures

Controller Area Network (CAN)

Conventional Warfare

Convergence

Cookies

Coordinated Response Action

Coordination

Core Narrative

Corporate Intelligence

Corporate Spies

Corpus Linguistics

Counter influence

Counter Intelligence

Counter Terrorism

Counterattacks

Counterfeiting

Countering Hybrid Warfare

Countering Interference Operations through Minimising Social Divides

Covert Action

Covert Channels

Covert Operations

Covid-19 Disinformation

CPS

Crawler Traps

Credibility

Crime Scripting

Crisis Communication

Crisis Management

Criteria Development

Critical Assets

Critical Cyber Infrastructure

Critical Discourse Analysis

Critical Information Infrastructure

Critical Information Infrastructure Protection

Critical Infrastructure

Critical Infrastructure Protection

Critical Infrastructure Protection and Modelling

Critical National Infrastructure

Cross-border Stored Electronic Evidence

Crowdsourcing

Crucial Decisions

Cryptographic Protocol

Cryptographic Protocols

Cryptography

CSfC

Cultural Dimensions

Cultural Values

Culture

Curriculum

Cyber

Cyber Decision-Making

Cyber Intelligence

Cyber Security

Cyber Warfare

Cyber Activities

Cyber Activity

Cyber Apprenticeship

Cyber Army

Cyber Attack

Cyber Behaviours

Cyber Blockades

Cyber Capability

Cyber Command

Cyber Common Operating Picture (CCOP)

Cyber Competition

Cyber Conflict

Cyber Counterintelligence

Cyber Crime

Cyber Deception

Cyber Defence

Cyber Defense

Cyber Deterrence

Cyber Domain

Cyber Enabled

Cyber Event Detection

Cyber Forces Training

Cyber Governance

Cyber Incident Response

Cyber Information Sharing

Cyber Intelligence

Cyber Intelligence Analysis

Cyber Intelligence Support

Cyber Law

Cyber Maturity

Cyber Monitoring

Cyber Offense

Cyber Offensive and Defensive Capability

Cyber Operations

Cyber Operations other than War

Cyber Operations Planning

Cyber Operations Training

Cyber Physical System

Cyber Physical Systems

Cyber Power

Cyber Range and Training Environment (CRATE)

Cyber Risk

Cyber Risk Management

Cyber Risk Mitigation

Cyber Sanctions

Cyber Security

Cyber Security Challenge

Cyber Security Controls

Cyber Security Costs

Cyber Security Sensors

Cyber Security Theory

Cyber Situational Awareness

Cyber Situational Awareness (CSA)

Cyber Sophistication

Cyber Stability

Cyber Terrorism

Cyber Threat Intelligence

Cyber Threat Intelligence (CTINT)

Cyber Threats

Cyber War

Cyber Warfare

Cyber Warfare Impact

Cyber Warfare Threat

Cyber Weapon

Cyber Weapons

Cyber Workforce

Cyber-attack

Cyber-attack Pathways

Cyber-Ecosystem

Cyber-kill Chain

Cyber-operations

Cyber-Physical

Cyber-Physical Security

Cyber-Physical System (CPS)

Cyber-Physical Systems

Cyber-Power

Cyber-Security

Cyber-security Design

Cyber-threat Intelligence

Cyberattack

Cyberattacks

Cyberconflict

Cybercrime

Cybercrime as a Service (CaaS)

Cybercrime economy

Cybercrime strategy

Cybercrimes

Cyberphobia

Cybersecurity

Cybersecurity Awareness

Cybersecurity Framework (CSF)

