Cyber Defense

Innovating the Prioritization of Cyber Defense


The U.S. Department of Defense (DoD) faces a monumental undertaking in protecting the infrastructure that underpins the entirety of its operations: It must identify and prioritize key terrain  to  dynamically  defend.  This  paper  will  examine  the  criteria  to  identify  critical information systems and infrastructure, will review the process to identify key terrain in cyberspace, and will offer a recommendation on how to more effectively prioritize network defender operations using data analytics.

The Search for Cyber Fundamentals


The precise rendering of how security is achieved in cyberspace has yet to be pulled together; and, despite the most recent publications of U.S. policy, there is still no settled answer to the core question of what organizing principles should drive military cyber operations strategy. This essay posits that cyberspace is a realm of activity in which new security dynamics are at work due to the revolutionary character of digital technology. The essay introduces six defining conditions that relate to military cyber operations leading to the organizing principle that cyberspace is an offense-persistent strategic environment.

If You Go Down to the Internet Today – Deceptive Honeypots


This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools have a place in modern network defense architecture.

Denial of Service and Protection of Critical Infrastructure


Denial of service attacks generate massive volumes of illegitimate traffic and utilize system resources in a way that renders the system inoperable, thus denying access to authorised personnel. Denial of service attacks can be projected against systems controlling critical information infrastructure and have the potential to be an effective weapon in cyberwarfare. This paper explains the concept of a denial of service attack, discusses the different methods of achieving denial of service and looks at the impact this type of attack may have on critical infrastructure. Although there are no fail-safe ways to protect against denial of service attacks, several means of minimising damage to information systems are discussed.

PrEP: A Framework for Malware & Cyber Weapons


The contemporary debate over cybersecurity rests on a set of linguistic artifacts that date from the Cold War. Attempting to glean a starting point for debate over use of terms such as ‘cyber attack’ or ‘cyber war’ is difficult, largely because there is little agreement on what constitutes a weapon in cyberspace. This paper proposes a new framework to classify malware and cyber weapons based on the different pieces of malicious code that constitute them, then evaluates competing definitions of cyber weapons, and concludes with implications for this approach.

Intelligence Preparation of the Cyber Environment (IPCE): Finding the High Ground in Cyberspace


The tools typically used in the planning phase of cyber defence provide only limited guidance for operational decision making. To overcome these shortcomings, the authors propose a more comprehensive and deliberate process of intelligence planning: the Intelligence Preparation of the Cyber Environment (IPCE), an adaptation of Intelligence Preparation of the Battlefield. This paper highlights how concepts used in IPB correspond to concepts in cyber security—in particular, the authors describe how ‘weather’ and ‘terrain’ map onto the concepts of ‘user’, ‘traffic’, and ‘network environment’. Finally, the methodology is demonstrated with a case study to illustrate how systems have widely different ‘environmental’ features.

The Future of Cyber Operations and Defense


National and economic security of most nations have become dependent on cyberspace. Protection of cyberspace will depend, in part, on successful cyber operations. Cyberspace is the domain in which these operations take place, and it is evolving rapidly, through increased use of virtualization and cloud services, ubiquitous mobility, and the integration of cyber systems into the physical world. To be successful in this future environment, cyber operations will need to be supported by more defensible systems, to be informed by a greater understanding of system state and threat actors, and to be more adaptive.

Towards the Establishment of an African Cyber-Army


Cybersecurity has become a critical element of the national security of countries. A cyber-army is a group of soldiers highly skilled in information technology with cyber skills. Cyber-armies are the unseen military cyber power which countries should employ to maintain national cybersecurity. A cyber-army has the ability to launch cyberattacks and collect information in order to gain a strategic military advantage. In this paper, selected cyber-armies are compared. The focus is on the establishment of an African Cyber-Army to defend and protect cyber sovereignty. An African Cyber-Army has to serve nations whose citizens often have low levels of cybersecurity awareness in conjunction with rapidly growing rates of access to cyberspace.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.















Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455