Advanced Intelligent Computing Technology and Applications
The 12-volume set CCIS 2564-2575, together with the 28-volume set LNCS/LNAI/LNBI 15842-15869, constitutes the refereed proceedings of the 21st International Conference on Intelligent Computing, ICIC 2025, held in Ningbo, China, during July 26-29, 2025. The 523 papers presented in these proceedings books were carefully reviewed and selected from 4032 submissions. This year, the conference concentrated mainly on the theories and methodologies as well as the emerging applications of intelligent computing. Its aim was to unify the picture of contemporary intelligent computing techniques as an integral concept that highlights the trends in advanced computational intelligence and bridges theoretical research with applications. Therefore, the theme for this conference was "Advanced Intelligent Computing Technology and Applications".
Autonomous Revolution: Strategies, Threats and Challenges
Moderator-topics
"Moderator-topics, Volume 16" delves into the crucial aspects of online community management and content moderation. This volume explores the challenges and strategies involved in maintaining constructive and safe online environments. From handling user disputes to implementing content policies, this book offers insights relevant to anyone involved in moderating online forums, social media platforms, or digital communities. An essential resource for moderators, community managers, and those interested in the dynamics of online interactions, "Moderator-topics" provides a comprehensive overview of the tools and techniques necessary for fostering healthy and productive online spaces. Explore real-world examples and practical advice on navigating the complexities of digital communication.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Digital Degrowth
We are fast approaching the point of "peak digital", with the continued mass production and excessive consumption of digital technologies set to become a key driver of climate crisis, ecological breakdown and ongoing societal instability. Digital Degrowth is a call to completely rethink our digital futures in these fast-changing times. It explores how degrowth thinking and alternate forms of "radically sustainable computing" might support ambitions of sustainable, scaled-down and equitable ways of living with digital technologies. Neil Selwyn proposes a rebalancing of digital technology use: digital degrowth is not a call for simply making reduced use of the digital technologies that we already have - rather it is an argument to reimagine digital practices that maximise societal benefits with minimal environmental and social impact. Drawing on illustrative examples from across computer science, hacker and environmental activist communities, this book examines how core degrowth principles of conviviality, autonomy and care are already being used to reimagine alternate forms of digital technology. Original and stimulating, this is essential reading for students and scholars of media and communication, sustainability studies, political ecology, computer/data sciences, and across the social sciences.
Information Security
The BiblioGov Project is an effort to expand awareness of the public documents and records of the U.S. Government via print publications. In broadening the public understanding of government and its work, an enlightened democracy can grow and prosper. Ranging from historic Congressional Bills to the most recent Budget of the United States Government, the BiblioGov Project spans a wealth of government information. These works are now made available through an environmentally friendly, print-on-demand basis, using only what is necessary to meet the required demands of an interested public. We invite you to learn of the records of the U.S. Government, heightening the knowledge and debate that can lead from such publications.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
The Cybernetic Society
"An optimistic, shimmering image of a world where AI operates in service to humankind" (Kirkus) argues that both the major risk and opportunity of AI is that humans and computers have fused, giving AI the ability to shape the future of human affairs Artificial intelligence is inescapable: at home, at work, in politics, and on the battlefield. In The Cybernetic Society, technologist Amir Husain argues that AI hasn't simply encroached on everything we do. It has become part of us, and we, it. Humans and intelligent machines, he argues, are enmeshed in a symbiotic hybrid that he calls a "cybernetic society." Husain describes a present and future where AI isn't a tool of humans but our equal partner, one where they can realize their own visions of the world. There is great potential and danger: Saudi Arabia's Neom--a "cognitive city" being built in inhospitable desert--shows how this symbiosis can make life possible where otherwise, it is not. But the profusion of intelligent military drones is making mass destruction possible where otherwise, it is not. As engrossing as it is urgent, The Cybernetic Society offers a new understanding of this revolutionary fusion of machine and mankind, and its profound implications for all our futures. The path ahead is challenging. But Husain shows why we can live harmoniously with our creations.