Cybersecurity Maturity Model Certification

Cybersecurity Norms

Cybersecurity Skills

Cyberspace

Cyberspace Governance

Cyberspace Operations

Cyberspace Operations Planning

Cyberterrorism

Cyberwar

Cyberwarfare

Cyborg

D

Dark Triad

Dark Web

Dark Web Markets

Darknet

Data

Data Analysis

Data Enrichment

Data Exfiltration

Data Gathering

Data Hiding

Data Localisation Laws

Data Loss

Data Mining

Data Privacy

Data Retrieval

Data Security

Data Tagging

Data-Set Generation

Database

Dataset

DBSy

DDoS

Deception

Decision

Decision Making

Decision Support

Decision Theory

Decision Trees

Decision Trees (DTs)

Decision-Making

Decision-Making Processes

Decoy Systems

Deep Web

Deepfake

Deepfakes

Defence

Defence Acquisition

Defence Mechanisms

Defense

Defense-in- Depth

Defense-in-Depth Limitations

Defensible Systems

Defensive Cyber Operations

Defensive Cyber Operations (DCO)

Defensive Information Operations

Definition

Denial

Denial and Deception

Denial of Service

Denial of Service Attack

Department of Defense

Dependency

Design

Design Science Research

Designed-In Assurance Features

Destabilization

Detect (D)

Detecting Junk Mail

Deterrence

Deterrence Implementation

Deterrence Theories

Device Fingerprinting

Diamond Model of Intrusion Analysis

Digital Borders

Digital Cooperation

Digital Evidence

Digital Forensics

Digital Identity

Digital investigation

Digital Investigations

Digital Isolation

Digital Rights Management

Digital Sovereignty

Digital Warfare

DIME

DIME-FIL

Diplomacy

Disaster Management

Discourse Analysis

Discrimination

Disinformation

Disrupting Botnet

Disruption Tolerant

Distorted news/information

Distributed Authority

Distributed Denial of Service (DDoS)

Diversity

DMMI Matrix Cube

DNS

DNSSEC

Doctrine

Documentary Film

DoD

DoDI 8510.01

Domains

Domestic Information Intelligence Operations

DoS

DOTMLPF II

Drone

Drones

Dual Technologies

Dutch Defence Cyber Command (DCC)

Dynamic Defence

Dynamic Hybrid Fault Models

Dynamic Policy

Dynamic Security Policy

E

E-CRIME Project

E-EWS

E-mail

E-mail Filtering

E-mail Headers

Early Warning

East Timor

Eavesdropping

Echo Chambers

Ecologically Valid

Economic Action

Economic Considerations

Economic Dominance

Economic Information Warfare (EIW)

Economic Sanctions

Editoral

Editorial

Education

Educational Resources

Effects Analysis

Effects-Based Operations

Effects-Centric

Effects–Based Operations

Electro Magnetic Spectrum (EMS)

Electromagnetic

Electronic Control Unit (ECU)

Electronic Health Records (EHR)

Electronic Warfare

Electronic Warfare (EW)

Elimination Cost

Embedded Device

Embedded Systems

Emergency Management (EM)

Emergency Management Intelligence (EMINT)

Emergency Response

Emerging and Disruptive Technologies

Emotion

Employment

Encryption

Energy Sector

Enterprise

Epidemiology

Erratic Attacks

Escalation

Espionage

Ethics

Ethnography

Ethnonationalism

Europe

European Theatre of Operations

Event Correlation

Event Logs

Event-Driven Systems

Evidence

Evidence Collection

Evolutionary Game Theory

Exercise

Experience-Based

ExperientialLearning

Experiments

Exploitation

Exploits

Export Control

Extended Evolutionary Game Theory

External Component

Extremist Organization

e

eBay

F

Facebook

Fake News

Fake Personas

False Information

False-Positive Alerts

Fatigue

Fault Tolerance

Fear Appeal

Federal Program Response

Federal Security Service

Field Programmable Gate Array (FPGA)

