Cyber Security

Adversarial Artificial Intelligence: State of the Malpractice


ArtificialIntelligence (AI), widely deployed in society, is rapidly becoming the next major battleground. Our society depends on the power of AI to solve problems in multiple domains—including commercial, infrastructural, and military systems. But AI is also vulnerable to a variety of attacks, some of which are common across many types and deployments of AI.

Towards a Literature Review on Cyber Counterintelligence


For those connecting the dots, the threat landscape continues to affirm the necessity of having Cyber Counterintelligence (CCI) at the centre of cybersecurity efforts. Concurrent with the growing interest in CCI in corporate boardrooms and the corridors of governments, CCI is evolving from a field of academic enquiry to a distinctive academic sub-discipline. 

Developing a Cyber Operations Computational Ontology


Cyber operations lack models, methodologies, and mechanisms to describe relevant data and knowledge. This problem is directly reflected when cyber operations are conducted, and their effects assessed, and it can produce dissonance and disturbance in corresponding decision-making processes and communication between different military actors.

Best Practices for Designing and Conducting Cyber-Physical-System War Games


Cyber war games have been shown to be useful for a broad range of purposes. The authors describe and compare  methods for  designing  realistic war games  in  the  domain of Cyber Physical Systems (CPS), review general methods for conducting war games, and illustrate best practices to assist researchers and practitioners in planning their own war games. 

Projected Territoriality: A Case Study of the Infrastructure of Russian Digital Borders


This  article  attempts  to  demonstrate  how  territoriality  can  be  projected  into cyberspace with respect to the infrastructure of a country. It is a case study of the delineation, protection, and control processes of Russia’s so-called digital borders. By combining analysis of border studies, information technology studies, and Russian studies, this article provides an interdisciplinary overview of the infrastructure of the Russian segment of the Internet and examines the principles and practises behind the Russian implementation of the concept of a national  segment  of  the Internet as an infrastructural element of delineating digital borders and achieving a functional digital sovereignty.

Towards a Reconceptualisation of Cyber Risk: An Empirical and Ontological Study


The prominence and use of the concept of cyber risk has been rising in recent years. This paper presents empirical investigations focused on two important and distinct groups within the broad community of cyber-defence professionals and researchers: (1) cyber practitioners and (2) developers of cyber ontologies.

Uncertain Security Community: Building Western Cyber-Security Order


Leading NATO countries (such as the United States, the United Kingdom, Germany, and France) are rather like-minded when it comes to cyber-threat assessments and cyber-security policy priorities. They share common security values and norms and identify common cyber threats. In this regard, they can be identified as members of the same security community. However, when it comes to strategies for building cyber security, there is disparity among them.

Cyber Apprenticeship: A Traditional Solution to a Vexing New Problem


This paper proposes a new approach to a relatively new and often vexing problem facing many businesses today: meeting the growing demands for a trained and certified cyber-security workforce. The proposed approach uses the traditional apprenticeship model, combined with the targeting of rural candidates as a mechanism to develop a greater loyalty to any firm making the investment.

Cyber Security in the Context of Armenia-NATO Cooperation


NATO is one of the main actors in the development and modernisation of the national security architecture of Armenia. One of the main research goals of the authors is to understand the qualitative and quantitative framework of Armenia-NATO cooperation. From this perspective, the authors of this article analyse cyber-security cooperation between Armenia and NATO based on DOTMLPF II components.

Preparation, Modelling, and Visualisation of Cyber Common Operating Pictures for National Cyber Security Centres


Common Operating Pictures (COPs) have long been a common denominator of effective cyber defence operations (for example, in law enforcement and the military). COPs are widely used to represent, visualise, and assess situations. In recent years, Cyber COPs (CCOPs) have become important in establishing cyber situational awareness. 

Should ‘RuNet 2020’ Be Taken Seriously? Contradictory Views about Cyber Security Between Russia and the West


Russia aims to create an independent state information system that ensures the network’s overall stability by controlling the Internet routing architecture inside Russia. A tightly regulated and secure ‘information space’ will not only ensure stronger defence against external attacks, but also increase offensive capabilities.

