Virtualization

Leveraging Virtualization Technologies to Improve SCADA ICS Security

Abstract: 

In recent years, Supervisory Control and Data Acquisition (SCADA) Industrial Control Systems (ICS)—systems used for controlling industrial processes, power plants, or assembly lines—have become a serious concern because of security and manageability issues.

Enhancing Information Warfare Education Through the Use of Virtual and Isolated Networks

ABSTRACT

The Information Analysis and Research (IWAR) laboratory at the United States Military Academy (USMA) has proven to be an exceptional and necessary resource for educating our cadets and faculty studying information warfare. The laboratory has also been successful in motivating the need for continued education and training in this area on a much larger scope that touches the highest levels of our military and government. This paper justifies why information warfare laboratories are necessary, explains the laboratories design and organization, and describes the phenomenon that is occurring as a result of the IWAR laboratory.

Results from a SCADA-Based Cyber Security Competition

ABSTRACT

On April 1 2011, Regis University hosted the 7th Computer and Network Vulnerability Assessment Simulation (CANVAS) competition with a turnout of 68 event competitors and at least two dozen faculty and spectators. The event was a major success. The competition sought primarily to introduce a Critical Infrastructure Protection (CIP) theme to a cyber competition to raise awareness of these types of attacks. This paper will discuss the goals and intricacies of developing the CANVAS cyber competition, including technical details, extensibility of CIP-focused cyber competitions, as well as the continued development and value of CIP simulation infrastructure.

Locating Zero-Day Exploits with Coarse-Grained Forensics

ABSTRACT

This paper describes a novel coarse-grained forensics capability for locating zero-day exploits by recording and correlating on-host actions with network packets, with no discernible impact on user experience. The technology builds upon the Bear micro-kernel, a clean-slate custom OS specifically designed with modern Intel security features and Multics style protections. The capability provides an alternative to fine-grained techniques, such as memory taint tracking, that are intractable approaches for high-volume Internet facing servers. Two associated network attack scenarios, modelled from typical website designs, are described in order to illustrate how the technique can be used, and the associated results are presented.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com