FIMI

Finland

Firmware

First Principles

First Nations Australians

FISHBOWL Pilot

Fit For Purpose Security

Five-Dimensional Operations

Fog of War

Force Readiness

Forced-Latency

Foreign Information Manipulation and Interference

Foreign Policy

Forensic Analysis

Forensic Case Management

Forensic Computing

Forensic Discovery

Forensic Report Referencing

Forensics

Foresight

Formal Methods

Fortified Cyber Defence

Fourth Industrial Revolution

Frames

Framework

Fraud

Frustration

Functional Resilience

Functional Resonance

Funding

Future

Future of Cyber

Future Terror

Futures Tables

G

Game Theory

Gamification

Gaming

General Morphological Analysis

Geneva Conventions

Global Governance

Global Performance Metric

Global Times

Globalism

Globalization

Google

GOTS

Governance

Government

Graphic Design

Graphical Passwords

Grey Zone Conflict

GRLVQI

Grounded Theory

Group Dynamics

H

Hacker

Hackers

Hacking

Hacktivism

Hamas

Handicap Principle

Hardware

Hardware Verification

HAVARO

HAVEX

Hawala

Hawaladar

Health

Healthcare Institutions

HealthConnect

HERF

Heuristic Processing

Hezbollah

Hiding

Higher education

Highly Perishable Information

Historical Archives

Hofstede

Home Battlefield

Homeland Security

Homophily

Honeyd Honeynet

Honeynet

Honeypot

Host Discovery

HTTP

HTTP Flood

Human Behaviour

Human Component

Human Factors

Human Introduced Cyber Vulnerabilities (HICV)

Human Performance Variability

Human Rights

Human Subjects

Humanisation

Hunting

Hybrid

Hybrid Dynamics

Hybrid Rhizome

Hybrid Threat

Hybrid Threats

Hybrid War

Hybrid Warfare

Hypergame Theory

I

IA

IC ITE

ICMP Ping Flood

ICS

ICS Security

ICT Product Integrity

Identification Based Access Control

Identifying Spam

Identity Theft

IDESG

IMSI-Catcher

Incident

Incident Command System (ICS)

Incident Response

Incident Response Assistance

Index

India

Indigenous Australians

Industrial

Industrial Control Systems

Industrial Control Systems (ICS)

Industrial Internet of Things (IIoT)

Infection

Infiltration

Influence

Influence Operations

Influence Operations (IO)

Influence Warfare

Influenceoperations

Influencers

Infodemic

Informal Value Transfer

Informatic Environment

Information

Information Warfare

Information Activities

Information and Communication Technologies

Information Assets

Information Assurance

Information Attack Model

Information Burglary

Information Campaigns

Information Domain

Information Dominance

Information Effects

Information Environment

Information Flow

Information Fusion

Information Influence

Information Influence Operations

Information Infrastructure Warfare

Information Leakage

Information Management

Information Management (IM)

Information Op- erations

Information Op-erations

Information Operations

Information Operations (IO)

Information Overload

Information Privacy

Information Related Capabilities (IRCs)

Information Retrieval

Information Security

Information Security Controls

Information Security Practice Principles

Information Security Strategy

Information Sharing

Information Space Governance

Information Sphere

Information Superiority

Information Systems

Information Systems Security

Information Terrorism

Information Theory

Information Visualization

Information War

Information Warfare

Information Warfare (IW)

Information Warfare Commander (IWC)

Information Warfare Training

Information Warfighting Function (IWfF)

Informational Warfare Operations

Informatised War

Infosec Economy

Infosphere

InfowarCon

Innocence of Muslims

Insider Threat

Inteference Operations

Integrated Team Trainer

Integrity

Intelligence

Intelligence and Cyber

Intelligence Assessment

Intelligence Community

Intelligence Community (IC)

Intelligence Disclosures

Intelligence Gathering

Intelligence Practice

Intelligence Reform

Intelligent Agent

Intent Estimation

Inter-Media Agenda Setting

Interference

International Criminal Law

International Cyber-Order

International Ethics

International Humanitarian Law

International Humanitarian Law (IHL)