CompTIA(R) SecurityX(R) CAS-005 Certification Guide - Second Edition
Become a cybersecurity expert with comprehensive CAS-005 preparation using this detailed guide packed with practical insights, mock exams, diagrams, and actionable strategies that align with modern enterprise security demandsKey Features: - Strengthen your grasp of key concepts and real-world security practices across updated exam objectives.- Gauge your preparedness with over 300 practice questions, flashcards, and mock exams- Visualize complex topics with diagrams of AI-driven threats, Zero Trust, cloud security, cryptography, and incident responseBook Description: As cyber threats evolve at unprecedented speed and enterprises demand resilient, scalable security architectures, the CompTIA SecurityX CAS-005 Certification Guide stands as the definitive preparation resource for today's security leaders. This expert-led study guide enables senior security professionals to master the full breadth and depth of the new CAS-005 exam objectives.Written by veteran instructor Mark Birch, this guide draws from over 30 years of experience in teaching, consulting, and implementing cybersecurity controls to deliver clear, actionable content across the four core domains: governance, risk, and compliance; security architecture; security engineering; and security operations. It addresses the most pressing security challenges, from AI-driven threats and Zero Trust design to hybrid cloud environments, post-quantum cryptography, and automation. While exploring cutting-edge developments, it reinforces essential practices such as threat modeling, secure SDLC, advanced incident response, and risk management.Beyond comprehensive content coverage, this guide ensures you are fully prepared to pass the exam through exam tips, review questions, and detailed mock exams, helping you build the confidence and situational readiness needed to succeed in the CAS-005 exam and real-world cybersecurity leadership.What You Will Learn: - Build skills in compliance, governance, and risk management- Understand key standards such as CSA, ISO27000, GDPR, PCI DSS, CCPA, and COPPA- Hunt advanced persistent threats (APTs) with AI, threat detection, and cyber kill frameworks- Apply Kill Chain, MITRE ATT&CK, and Diamond threat models for proactive defense- Design secure hybrid cloud environments with Zero Trust architecture- Secure IoT, ICS, and SCADA systems across enterprise environments- Modernize SecOps workflows with IAC, GenAI, and automation- Use PQC, AEAD, FIPS, and advanced cryptographic toolsWho this book is for: This CompTIA book is for candidates preparing for the SecurityX certification exam who want to advance their career in cybersecurity. It's especially valuable for security architects, senior security engineers, SOC managers, security analysts, IT cybersecurity specialists/INFOSEC specialists, and cyber risk analysts. A background in a technical IT role or a CompTIA Security+ certification or equivalent experience is recommended.Table of Contents- Given a Set of Organizational Security Requirements, Implement the Appropriate Governance Components- Given a Set of Organizational Security Requirements, Perform Risk Management Activities- Explain how compliance affects information security strategies- Given a Scenario, Performing Threat Modeling Activities- Summarize the Information Security Challenges Associated with AI Adoption- Given a Scenario, Analyze Requirements to Design Resilient Systems- Given a Scenario, Implement Security in the Early Stages of the Systems Life Cycle and Throughout Subsequent Stages(N.B. Please use the Read Sample option to see further chapters)
Detection of Intrusions and Malware, and Vulnerability Assessment
Hacking Voice-Controllable Devices
Voice-controllable devices allow hands-free interactions, offering a modern user experience and helping impaired users. However, the voice channel that enables this interaction is also one of their main weaknesses. Higher usability often comes with higher security and privacy risks. As Voice-Controllable Devices are no exception to this, a plethora of new attacks have been carried out against them in recent years. In this book, several attacks are analysed against the voice channel available in the literature; it then devises a bespoke kill chain to facilitate the classification of attack steps and future research. Additionally, the work analyses the design of the notorious Alexa vs Alexa attack, which turned Echo Dot devices against themselves in 2022. Finally, the present volume explores measures against all these attacks and raise important questions about their suitability for user needs. Topics and features: Discusses timely security and privacy challenges in IoT devices, with an emphasis on voice-controllable devices Provides a framework for assessing and studying attacks against the voice channel Addresses practical attacks successfully carried out against real devices, showing that an impactful attack need not be complex Explores advanced safeguards from a new perspective, questioning whether research is proceeding in the right direction This powerful volume--containing tips, tricks, and techniques used by ethical hackers to breach the voice channel--serves as the perfect guide for researchers conducting security and privacy research on IoT. It also provides food for thought for graduate students and enthusiasts of these subjects who do not shy away from the mathematics behind the world of machine learning.
