Disrupting Adversary Decision Logic: An Experience Report


Sophisticated attacks usually involve decision logic that observes the victim’s responses before deciding the next action. Such logic presents an opportunity for the defence, as it provides a controllable feedback channel. Manoeuvres that manipulate responses can confuse the adversary’s decision process, causing them to undertake ineffective actions.

A Detailed Look at ‘I Think I CAN’


Components within modern automobiles communicate across a Controller Area Network (CAN), which has been demonstrated to be vulnerable to external adversarial attention. To better integrate effective security for the CAN protocol at the design level, the standard can be defined in temporal logic. Translating the temporal logic into a module for a real-time network emulator complements a greater goal to reduce security testing overhead. Comparing performance metrics while attempting to exploit modified CAN designs provides analysts with a readily accessible source of information as to whether a solution can be supported by module developers in industry.

Evaluating System on a Chip Design Security


In this paper, the security of an increasingly popular concept called System on a Chip (SoC) is considered. SoC consists of pairing a Field Programmable Gate Array (FPGA) and a processor on a single chip. The researchers contend that security is permanently influenced by initial design decisions; and, if aware of the trade-offs, designers incorporating SoCs into their systems can improve security of their applications.

Securing Software Defined Networking


Software Defined Networking (SDN) has quickly developed as a technology to manage large-scale rapidly changing network environments at line-speed. This switch to centrally managed network devices potentially brings increased risks to the network infrastructure. If SDN applications can be thought of as programming the network, then SDN controllers must provide a protected environment in the same way that traditional operating systems isolate and protect software. This paper discusses the security concerns of SDN; examines current approaches to incorporating application permissions in SDN controllers, such as security-mode ONOS; and identifies where further work is needed to provide this assurance for operational networks.

Critical Infrastructure: Where Do We Stand Today? A Comprehensive and Comparative Study of the Definitions of a Critical Infrastructure


The concept of ‘critical infrastructure’ has become a key issue as far as the cyber dimension is concerned. All industrialized nation-states that depend on information and communication technologies have defined this concept or established a list of critical sectors to identify their critical infrastructures. Despite the high number of definitions, none of them considers a realistic view of a critical infrastructure as it tends to be reduced to its simple computerized dimension.

Securing PDAs in the Healthcare Environment


Wireless networks have become a key element in healthcare institutions for streamlining access to clinical information. With the advent of wireless technology, handheld devices such as PDAs, pagers and Pocket PCs are now deployed into modern hospital systems. However, integrating confidential data and wireless technology introduces significant risk and increases the potential threat to sensitive medical information. This paper investigates the fundamental concepts required to understand PDA security issues in the health sector. It examines the various risk and threat issues, the security measures needed to secure PDA use, and the appropriate security infrastructure for healthcare settings.

Shared Electronic Health Records: A Changing Landscape for Security in Medical Practice


The advances in networking and communications have created a landscape of change for information security in medical practice with the use of electronic health records. Whilst the benefits of improved quality are accepted, the ethical, logistical and security demands have increased. To resolve the problems faced, mapping how medical practice has to adapt to the shifting nature of security in this environment is necessary. The solutions are far from uncomplicated and include education, information governance and policy. Despite the benefits, the success of nationally shared electronic health records requires demonstration of security assurance and recognition medical practice will need assistance to adapt. 

A Composite User Authentication Architecture for Mobile Devices


As the functionality and services provided by mobile devices increases, the need to provide effective user authentication against misuse and abuse becomes ever more imperative. With traditional secret knowledge based techniques having been proven weak, a requirement exists for authentication techniques to provide stronger protection. This paper proposes the use of a portfolio of authentication techniques to provide a robust, accurate and transparent authentication mechanism for mobile devices, extending security beyond point-of-entry into a continuous and user convenient approach. An Intelligent Authentication Management System (IAMS) is described that provides a continuous confidence level in the identity of the user, removing access to sensitivity services and information with low confidence levels and providing automatic access with higher confidence levels.  The theoretical level of system performance is examined on a range of mobile devices, suggesting that it should be possible to achieve acceptably low levels of false acceptance and false rejection error in practical application.

Analyzing Security Measures for Mobile Ad Hoc Networks Using Attack and Protection Trees


Attack trees are a method of conducting a risk analysis on a system. Protection trees are an extension to this methodology and are derived from attack trees and provide a means to allocate limited resources to defend against specific attacks.  Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and developing a corresponding protection tree with similar metrics.  In this paper, a generic Mobile Ad Hoc Network (MANET) is implemented and attack and protection trees are used to analyze the security of this network.