International Law

International Laws and Treaties

International Relations

Internationalization

Internet

Internet Research Agency

Internet Background Radiation

Internet Fragmentation

Internet Freedom

Internet Key Exchange

Internet of Things

Internet of Things (IoT)

Internet Protocols

Internet Referral Unit

Internet Security

Internet Sovereignty

Internet Surveillance

Interoperability

Interposing Tactics

Intervention

Intifada

Intrusion

Intrusion Detection

Intrusion Detection (ID)

Intrusion Detection Systems (IDSs)

Intrusion Prevention

IO Standards

IPSec Security

IPSec Tunnel

Irregular Warfare

Islamic

Islamic Banking

Islamist Militant

ISO 27001

Israel

Israel Defence Forces

Israel Defense Forces

Israeli Defense Forces

Issue 14.3

Iterative Analysis of Competing Hypotheses

i

ipv6

J

Japan

JIE

John Boyd

Journey Mapping

Junk News

Jus Post Bellum

Just War

K

Katakri

Kerberos

Key Leader Engagement (KLE)

Key Leader Enhancement (KLEN)

Key Management

Key Terrain

Kill Chain

Kinetic Harm

Kinetic Operations

Knowledge

Knowledge and Action Gap

Knowledge Engineering

Knowledge Items

Knowledge Management

Kosovo

L

Language of War

Law Enforcement

Law Enforcement Investigation

Law of Armed Conflict

Lawfare

Leaders

Learning by Research and Development

Learning environment

Legal Admissibility

Legal Compliance

Legislation

Lethal Autonomous Weapons (LAWs)

Levels and Categories

Libya

Literature

Lithuania

Live Virtual Constructive Training

Lone Actor

Lone Gunmen

Lone Operator

Lone Wolf

Low-Energy Encryption

Low-Intensity Conflict

Low-Rate DoS Attack

LSB

M

Machine Learning

Malicious Software

Malinformation

Malware

Malware Analysis

Malware Collection

Malware Taxonomy

Man-in-the-Middle

Manageability

Management

MANET

MARISA project

Maritime Incidents

Maritime Information Warfare

Maritime Security

Maritime Surveillance

Market Segmentation

Maskirovka

Mass Media

MDA/ML

Measures

Meat Puppets

Media Relations

Medical informatics

Meme

Mental Models

Message Fabric

Message Flow

Messy War

Metadata

Metanarrative

Methodology

METOC

Metrics

Microsimulation

Militant Groups

Military

Military Affairs

Military Approaches

Military Cadets

Military Deception

Military Energy Security

Military Exercises

Military Innovation

Military Leadership

Military Operations

Military Systems

Misinformation

Misinformation Diffusion

Misinformation Propagation

Misinformation/Disinformation

Misperception

Mission Assurance

Mission Awareness

Mission Essential Functions

Mission Mapping

Mission Modeling

Mission Modelling

Mission Threads

Misuse

Misuse Detection

Mobile

Mobile Commerce

Mobile Computing

Mobile Device

Mobile Malware

Mobile Phones

Mobile Security

Mobility Innovation Center

Model

Model Checking

Modelling

Modelling and Simulation

Modelling Complex Problems

Modelling of IT Security

Modern Conflict

Modern Warfare

Modern-Day Warfare

Money Laundering

Motivation

Motivations

Moving Target

Moving Target Defence Contexts

Multi Capability Development Campaign (MCDC)

Multi Objective

Multi- stakeholderism

Multi-agent Simulations

Multi-Domain Operations

Multidisciplinarity

Multidisciplinary Research

Multilateralism

Music

Mutual Legal Assistance Treaties

MWCollect Daemon

N

Narrative Networks

Narrative Paradigm Theory

Narrative Warfare

Narratives

Narratology

National

National Security Policy

National Critical Infrastructure and Key Assets (NCI/KA)