Cloud Computing
This book LNICST 617 constitutes the refereed proceedings of the 12th EAI International Conference on Cloud Computing, CloudComp 2024, held in Luton, UK, during September 9-10, 2024. The 16 full papers were carefully reviewed and selected from 42 submissions. The proceedings focus on topics such as The Cloud-Edging Computing Wireless Networks; Network Security Emerging Applications /The Cloud-Edging Integration Applications
Empowering Iot: Reliability, Network Management, Sensing, and Probabilistic Charging in Wireless Sensor Networks
This book provides a comprehensive exploration of both fundamental principles and practical engineering techniques. It places a strong emphasis on several key areas, including load balancing for IoT sensor devices through effective network management to ensure robust communication reliability among these sensor devices. It also delves into the intricacies of efficient charging scheduling for sensor devices, using probabilistic approaches and integrated sensing and communication technologies to enhance network optimization. Central to the book's goals is its comprehensive and systematic treatment of practical challenges in IoT network optimization. This focus makes it particularly suitable for readers seeking practical solutions in this area. The book's target audience includes researchers, engineers, graduate students, and IoT industry professionals interested in areas such as reliability improvement, load balancing, charging scheduling, and network management. By providing both theoretical foundations and practical insights, this book serves as a valuable resource for those seeking to navigate the complexities of IoT network optimization.
Information Systems Security and Privacy
This book constitutes the refereed post-proceedings of the 9th and 10th International Conference on Information Systems Security and Privacy, ICISSP 2023 and 2024, held in Lisbon, Portugal, and in Rome, Italy during February 22-24, 2023 and February 26-28, 2024, respectively. The 15 full papers included in this book were carefully reviewed and selected from 285 submissions. These papers have been organized under the following topical sections: Management and operations; Applications and services; and Technologies and foundations.
Cognitive Computation and Systems
This book constitutes the refereed proceedings of the Third International Conference on Cognitive Computation and Systems, ICCCS 2024, held in Linyi, China, December 20-22, 2024. The 54 revised full papers presented in these proceedings were carefully reviewed and selected from 155 submissions. The papers are organized in the following topical sections: Part I: Cognitive computing and information processing; Intelligent cooperative control; and Learning and systems. Part II: Cognitive computing and information processing; Intelligent cooperative control; and Learning and systems.
Cognitive Computation and Systems
This book constitutes the refereed proceedings of the Third International Conference on Cognitive Computation and Systems, ICCCS 2024, held in Linyi, China, December 20-22, 2024. The 54 revised full papers presented in these proceedings were carefully reviewed and selected from 155 submissions. The papers are organized in the following topical sections: Part I: Cognitive computing and information processing; Intelligent cooperative control; and Learning and systems. Part II: Cognitive computing and information processing; Intelligent cooperative control; and Learning and systems.
An Analysis of Information Asset Valuation Quantification Methodology for Application With Cyber Information Mission Impact Assessment
The purpose of this research is to develop a standardized Information Asset Valuation (IAV) methodology. The IAV methodology proposes that accurate valuation for an Information Asset (InfoA) is the convergence of information tangible, intangible, and flow attributes to form a functional entity that enhances mission capability. The IAV model attempts to quantify an InfoA to a single value through the summation of weighted criteria. Standardizing the InfoA value criteria will enable decision makers to comparatively analyze dissimilar InfoAs across the tactical, operational, and strategic domains. This research develops the IAV methodology through a review of existing military and non-military valuation methodologies. IAV provides the Air Force (AF) and Department of Defense (DoD) with a standardized methodology that may be utilized enterprise wide when conducting risk and damage assessment and risk management. The IAV methodology is one of the key functions necessary for the Cyber Incident Mission Impact Assessment (CIMIA) program to operationalize a scalable, semi-automated Decision Support System (DSS) tool. The CIMIA DSS intends to provide decision makers with near real-time cyber awareness prior to, during, and post cyber incident situations through documentation of relationships, interdependencies, and criticalities among information assets, the communications infrastructure, and the operations mission impact.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Spectral Domain RF Fingerprinting for 802.11 Wireless Devices
The increase in availability and reduction in cost of commercial communication devices (IEEE compliant such as 802.11, 802.16, etc) has increased wireless user exposure and the need for techniques to properly identify/classify signals for increased security measures. A communication device's emission includes intentional modulation that enables correct device operation. Hardware and environmental factors alter the ideal response and induce unintentional modulation e ects. If these e ects (features) are su ciently unique it becomes possible to identify a device using its ngerprint, with potential discrimination of not only manufacturers but possibly serial numbers for a given manufacturer.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Toward Cyber Omniscience
