Military Communications and Information Technology: A Trusted ...
Share Embed Flag
Download ePaper

Military Communications and Information Technology: A Trusted ...

Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...

wil.waw.pl
22.01.2015 Views

416 Military Communications and Information Technology... and domain knowledge, is expected to gain significant results while working on the project. The project is preparing – among other models/tools for enhanced mission planning/training in asymmetric conflicts – the Athena IT (Information technology) tool (the Cyber Tool) for intelligence analysts. The availability of knowledge about past incidents in military cyberspace (particularly identification and extraction of related incidents from the factual data available) is crucial requirement for further processing of factual data. In subsequent steps of processing, it provides an important input for analysis and preparation of cyber-defense models in order to successfully prevent future threats. The paper focuses on describing cyber-attacks against military resources and especially highlights selected issues of the process of factual data acquisition (related to these attacks, events). Tools such as the Cyber Tool developed for cyber threats identification and ranking (based on vulnerability assessment) strictly depend on the availability of suitable input data (e.g. vulnerabilities repository). The problem of the lack of such data causes serious complications: on the military IT systems vulnerabilities causes any decision support system or training tool low suitability. Figure 1. Extraction of cyber incidents from repository of past incidents Validated and well recognized good/best practices, which are developed by information science are strongly considered in this study. These practices include (but are not limited to): • gathering information about incidents in cyberspace using a formal observation sheet (unified way of collecting information about incidents); • on-the-fly validation – which prevents introducing the data that is not valid, i.e. for bit rate parameter, only specified, numerical digits can be entered, from the minimal and maximal value range, values out of the defined scope will be rejected; • usage of “dictionaries” – all the data being introduced should be picked-up from within the dataset of well-defined set of dictionaries; • exploitation of dynamic/contextual observation sheet for introducing the data sequentially (with contextual hints).

Chapter 4: Information Assurance & Cyber Defence 417 In this article, the formalised sheet for collecting factual data related to cyberspace is introduced. The data from such a sheet would in turn constitute one record in a repository of past incidents from cyberspace (Figure 1). Some number of incidents collected in a repository will evidence information about security breaches in telecommunication and IT systems – namely cyber security incidents. For sake of clarifying nomenclature used in this article the following concepts definitions are given: • factual data – is a set of facts and/or activities in the area of: collection, selection and assessment of usability of information being stored and further used in respect of reflecting past incidents in an overall picture; • cyber security incident – this notion should be understood as an overall set of events that threatens network security, that is each activity that results in a direct threat to security level. Especially the following list of events is considered here: • threats to the availability of networked services (e.g. DoS attacks), • intrusion and/or attempt of intrusion to telecommunication and information technology system, • spamming, • spreading of malicious codes, viruses. It is important to notice that only limited set of (carefully processed) past cyber events registered in a repository will eventually get the status of security incidents. This paper is structured as follows – first authors introduce motivation that has led them towards publication of this paper. In chapter III the subject of “cyber incidents collection” for military is introduced. Eventually the collection process of factual data is proposed in chapter IV. Methodology of collecting information about cyber incidents is introduced in Chapter V. Finally conclusions are drawn and a sample cyber observation sheet is delivered filled with exemplary information. II. Motivation In the process of designing the Cyber Tool software component in the EDA Athena project authors have faced serious exploitation-oriented challenges related to the lack of data about vulnerabilities required as an input for the tool. In order to be able to deliver expected benefits attributed to the tool, the following showstoppers need to be resolved: • lack of (ready-to use) repositories containing verified knowledge about vulnerabilities of IT systems used in military. On the other hand, existing civil repositories of vulnerabilities (e.g. SCADA systems – Supervisory Control And Data Acquisition) are publicly available. However, it is difficult to determine their relevance to the military domain • unavailability of knowledge (or lack thereof) about existing methodology, that would allow gathering of information about cyber threats in the mili-

416 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />

<strong>and</strong> domain knowledge, is expected to gain significant results while working on<br />

the project. The project is preparing – among other models/tools for enhanced<br />

mission planning/training in asymmetric conflicts – the Athena IT (<strong>Information</strong><br />

technology) tool (the Cyber Tool) for intelligence analysts.<br />

The availability of knowledge about past incidents in military cyberspace<br />

(particularly identification <strong>and</strong> extraction of related incidents from the factual data<br />

available) is crucial requirement for further processing of factual data. In subsequent<br />

steps of processing, it provides an important input for analysis <strong>and</strong> preparation<br />

of cyber-defense models in order to successfully prevent future threats.<br />

The paper focuses on describing cyber-attacks against military resources<br />

<strong>and</strong> especially highlights selected issues of the process of factual data acquisition<br />

(related to these attacks, events).<br />

Tools such as the Cyber Tool developed for cyber threats identification <strong>and</strong><br />

ranking (based on vulnerability assessment) strictly depend on the availability<br />

of suitable input data (e.g. vulnerabilities repository). The problem of the lack of such<br />

data causes serious complications: on the military IT systems vulnerabilities causes<br />

any decision support system or training tool low suitability.<br />

Figure 1. Extraction of cyber incidents from repository of past incidents<br />

Validated <strong>and</strong> well recognized good/best practices, which are developed by<br />

information science are strongly considered in this study. These practices include<br />

(but are not limited to):<br />

• gathering information about incidents in cyberspace using a formal observation<br />

sheet (unified way of collecting information about incidents);<br />

• on-the-fly validation – which prevents introducing the data that is not valid,<br />

i.e. for bit rate parameter, only specified, numerical digits can be entered,<br />

from the minimal <strong>and</strong> maximal value range, values out of the defined scope<br />

will be rejected;<br />

• usage of “dictionaries” – all the data being introduced should be picked-up<br />

from within the dataset of well-defined set of dictionaries;<br />

• exploitation of dynamic/contextual observation sheet for introducing<br />

the data sequentially (with contextual hints).

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!