National Critical Infrastructures

National Cyber Security

National Cyber Security Centres

National Cyber Security Strategy

National Cyber Strategy

National Institute of Standards and Technology

National Instruments of Power

National Intelligence

National Security

National Security Policy

National Security South Africa

National Segment of the Internet

NATO

NATO Cyber Defence Concept

NATO Strategic Concept 2010

Near-real-time

NEC

Net Discourse; Diaspora Communities

Net-enabled Warfare

NetFlow

Network

Network Analysis

Network Attack

Network Canning

Network Centric Operations

Network Centric Warfare

Network Complexity

Network Covert Channels

Network Defense

Network Emulator

Network Intrusion Detection

Network Resilience

Network Risk

Network Security

Network Security Operations

Network Sensors

Network Telescope

Network Warfare

Networks

Neural Networks

Neutralisation

Neutrality

Neutralize

New Media

New Strategic Concept of NATO

News

Next Generation Networking

Next-Generations Threats

NIAP

NIATEC

NIST

NIST 800-53 IR-7

NMAP Fingerprinting

Non Government Organisations

Non-Conventional Warfare

Non-kinetic Effects (NKE)

Non-kinetic Warfare

Non-State Actors

Norms

North Atlantic Treaty Organization (NATO)

North Korea

NSA

NSA Mobility Program

NSD-42

NSS

NSTIC

O

Occult

ODNI

Off-shoring

Offense

Offensive Cyber Capabilities

Offensive Cyber Operations

Offensive Cybersecurity

Offensive Cyberspace Operations

Omissive Behaviours

ONG

Onion Router

Online Activism

Online Communities

Online Databases

Online Fraud

Online Security Awareness

Ontological Indexing

Ontology

OODA

OODA Loop

OPC UA

Open (non-proprietary) Standards

Open Source

Open Source Intelligence

OpenFlow

OpenStack

Operating Systems

Operation Analysis

Operation Design

Operation Glowing Symphony

Operational Design

Operational Assurance

Operational Design

Operational Technology

Operational Technology (OT)

Operations Research

Operations Security

Opinion Paper

Optimal Sensor Placement

Optimized Fleet Response Plan (OFRP)

Organization

Organization Development

Organizational Bias

Outrage

Outsourcing

OWL

P

Pakistan

Paramilitary Action

Passive Sensor

Password Recovery

Pathological Politics

Payload

Paypal

PDA

Pearl Harbor

Penetration Testing

Perception

Perception Errors

Perception Management

Perception Management Operations

Perceptions

Persistent Cyber Attack

Persistent Engagement

Personal Information

Personality

Persuasion

Persuasion Resistance

Phase 0

Phishing

Phishing Tactics

Photography

Physical Layer

Physical Layer Security

Physical Security

Physical-Layer (PHY) Discrimination

Physically Unclonable Functions

Planning

Plausible Deniability

Plug & Trust

PMESII

Policies

Policy

Policy Analysis

Political Action

Political Engineering

Political Orientation

Political Patriotic and Revenge (PPR) Defacements

Political Warfare

Popaganda

Position Paper

Power

Power Line Communication (PLC)

Practical Security

Preliminary Threat Assessment

Prevent (P)

Principles of War

Prioritization

PRISM

Privacy

Privacy by Design

Privacy Enhancement Technology.

Privacy Harm

Private Information Retrieval

Private Sector

Privatised Spy Shops

Proactive Cyber Defence

Professionalism

Profile

Programmable Logic Controller

Programmable Logic Controllers

Programming

Proliferation

Propaganda

Propaganda/public diplomacy

Proselytizer

Protect

Protection

Protection Motivation Theory (PMT)

Protection Profiles

Protection Tree

Protocol Analysis

Psychological Operations

Psychological Warfare

Public Diplomacy

Public Key Cryptography

Public Relations

Public Sector

Public-Private Partnerships

Q

Qiao Liang

Qualitative Analysis

Quantitative Assessment

Question-Focused Data Sets

Queuing Theory

R

Random Forest

Ransomware

Rating Systems

Receiver Effects

Recognized Information Picture

Recover (R)