It is widely accepted that cyberspace is a vulnerable and highly contested environment. The United Sates has and will face threats to its national security in the realm. As a result, the Office of the Secretary of Defense (OSD) has decided to consider new and evolving theories of deterrence to address the cyber domain. This OSD-sponsored paper examines a new cyberspace deterrence option know as cyber omniscience. Set in the year 2035, this paper will begin the process of developing the theory of cyber omniscience as a DoD deterrent. At the heart of cyber deterrence lays this question: "As technology rapidly advances in the contested cyber domain, can hostile individuals be deterred from employing highly advanced technologies through cyberspace that threaten national survival?" To answer this question, this paper will investigate a number of issues with regard to cyberspace deterrence: anticipated life (societal norms) and technology in 2035, hostile individual threats, what cyber omniscience entails, privacy issues, and policy recommendations. This multi-pronged approach will serve as the catalyst to a better understanding of the future of cyberspace, the threats, and deterrence.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Policy Changes for Acquisition of Offensive Cyberspace Weapon Systems
Because the cyberspace environment is changing so quickly, the slow, methodical Department of Defense (DoD) acquisition process may not suffice. By following the evolutionary acquisition method and incorporating five policy caveats, the DoD acquisition process can acquire effective systems quickly. The purpose of this research is to provide recommended policy changes in the acquisition of offensive cyberspace weapon systems for the Air Force and DoD in general. This paper describes the current DoD acquisition process, explains how cyberspace is different from the other domains, discusses a few innovative acquisition and development approaches, and concludes with the recommended policy changes. A literature search on the cyberspace community along with DoD and Air Force doctrine provided the bulk of the research. The recommended acquisition policy changes fall into the following categories: expanding the network of development activities, building payloads for specific target sets, security classification, sustainment of cyberspace capabilities and testing throughout the acquisition process.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Supplementing an Ad Hoc Wireless Network Routing Protocol With Radio Frequency Identification Tags
Wireless sensor networks (WSNs) have a broad and varied range of applications, yet all of these are limited by the resources available to the sensor nodes that make up the WSN. The most significant resource is energy; a WSN may be deployed to an inhospitable or unreachable area leaving it with a non-replenishable power source. This research examines a technique of reducing energy consumption by augmenting the nodes with radio frequency identification (RFID) tags that contain routing information. It was expected that RFID tags would reduce the network throughput, AODV routing traffic sent, and the amount of energy consumed. However, RFID tags have little effect on the network throughput or the AODV routing traffic sent. They also increase ETE delays in sparse networks as well as the amount of energy consumed in both sparse and dense networks. Furthermore, there was no statistical difference in the amount of user data throughput received. The density of the network is shown to have an effect on the variation of the data but the trends are the same for both sparse and dense networks. This counter-intuitive result is explained and conditions for such a scheme to be effective are discussed.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Mitigating Distributed Denial of Service Attacks in an Anonymous Routing Environment
Network-centric intelligence collection operations use computers and the Internet to identify threats against Department of Defense (DoD) operations and personnel, to assess the strengths and weaknesses of enemy capabilities and to attribute network events to sponsoring organizations. The security of these operations are paramount and attention must be paid to countering enemy attribution efforts. One way for U.S. information operators to avoid being linked to the DoD is to use anonymous communication systems. One such anonymous communication system, Tor, provides a distributed overlay network that anonymizes interactive TCP services such as web browsing, secure shell, and chat. Tor uses the Transport Layer Security (TLS) protocol and is thus vulnerable to a distributed denial-of-service (DDoS) attack that can significantly delay data traversing the Tor network. This research is the first to explore DDoS mitigation in the anonymous routing environment. Defending against DDoS attacks in this environment is challenging as mitigation strategies must account for the distributed characteristics of anonymous communication systems and for anonymity vulnerabilities. In this research, the TLS DDoS attack is mitigated by forcing all clients (malicious or legitimate) to solve a puzzle before a connection is completed.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Stastistical Machine Translation of Japanese
