A Basic Set of Mental Models for Understanding and Dealing with the CyberSecurity Challenges of Today


For most people, cybersecurity is a difficult notion to grasp. Traditionally, cybersecurity has been considered a technical challenge, and still many specialists understand it as information security, with the notions of confidentiality, integrity, and availability as its foundation. Although many have searched for different and broader perspectives, the complexity and ambiguity of the notion still thwarts a common understanding. While the author was developing and executing a MSc cybersecurity program for professionals with a wide variety of backgrounds and widely differing views on cybersecurity, the lack of a common understanding of cybersecurity was clearly evident. Based on these observations, the author began seeking and defining a new, transdisciplinary conceptualization of cybersecurity that can be widely agreed upon. It resulted in the publication of three scientific papers. This paper is an amalgam of the contents of the three supplemented with some extensions. It turned out that the previously introduced description of two key notions, cyberspace and cybersecurity, is still an adequate starting point. Described here is a set of additional mental models elaborating on these key notions and providing more detail on their meanings.

Assessing Cyber Security Threats and Risks in the Public Sector of Greece


Organisations having to cope with new threats and risks are increasing their focus and looking at novel ways to improve their cyber security assurance. As critical national infrastructures are becoming more vulnerable to cyberattacks, their protection becomes a significant issue for EU member states. The National Cyber Security Authority of Greece (NCSA) takes all necessary steps towards a secure Greek cyberspace.

Adversarial Artificial Intelligence: State of the Malpractice


ArtificialIntelligence (AI), widely deployed in society, is rapidly becoming the next major battleground. Our society depends on the power of AI to solve problems in multiple domains—including commercial, infrastructural, and military systems. But AI is also vulnerable to a variety of attacks, some of which are common across many types and deployments of AI.

Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach


Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, the authors consider a cybersecurity setting in which a system administrator (defender) has to screen malicious service requests from an attacker seeking to exhaust available cyber resources and inconvenience users with legitimate requests. This paper proposes a novel cyber-threat inspection model, based on Stackelberg games, that unifiesaspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender.

Enabling Situational Awareness in Operational Technology Environments through Software Defined Networkin


Network situational awareness has long been associated with the task of aggregating system logs to determine activity and events ongoing in the network. However, this current method of obtaining situational awareness does not clearly address the mission of a facility or organisation, the key customers at stake, and the real-time statuses of the critical infrastructures. 

Software-Defined Networking Traffic Engineering Process for Operational Technology Networks


Network designs are often functional with little consideration for security. Growth and maintenance of critical infrastructure, mission-focused networks can be ad hoc and can preclude large-scale technology replacements, reconfigurations,or even patching. These restrictions are contributing factors to increased vulnerabilities. 

Africa’s Contribution to Academic Research in Cybersecurity: Review of Scientific Publication Contributions and Trends from 1998 to 2018


Contributions of scientific knowledge in cybersecurity are made by researchers glob- ally, where the focus and scope differ based on the development and challenges in cybersecurity faced by each country. This study examines the publication contributions and trends of African re- searchers in the field of cybersecurity for a period of 20 years (1998 to 2018). 

No Silver Lining: Information Leakage in Cloud Infrastructures


As more businesses and individuals migrate their workloads to cloud infrastructures, many are unaware of a potential issue inherent in these systems: information leakage, the potential inadvertent release of data through a Virtual Machine (VM) to another VM, which then transfers the information to a third party.

Implications of Privacy & Security Research for the Upcoming Battlefield of Things


This article presents the results of a trend-scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. The authors sketch the expected digital warfare and defence environment as a‘Battlefield of Things’ in which connected objects, connected soldiers, and automated and autonomous sensing and acting systems are core elements. 

Cyber-Securing Super Bowl 50: What Can a Live-Fire Football Match Teach Students about Becoming Better Cybersecurity Professionals?


The rise and regularity of cybersecurity incidents have increased the demand for trained workforce professionals. Institutions of higher education have responded by including practical hands-on exercises such as capstones, labs, and simulated attack-and-defend ‘Capture-the-Flag’ scenarios. Many degree programs also encourage students to gain experience via internships. 

Understanding Operator Fatigue, Frustration, and Cognitive Workload in Tactical Cybersecurity Operations


While the human factors of mission critical systemd weapons systems have been extensively studied, there has been little work on cyber operations. As with any system, the perfect storm of complex tasks in a high-risk environment takes an incredible toll on human operators, leading to errors, decreased performance, and burnout. An extensive studtacticaly of  cyber operations at the National Security Agency found that operator fatigue,  frustration,  and  cognitive  workload  significantly  increase  over  the  course  of  an operation. A discussion of these findings helps us understand the impact that the high-stress, high-risk environment of tactical cyber operations has on its ops such as air traffic control anerators.

Friend or Faux: Deception for Cyber Defense


Defensive deception provides promise in rebalancing the asymmetry of cybersecurity. It makes an attacker’s job harder because it does more than just block access; it impacts the decision making causing him or her to waste time and effort as well as expose his or her presence in the network. Pilot studies conducted by NSA research demonstrated the plausibility and necessity for metrics of success including difficulty attacking the system, behavioral changes caused, cognitive and emotional reactions aroused, and attacker strategy changes due to deception. Designing reliable and valid measures of effectiveness is a worthy (though often overlooked) goal for industry and government alike.

DDoS Attack Simulation to Validate the Effectiveness of Common and Emerging Threats


Distributed Denial of Service (DDoS) attacks are a persistent cyber threat and a growing concern in computer security. This paper seeks to analyse DDoS attacks and the technologies that have been developed in an attempt to combat their effectiveness. This paper includes results from a DDoS simulation using commercial hardware appliances to both demonstrate and measure the effectiveness of DDoS attacks on a targeted victim. The simulation validates the relevance of these hardware appliances in identifying and reducing network vulnerabilities. This paper also provides insight on the current impact of DDoS attacks globally and the threat that these attacks pose in the future.

Enhancing Cybersecurity by Defeating the Attack Lifecycle: Using Mobile Device Resource Usage Patterns to Detect Unauthentic Mobile Applications


Attacks are usually orchestrated based upon the motivation of the attackers, who are becoming increasingly savvy, better resourced, and more committed. This article examines cyber threats and vulnerabilities through the eyes of the perpetrator. To begin, the authors discuss some counter approaches that have produced limited benefits at best, and then introduce a novel approach that details the use of mobile device resource usage to discern unauthentic mobile applications from authentic applications.

Development of a Cyber-Threat Intelligence-Sharing Model from Big Data Sources


As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber-threat intelligence-sharing model.

U.S. Energy Sector Cybersecurity: Hands-off Approach or Effective Partnership?


Recent reporting has identified significant threats to the U.S. energy’s critical infrastructure from nation states and other groups through cyberspace. Efforts to improve the security and resilience of U.S. energy infrastructure relies upon voluntary partnerships between the U.S. Government and public and private energy infrastructure owners.

A Semantic Approach to Modelling of Cybersecurity Domain


This paper addresses the issue of mastering the complex body of knowledge that is relevant for cybersecurity. The wide spectrum of threats and wide variety of resources are considered, and a semantic approach is proposed, as it seems not to be referred to very often in this context. The authors here examine how semantic technology may address the nature of this body of knowledge. Ultimately, the article seeks to enable sharing of security-related knowledge across separate sources of data concerning various entities, such as vulnerabilities and attack types, and also across communities of IT professionals, hackers, defence researchers, and others.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.










Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
  • 757.871.3949