Big Data

A Systemic View of Surprise Attacks: Why It Matters


This paper examines the concept of a Surprise Attack from a systemic perspective. It looks at the approaches that can be assumed about the system when using intelligence methods to explore the environment of the system at hand. Assuming all system models are a creation of humans who often try to ascertain is that they are real, it is important that the implied complexity in terms of the system’s elements and the relationships between them are considered. The amount of reliability in the concepts that make up the system model as well as the desired outputs are also important. The boundary of the system showing the element in the system and those that are outside are also critical. A caveat is introduced to show that reality is chaos and probably no boundary around physical and conceptual system entities will truly capture everything that is relevant, so will ultimately fail in terms of surprises. The argument continues with the examination of the Known/Unknown elements within an intelligence problem, further confounding the elimination of surprise in the system. A final point adding to the production of the intelligence product is Cognitive Rigidity. Here, the use of imagination rather than just deduction of established facts and cognitive assumptions could better prepare an organization for a surprise attack.

A Social Contract for Cyberspace


A social contract is about the rights and responsibilities among the members of the society on one hand and the state and government on the other. Cyberspace, by serving as a unique global platform for the connection and communication of its billions of users, creates its own social structure and thereby forms a new regulatory ecosystem. The societal reform that is facilitated by cyberspace challenges the traditional understanding of rights and responsibilities that shape social contract theory. The disinformation campaigns, the spread of hate speech, and the emergence of systemic algorithmic discrimination are examples that illustrate the need for new rules and social agreements between all stakeholders. 

Big Data, Big Security, and Privacy Risks: Bridging Employee Knowledge and Actions Gap


The era of big data comes with critical security and privacy risks. As a counter, technical preventative measures are being deployed but are overlooking human weaknesses. Naïve employees may debilitate the technological security barriers. Employee awareness and education is mandatory to cultivate secure actions. However, literature highlights a gap between knowledge and actions.

Testing the Importance of Information Control: How Does Russia React When Pressured in the Information Environment?


Applying big data and sentiment analysis to TASS reporting and 15 years of Russian Foreign Ministry documents, this paper tests the importance Moscow places on information control. By comparing the Russian government’s responses to four categories of foreign policy tools— diplomatic, information, military, and economic (the DIME construct)—this research finds that Russia reacts far more negatively to information tools than to military, diplomatic, or economic tools. 

Development of a Cyber-Threat Intelligence-Sharing Model from Big Data Sources


As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber-threat intelligence-sharing model.

How IAD Leverages Big Data for Anomaly and Malware Detection (v10.2)


Malware is growing increasingly sophisticated. Threats are becoming more targeted and moving to places where existing defenses have limited visibility. Proactively addressing these threats means leveraging insights gained from Big Data and the fusion of multiple sources of information. Operational Fusion and Analysis, OFA, an organization within the National Security Agency’s Information Assurance Directorate utilizes Big Data to provide battlespace awareness and critical intelligence on the attack lifecycles of intrusions to decision makers and network defenders. This is accomplished by performing qualitative and quantitative analysis, summarization, fusion, and trending of data across multiple networks, customers, and domains. The more insight the OFA gains into a network or series of networks, the more easily abnormal activity can be identified.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.















Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455