Statistical machine translation (SMT) uses large amounts of language training data to statistically build a knowledge base for translating from one language to another. Before introducing this language data, usually in the form of a parallel set of sentences from both languages, the SMT system has no other linguistic information available to it. With supervised SMT, however, additional linguistic knowledge is allowed in addition to the training data. When translating between languages with little or no common linguistic backgrounds, like English and Japanese, using supervised SMT is extremely useful. By giving the system linguistic rules before training on the parallel corpus, the SMT system can build better alignments between words in both languages.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Virtualization Technology Applied to Rootkit Defense
This research effort examines the idea of applying virtualization hardware to enhance operating system security against rootkits. Rootkits are sets of tools used to hide code and/or functionality from the user and operating system. Rootkits can accomplish this feat through using access to one part of an operating system to change another part that resides at the same privilege level. Hardware assisted virtualization (HAV) provides an opportunity to defeat this tactic through the introduction of a new operating mode. Created to aid operating system virtualization, HAV provides hardware support for managing and saving multiple states of the processor. This hardware support overcomes a problem in pure software virtualization, which is the need to modify guest software to run at a less privileged level. Using HAV, guest software can operate at the pre-HAV most privileged level. This thesis provides a plan to protect data structures targeted by rootkits through unconventional use of HAV technology to secure system resources such as memory. This method of protection will provide true real-time security through OS attack prevention, rather than reaction.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
A Dynamically Configurable Log-Based Distributed Security Event Detection Methodology Using Simple Event Correlator
This research effort identifies attributes of distributed event correlation which make it desirable for security event detection, and evaluates those attributes in a comparison with a centralized alternative. Event correlation is an effective means of detecting complex situations encountered in information technology environments. Centralized, database-driven log event correlation is more commonly implemented, but suffers from flaws such as high network bandwidth utilization, significant requirements for system resources, and difficulty in detecting certain suspicious behaviors. This analysis measures the value in distributed event correlation by considering network bandwidth utilization, detection capability and database query efficiency, as well as through the implementation of remote configuration scripts and correlation of multiple log sources. These capabilities produce a configuration which allows a 99% reduction of network syslog traffic in the low-accountability case, and a significant decrease in database execution time through context-addition in the high-accountability case.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
What Senior Leaders Need to Know About Cyberspace
What must senior security leaders know about cyberspace to transform their organizations and make wise decisions? How does the enduring cyberspace process interact with and transform organizations, technology, and people, and, in turn, how do they transform cyberspace itself? To evaluate these questions, this essay establishes the enduring nature of the cyberspace process and compares this relative constant to transformation of organizations and people. Each section discussing these areas provides an assessment of their status as well as identifies key issues for senior security leaders to comprehend now and work to resolve in the future. Specific issues include viewing cyberspace as a new strategic common akin to the sea, comparing effectiveness of existing hierarchies in achieving cybersecurity against networked adversaries, and balancing efficiency and effectiveness of security against the universal laws of privacy and human rights.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Policy Changes for Acquisition of Offensive Cyberspace Weapon Systems
Because the cyberspace environment is changing so quickly, the slow, methodical Department of Defense (DoD) acquisition process may not suffice. By following the evolutionary acquisition method and incorporating five policy caveats, the DoD acquisition process can acquire effective systems quickly. The purpose of this research is to provide recommended policy changes in the acquisition of offensive cyberspace weapon systems for the Air Force and DoD in general. This paper describes the current DoD acquisition process, explains how cyberspace is different from the other domains, discusses a few innovative acquisition and development approaches, and concludes with the recommended policy changes. A literature search on the cyberspace community along with DoD and Air Force doctrine provided the bulk of the research. The recommended acquisition policy changes fall into the following categories: expanding the network of development activities, building payloads for specific target sets, security classification, sustainment of cyberspace capabilities and testing throughout the acquisition process.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Development of a Methodology for Customizing Insider Threat Auditing on a Linux Operating System
