Risk Analysis

Towards Improving APT Mitigation: A Case for Counter-APT Red Teaming

Abstract:

Vulnerabilities leveraged by Advanced Persistent Threats (APTs) that ultimately allow them to gain access to critical data and unveil private information are often far removed from the portions of the security environment where initial access is gained. This paper presents a defensi- ble scholarly decomposition of the red-team process itself and discusses how traditional red-team assessments may not be the most effective solution for emulating APT threats and mitigating their impacts.

Belief Systems, Information Warfare, and Counter Terrorism

ABSTRACT

This paper defines Counter Terrorism within a risk management and information warfare framework, using risk analyses based upon an understanding of Belief Systems.  An understanding of how people make crucial (life threatening) ethical decisions is important to reducing the likelihood and the impact of terrorist acts.  This understanding can come from analyzing and modeling the complex systems that make up the Belief Systems of terrorists and of the targets of terrorists. Counter Terrorism analysts can use these Belief Systems Models to identify key influences or relationships in Belief Networks and apply information warfare strategies to exploit or prevent events arising from crucial ethical decisions made by terrorist organizations, creating immunity in targeted societies.

Analyzing Security Measures for Mobile Ad Hoc Networks Using Attack and Protection Trees

ABSTRACT

Attack trees are a method of conducting a risk analysis on a system. Protection trees are an extension to this methodology and are derived from attack trees and provide a means to allocate limited resources to defend against specific attacks.  Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and developing a corresponding protection tree with similar metrics.  In this paper, a generic Mobile Ad Hoc Network (MANET) is implemented and attack and protection trees are used to analyze the security of this network.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com