An Open-Source Tool to Support the Quantitative Assessment of Cyber Security for Software Intensive System Acquisition


This paper presents an open-source tool to support the quantitative assessment of software reliability and cyber security. The tool enables assessment of a system’s security from penetration-testing data and can be used to estimate the number of vulnerabilities remaining. This approach will enable organisations that acquire software to establish quantitative requirements for inclusion in contracts, thereby providing clear requirements for software and system developers to meet. The tool will enable contractors to regularly assess the security of their software, which will facilitate the identification and reporting of programs that may fail to achieve contractually specified security objectives.

Managing Cybercrimes through the Implementation of Security Measures


Today’s global environment has seen tremendous growth in the number of online transactions and Internet subscribers. This increase is creating a situation in which businesses are now largely dependent on information systems and their inherent technologies. The increase, however, is also causing a rise in the volume and extent of cybercrimes and security lapses.

Security-Information Flow in the South African Public Sector


Information-security management programs are becoming increasingly important in enabling organisations to promote a high level of accountability and good governance. Organisations need accurate and relevant real-time information to make effective and efficient decisions pertaining to cyber threats and attacks. Based on a qualitative study, this article introduces and discusses the components of an information-security management program.

The Role of the U.S. Military in Cyberspace


As the United States has grown dependent on cyberspace, the U.S. military has come to have an increasingly important role to play in protecting U.S. national interests in the cyber domain. In addition to operating and defending its own cyberspace resources and supporting other military missions, the U.S. military must now be prepared to defend the country as a whole. These missions require the military to innovate and to collaborate effectively with a whole host of international, governmental, and private sector actors.

A Century of Convergence: Technology, Ideology, and U.S. National Security


‘Convergence’ is a term typically used to denote the conflation of several technologies. In a larger sense, convergence can signify the blending of technology, law, policy, doctrine, and capability in ways that boost knowledge and power for those who compel or defend states. The world has become globalized in the sense that virtually anyone, anywhere, can be targeted. These awesome powers of surveillance and force are still growing, but their oversight lags far behind. Ironically, efforts to limit surveillance have helped to spur the overall growth of surveillance capabilities, in part to answer the growing demand for intelligence for precision targeting. Understanding the origins and current breadth of that gap is key to resolving it.

Cybersecurity and Global Governance


To understand better the challenges of developing a unified system of global cyber governance, a comparative analysis of national cybersecurity strategy and frameworks in 10 countries and the European Union from diverse regions in both the developed and developing world was conducted. Based on empirical research and an analysis of national and international cybersecurity strategies and policies, this paper explores the challenges and benefits of establishing a global legal and policy framework for cyber activity that advances the goals of national intelligence and technological innovation, while enhancing confidence and improving legal certainty in the global electronic marketplace.

A Human-Centric Approach to Cybersecurity: Securing the Human in the Era of Cyberphobia


Cybersecurity relates to the threats posed to a nation’s critical infrastructure, but should not be limited to the traditional concept of national security. The militarization of the cybersecurity discourse has produced a security dilemma, which is not sufficiently addressing the needs of people. This article highlights this shortcoming and views cybersecurity through a human-centric perspective. The challenge ahead is to establish a governance regime for cyberspace that successfully addresses human rights norms.

A Case Study in the Security of Network-enabled Devices


It is becoming increasingly common for appliances and other electronic devices to be network-enabled for usability and automation purposes. There have been fears that malicious users can control such devices remotely. Since the installation base of such network-enabled household devices is still relatively small, we examine the types of vulnerabilities that another such appliance has, the network-enabled printer, which is commonly found in the education and business sector. In this paper we analyze the source of the vulnerabilities and present detailed threat scenarios. In addition, we examine four organizations in Australia and Europe. Based on the results of the case study, we draw conclusions on the effects of an information warfare attack using network-enabled devices as the medium.

If You Go Down to the Internet Today – Deceptive Honeypots


This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools have a place in modern network defense architecture.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.










Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
  • 757.871.3949