Insider threats can pose a great risk to organizations and by their very nature are difficult to protect against. Auditing and system logging are capabilities present in most operating systems and can be used for detecting insider activity. However, current auditing methods are typically applied in a haphazard way, if at all, and are not conducive to contributing to an effective insider threat security policy. This research develops a methodology for designing a customized auditing and logging template for a Linux operating system. An intent-based insider threat risk assessment methodology is presented to create use case scenarios tailored to address an organization's specific security needs and priorities. These organization specific use cases are verified to be detectable via the Linux auditing and logging subsystems and the results are analyzed to create an effective auditing rule set and logging configuration for the detectable use cases. Results indicate that creating a customized auditing rule set and system logging configuration to detect insider threat activity is possible.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Interagency Organization for Cyberwar
Many people take for granted things they cannot see, smell, or touch. For most people, security in cyberspace is one of these things. Aside from the securing their home personal computer with the latest anti-virus, the majority of Americans take government and corporate cyber security for granted assuming the professionals have security of the nation's military networks, sensitive government data, and consumers' personal data and financial information under control. Outside of an occasional news story about a denial of service internet attack or an "I Love You" virus, what goes on behind the closed compact disc drive doors does not concern most of the nation. The chilling fact is the nation should be concerned about what is going on in cyberspace. Since the terrorist attacks on 9/11, the nation has taken a renewed interest in securing the homeland, to include efforts to protect the countries critical infrastructure such as electrical plants, dams, and water supplies. It is no secret that terrorists are interested in striking these targets with the intent of inflicting catastrophic physical and economic damage to western civilization. What many people do not realize is, the computer network systems which monitor and manage these systems, and many others, are also under attack by what some are calling cyber terrorists. Although the government and industry has undertaken a significant amount of effort to protect the nation's military, non-military government, financial, and industrial networks, more work is necessary.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Android Protection System
This research develops the Android Protection System (APS), a hardware-implemented application security mechanism on Android smartphones. APS uses a hash-based white-list approach to protect mobile devices from unapproved application execution. Functional testing confirms this implementation allows approved content to execute on the mobile device while blocking unapproved content. Performance benchmarking shows system overhead during application installation increases linearly as the application package size increases. APS presents no noticeable performance degradation during application execution. The security mechanism degrades system performance only during application installation, when users expect delay. APS is implemented within the default Android application installation process.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Development of an Malicious Insider Composite Vulnerability Assessment Methodology
Trusted employees pose a major threat to information systems. Despite ad-vances in prevention, detection, and response techniques, the number of maliciousinsider incidents and their associated costs have yet to decline. There are very fewvulnerability and impact models capable of providing information owners with theability to comprehensively assess the effectiveness an organization's malicious insidermitigation strategies.This research uses a multi-dimensional approach: content analysis, attack treeframework, and an intent driven taxonomy model are used to develop a maliciousinsider Decision Support System (DSS) tool. The tool's output provides an assess-ment of a malicious insider's composite vulnerability levels based upon aggregatedvulnerability assessment and impact assessment levels.The DSS tool's utility and applicability is demonstrated using a notional ex-ample. This research gives information owners data to more appropriately allocatescarce security resources.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
A Study to Determine Damage Assessment Methods or Models on Air Force Networks
Damage assessment for computer networks is a new area of interest for the Air Force. Previously, there has not been a concerted effort to codify damage assessment or develop a model that can be applied in assessing damage done by criminals, natural disasters, or other methods of damaging a computer network. The research undertaken attempts to identify if the Air Force MAJCOM Network Operations Support Centers (NOSC) use damage assessment models or methods. If the Air Force does use a model or method, an additional question of how the model was attained or decided upon is asked. All information comes from interviews, via e-mail or telephone, of managers in charge of computer security incidents at the Major Command level. The research is qualitative, so there are many biases and opportunities for additional, more research. Currently, there is some evidence to show that several Network Operations Support Centers are using some form of damage assessment, however, each organization has highly individualized damage assessment methods that have been developed internally and not from a re-producible method or model.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
An Analysis of Botnet Vulnerabilities