Recovered Data

Red Team

Reflexive Control

Registered

Registration

Relationship

Reliability

Religious Content

Remailer

Remittance

Remote Authentication

Remote Operations

Renewed Security Concept

Repair

Reparations

Replication

Repunit

Reputation Systems

Requirements Engineering

Research

Research Ethics

Research Methods

Resilience

Resiliency

Resource Exhaustion

Respond (R)

Response

Retaliation

Reverse Engineering

Revil

Revolution in Military Affairs

RF-DNA Fingerprinting

Rhino Poaching

Rhizome

Risk

Risk Analysis

Risk Assessment

Risk Assessments

Risk Definition

Risk Management

Risk Management Framework

Risk Management; Reliability

Risk Ontology

Risk Perception

RMF

Robots

Rotation

Rotational Assignments

Rule of Law

Rules of War

RuNet

Rural

Rural Areas

Ruses

Russia

Russian Federation

Russo-Ukraine Conflict

S

Sabis

Sabotage

Sambre

Satellite

SCADA

Scenarios

Science Fiction

Scifi

Scope of Spread

Scripted Agent

Search Engine; South Africa

Second Gulf War

Secret Key Generation

Secret Key Generation; Authentication

Secret Sharing Scheme

Secure Content Delivery

Secure Mobility

Secure Portable Application Device

Securitization

Security

Security Training and Certification

Security and Privacy

Security and Protection

Security and Risk

Security Assessment

Security Audit

Security Audit Criteria

Security Automation

Security Awareness

Security Community

Security Controls

Security Countermeasures

Security Criteria

Security Education

Security Incident

Security Model

Security Operating Centre

Security Posture

Security RequirementEengineering

Security Requirements

Security Risk Assessment

Security Risk Assessments

Security Risk Management

Security Threat Analysis

Self-deception

SELinux

Semantic Annotation

Semantic Web Technology

Sense-Making

Sensing

Sensitive Data

Sensor

Sensor Deployment

Sentiment Analysis

Serious Gaming

Shaping

Shared Credentials

Shared Situational Awareness

Sharp Power

Shipping

Shipping Regulations

Side-Channel Attack

Side-channel Attacks

Signaling Theory

Signature

Simulation

Simulation Experiment

Simulcasting PLC Network

Situation Picture

Situational Awareness

Skills

Slacktivism

Slovenia

Small and Medium Business (SMB)

Small Business

Small Business Cybersecurity

Small Message-Space Attack

Smart Grid

SOA

Social Cognition

Social Cognitive Theory

Social Contract

Social Control

Social Determiniates of Health as a National Security Risk

Social Engineering

Social Media

Social Networking

Social Networking Sites

Social Networks

Society

Socio-political

Sock Puppets

Soft Power

Software

Software as a Weapon

Software Defined Networking (SDN)

Software DefinedNetworking

Software DefinedNetworking (SDN)

Software ID Tags

Software Reliability

Software-Defined Networking

Software-Defined Networks (SDN)

Soldiers

Source

South Africa

South Korea

Sovereign Citizen

Sovereignty

Soviet Union

Space Security

Space Systems

Space Weapon

Spam

Spear Phishing

Spectrum Management

SPIN

Spying

Spyware

SQL-Injection

Stackelberg Game

Stakeholder

Standard

Standards

Starlink

State

State Media

State Sovereignty

States

Steganalysis

Steganography

Storyweb

Strategic Communication (SC)

Strategic Communications

Strategic Culture

Strategic Cyberspace Analyses

Strategic Deterrence

Strategic Disconnect

Strategic Dominance

Strategic Information Warfare

Strategic Narrative

Strategic Reports and Recommendations for Cyber Security

Strategic Security Management

Strategic Stability

Strategic Theory

Strategy

Stress

Stuxnet

Subversion

Suggestions

Suicide Drones

Superiority

Supervisory Control and Data Acquisition (SCADA)