TACFIRE Secure Virtual Workspaces for Dynamic Security in Defense Support to Civilian Authorities


A mission of the Department of Defense involves support to civilian authorities in times of national crisis.  Support often involves coordination with coalition partners.  The collective of DoD, civilian, and coalition partners creates a need for the capability to rapidly provision online, virtual workspaces where security can be controlled both centrally and by users.  A simulation is discussed in which 12 officers utilize TACFIRE – a comprehensive suite of XML web services that includes a personalized portal, email, chat, presence, instant messenger, and VoIP – with a secure virtual workspace capability that includes web conferences, threaded discussions, libraries, federated search, and task managers, for a Defense Support to Civilian Authorities (DSCA) scenario.  The simulation was modelled after the Naval Network Warfare Command Trident Warrior 06 experiment and in preparation for Trident Warrior 07.

Categorising Cybercrime and Cybercriminals: The Problem and Potential Approaches


Cybercrime is now recognised as a major international problem, with continual increases in incidents of hacking, viruses, and other forms of abuse having been reported in recent years. However, although many people may recognise cybercrime-related terminology, agreeing and defining what they actually mean can prove to be somewhat difficult. As a result, alternative classifications have emerged from a range of authoritative sources, which are similar in some respects, but markedly different in others. This paper considers the difficulty associated with categorising cybercrime, and identifies that a harmonised nomenclature would be beneficial to individuals and organisations concerned with combating the problem, as well as to those concerned with reporting the issue to the general public.

Potential Security Breaches and Threats in a Wireless Computing Environment


Recent technological innovations in computing such as wireless computing have opened up new dimensions of threats to data security. These new technologies reveal users’ location and hence make the availability of information vulnerable. Further, by identifying individuals using wireless computing technologies, it is possible to access corporate data, leading to security breaches. This paper discusses the potential for security breaches in wireless computing with respect to location identification technologies.

NIDH - Network Intrusion Detection Hierarchy A Model for Gathering Attack Intelligence


Internet proxy systems such as Squid exchange intelligence relevant to their function as caching proxy servers via a distributed and trusted hierarchy of machines. The required intelligence is broadcast based along the network based upon established trust relationships throughout the connected network via specific port and protocols of exchange. An intrusion detection system that incorporates this functionality for gathering attack intelligence could be a formidable foe even for the wiliest attacker.

Cyber Terrorism Awareness within the New Zealand Critical Infrastructure


Dependence on computers has transformed information technology into a potential terrorist target. Prevention of Cyber terrorism should be part of holistic national security policy. This paper analyses the results of a study that indicates New Zealand’s critical infrastructure is not ready for a cyber terrorist attack and gives some recommendations.

A Review of IPv6 Security Concerns


This study focus on the security concerns of IPv6. A broad introduction to IPv6 is made then briefly the differences between the IPv6 and IPv4 protocols are looked at, their known vulnerabilities and this identifies some security concerns when implementing IPv6. Even after 13 years, IPv6is still considered a new network protocol. With this in mind not much is known about IPv6. Since the IPv4 address space will be used up within the next few months, IPv6 should finally become more mainstream.

Protecting E-mail Anonymity with an Anonymizer Bouncer


Communication between people has always been a part of society. In the past, people could omit the return address from a letter to keep the sender’s identity private. The problem is that it is not as easy to achieve anonymity when sending and receiving e-mails. This paper discusses ways of achieving anonymity when using e-mail as communication for instance, in lodging complaints to a grievance department. Anonymity is defined as hiding the identity and personal information of an individual. The proposed model uses an anonymous re-mailer to show how the sender of an e-mail’s identity can remain anonymous.

Locating Zero-Day Exploits with Coarse-Grained Forensics


This paper describes a novel coarse-grained forensics capability for locating zero-day exploits by recording and correlating on-host actions with network packets, with no discernible impact on user experience. The technology builds upon the Bear micro-kernel, a clean-slate custom OS specifically designed with modern Intel security features and Multics style protections. The capability provides an alternative to fine-grained techniques, such as memory taint tracking, that are intractable approaches for high-volume Internet facing servers. Two associated network attack scenarios, modelled from typical website designs, are described in order to illustrate how the technique can be used, and the associated results are presented.

Vulnerability by Design in Mobile Network Security


The GSM network, commonly called 2G, was designed during the 1980s when the Cold War was still ongoing. Due to political pressure from European governments, the security of GSM was deliberately made weak to allow easy interception by law enforcement agencies. Despite strengthened security in subsequent mobile network technologies of 3G and 4G, the weak security of 2G represents the ‘weakest link’ and thereby limits the security level of mobile networks in general. This article describes the evolution of mobile network security architectures, analyses their security vulnerabilities, and proposes solutions to mitigate the threats posed by these vulnerabilities.

A Study of Perceptions of Graphical Passwords


Depending on the graphical password schema, the key-space can be even bigger than alpha-numeric passwords. However, in conventional passwords, users will re-use letters within a password. This study investigates graphical passwords for symbol-reuse and finds that users do not re-use symbols with the same frequency as conventional passwords. The user-selected key- space for graphical passwords is smaller than theoretically expected. This study also reports on perceptions of graphical passwords: 52% of people do not support the use of graphical passwords within their organization. Furthermore, 57% of respondents do not support the use of such technology in their financial institutions.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.










Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
  • 757.234.6664