Botnets are a significant threat to computer networks and data stored on networked computers. The ability to inhibit communication between servers controlling the botnet and individual hosts would be an effective countermeasure. The objective of this research was to find vulnerabilities in Unreal IRCd that could be used to shut down the server. Analysis revealed that Unreal IRCd is a very mature and stable IRC server and no significant vulnerabilities were found. While this research does not eliminate the possibility that a critical vulnerability is present in the Unreal IRCd software, none were identified during this effort.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
To Click or Not to Click
Today's Air Force networks are under frequent attack. One of the most pernicious threats is a sophisticated phishing attack that can lead to complete network penetration. Once an adversary has gained network entry, they are in a position to exfiltrate sensitive data or pursue even more active forms of sabotage. However, there are promising technical advances proposed in current research can help mitigate the threat. Also, user education will continue to play an important role to increase effectiveness in AF defenses. This paper reviews and recommends the most promising suggestions for adaptation and application in today's AF networks.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Automated Analysis of ARM Binaries Using the Low-Level Virtual Machine Compiler Framework
Binary program analysis is a critical capability for offensive and defensive operations in Cyberspace. However, many current techniques are ineffective or time-consuming and few tools can analyze code compiled for embedded processors such as those used in network interface cards, control systems and mobile phones. This research designs and implements a binary analysis system, called the Architecture-independent Binary Abstracting Code Analysis System (ABACAS), which reverses the normal program compilation process, lifting binary machine code to the Low-Level Virtual Machine (LLVM) compiler's intermediate representation, thereby enabling existing security-related analyses to be applied to binary programs. The prototype targets ARM binaries but can be extended to support other architectures. Several programs are translated from ARM binaries and analyzed with existing analysis tools. Programs lifted from ARM binaries are an average of 3.73 times larger than the same programs compiled from a high-level language (HLL).This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions
Given the increasingly prominent cyber-based threat, there are substantial research and development efforts underway in network and host-based intrusion detection using single-packet traffic analysis. However, there is a noticeable lack of research and development in the intrusion detection realm with regard to attacks that span multiple packets. This leaves a conspicuous gap in intrusion detection capability because not all attacks can be found by examining single packets alone. Some attacks may only be detected by examining multiple network packets collectively, considering how they relate to the "big picture," not how they are represented as individual packets. This research demonstrates a multiple-packet relational sensor in the context of a Computer Immune System (CIS) model to search for attacks that might otherwise go unnoticed via single-packet detection methods. Using relational schemata, multiple-packet CIS sensors define "self" based on equal, less than, and greater than relationships between fields of routine network packet headers. Attacks are then detected by examining how the relationships among attack packets may lay outside of the previously defined "self." Furthermore, this research presents a graphical, user-interactive means of network packet inspection to assist in traffic analysis of suspected intrusions. The visualization techniques demonstrated here provide a valuable tool to assist the network analyst in discriminating between true network attacks and false positives, often a time-intensive, and laborious process.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Geolocation of a Node on a Local Area Network
Geolocation is the process of identifying a node using only its Internet Protocol (IP) address. Locating a node on a LAN poses particular challenges due to the small scale of the problem and the increased significance of queuing delay. This study builds upon existing research in the area of geolocation and develops a heuristic tailored to the difficulties inherent in LANs called the LAN Time to Location Heuristic (LTTLH).LTTLH uses several polling nodes to measure latencies to end nodes, known locations within the LAN. The Euclidean distance algorithm is used to compare the results wit`h the latency of a target in order to determine the target's approximate location.Using only these latency measurements, LTTLH is able to determine which switch a target is connected to 95% of the time. Within certain constraints, this method is able to identify the target location 78% of the time. However, LANs are not always configured within the constraints necessary to geolocate a node. In order for LTTLH to be effective, a network must be configured consistently, with similar length cable runs available to nodes located in the same area. For best results, the network should also be partitioned, grouping nodes of similar proximity behind one switch.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
A Distributed Agent Architecture for a Computer Virus Immune System