Surface Web

Surprise Attacks

Surveillance

Survivability

Suspicion

Sustainability

Swarming

SWID

Sybil Accounts

Symbolism

Synchronization

Synthetic Media

Synthetic Moving Images

System Boundaries

System Design

System Dynamism

System on a Chip (SoC)

Systems

Systems Complexity

Systems Theory

T

Tactics

Taiwan

Taliban

Tallinn Manual

Tallinn Manuals

Tanzania

Target Audience

Targeting Civilians

Taxonomy

Teaching

TECHINT

Technocracy

Technology

Technology Communities

Technology Policy

Temporal Logic

Terror Mobilization

Terrorism

Text Categorization

Text Mining

The Internet

Theory

Theory of Alliances

Think Tanks

Thought Diversity

Threat

Threat Actors

Threat Assessment

Threat Intelligence

Threat Landscape

Threat Mitigation

Threat Perception

Threat Susceptibility Assessment (TSA)

Threats

Three Warfares Strategy

Time-Based Security

Tire Pressure Monitoring Systems

Topic Modelling

TOR

Traffic Analysis

Trafficking

Training

Transdisciplinary View

Transfer of Research

Transformation

Transitive Access

Transnational Cybersecurity

Transparent Authentication

Transport Infrastructure

Transportation Systems

Trend Scouting

Tribute

Trolling

Trolls

Trust

Trust Factors

Trusted Computing

Twitter

t

the Sir Philip Sidney Game (SPS)

U

U.S. DoD Strategy for Operating in Cyberspace

U.S. International Strategy for Cyberspace

UAV

UBE

Ubiquitous Identity Management

Ubiquitous Security

UDP Flood

Ukraine

Ukraine War

Ukraine-Russia Conflict

Uncertainty

United States

Unrest

Unsolicited Bulk E-mail

US-China Relations

USA Really

Use of Force

Use-Case Approach

User Authentication

User-Centered Design

Using Popular Movements to Identify Isolated Populations in Target Countries

V

ValidatingIntroductionModels

Value Framing

Values

Verification

Victimization Narrative

Victims

Videos

Violent Extremist Organisations (VEOs)

Virtual Machine

Virtual Non-State Actors

Virtualization

Viruses

Visual Analytics

Visualisation

Volunteer Cyber Army

Voter Rolls

VPN

Vulnerabilities

Vulnerability Analysis

Vulnerability Assessment and Penetration Testing

Vulnerability Discovery

Vulnerability Management

Vulnerability Scanning

Vulnerable Services

W

Wang Xiangsui

War

War Crimes

War Games

War Gaming

War on Terror

Warfare

Wargaming

Warranting Theory

Wassenaar Arrangement

Weaponised Malware

Weaponization of Everything

Weaponization of Smart Systems

Web Design

Web Development

Web Security

Web Services

Web site Assessment

Web Tracking

Website

Weighted Average Masking Time (WAMT)

Western Union

Whole-of-Government Approach

Wicked Messy Problems

Wicked Problems

Wikileaks

Wired Signal

Wired Signal Distinct Native Attribute (WS-DNA)

Wireless Intrusion Detection

Wireless Network Security

Wireless Security

Wireless TCP/IP Fingerprinting

Wireless Technology

Worm

WPA2

ZigBee

Zombie

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Latest

Volume 23, Issue 1 Editorial

March 27, 2024

‘No-one Likes a Cry-Baby’: The Effectiveness of Victimization Narratives in External Information Operations

March 27, 2024

Aspectual Human Performance Variability in Social Engineering Attacks

March 27, 2024

Get in touch

Registered Agent and Mailing Address

Journal of Information Warfare
ArmisteadTEC
Dr Leigh Armistead, President
1624 Wakefield Drive
Virginia Beach, VA 23455

757.510.4574

JIW@ArmisteadTec.com

Search form