Information superiority is identified as an Air Force core competency and is recognized as a key enabler for the success of future missions. Information protection and information assurance are vital components required for achieving superiority in the Infosphere, but these goals are threatened by the exponential birth rate of new computer viruses. The increased global interconnectivity that is empowering advanced information systems is also increasing the spread of malicious code and current anti-virus solutions are quickly becoming overwhelmed by the burden of capturing and classifying new viral stains. To overcome this problem, a distributed computer virus immune system (CVIS) based on biological strategies is developed. The biological immune system (BIS) offers a highly parallel defense-in-depth solution for detecting and eliminating foreign invaders. Each component of the BIS can be viewed as an autonomous agent. Only through the collective actions of this multi-agent system can non-self entities be detected and removed from the body. This research develops a model of the BIS and utilizes software agents to implement a CVIS. The system design validates that agents are an effective methodology for the construction of an artificial immune system largely because the biological basis for the architecture can be described as a system of collaborating agents. The distributed agent architecture provides support for detection and management capabilities that are unavailable in current anti-virus solutions. However, the slow performance of the Java and the Java Shared Data Toolkit implementation indicate the need for a compiled language solution and the importance of understanding the performance issues in agent system design. The detector agents are able to distinguish self from non-self within a probabilistic error rate that is tunable through the proper selection of system parameters. This research also shows that by fighting viruses using an immune system model, tThis work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Psychological Operations Within the Cyberspace Domain
The importance of cyberspace and the utility of networked computer systems have grown exponentially over the past 20 years. For this reason, this study advances a concept for employing the mission essential functions of Psychological Operations within the cyberspace domain to influence an adversary, key decision makers and relevant publics across the full range of military operations in support of the Joint Force Commander. It addresses the different types of persuasive technologies and the advantages that this domains offers to Psychological Operations professionals. The analysis demonstrates that PSYOP capabilities developed to exploit the unique nature of the cyberspace domain can be extremely persuasive if properly integrated into Joint Force Operations. Effects created within the cyber domain can have real-world results that drive relevant publics to make decisions favorable to the Joint Force.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Routing of Time-Sensitive Data in Mobile Ad Hoc Networks
Mobile networks take the communication concept one step further than wireless networks. In these networks, all nodes in the network are assumed to be mobile. These networks are also called mobile ad hoc networks, due to their mobility and random configurations. Ad hoc networking is a relatively new concept; consequently, many researches are in progress focusing on each level of the network stack of ad hoc networks. This research focuses on the routing of time-sensitive data in ad hoc networks. A routing protocol named Ad hoc On-demand Distance Vectoring (AODV), which has been developed by Internet Engineering Task Force (IETF) for ad hoc networks, has been studied. Taking this protocol as a point of departure, a new routing protocol named as Real Time Routing Protocol (RTRP) was developed while considering the characteristics of time-sensitive data. These two routing protocols have been modeled using OPNET, a discrete-event network simulation tool, and simulations were run to compare the performances of these protocols.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Emerging Roles of Combat Communication Squadrons in Cyber Warfare As Related to Computer Network Attack, Defense And Exploitation
The warfighter has become increasingly dependent of the cyber domain and the computer network that all the deployed forces use to plan and execute the Commander's intent and accomplish the objectives for mission success. The full spectrum of cyber dominance must include the need for computer network attack, defense and exploitation (CNA/D/E) at the tactical level. The combat communications squadrons (CCS) are the Air Force's deployable communication force structure for the joint and coalition war ghter during combat and Humanitarian Relief Operations. With the growing intensity to defend the warfighter's mission that is dependent on the network, instead of defending the entire Air Force GIG, the CCS's core competencies must continue to move from network assurance to mission assurance in a tactical communication environment. In order to provide this complete capability for the war ghter, the combat communication squadrons should reshape their mission to include the cyber operations focus of CNA/D/E. The CCS mission should strive to balance bare-base operations with the CNA/D/E capabilities and evolve combat communication squadrons into a total cyber force tactical unit. Therefore, it only makes sense that mission assurance at the lowest possible denominator must be achieved and maintained. This research intends to show how an Air Force CCS can provide those complete cyber capabilities needed for a deployed force commander to obtain full mission assurance in the cyber domain through a new CCS team structure and time-phased implementation plan.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Passwords
The purpose of this research was to see how individuals use and remember passwords. Specifically, this thesis sought to answer research questions addressing if organizational parameters are influencing behaviors associated with password choice and to what effect. Volunteers answered the research questions via a web-survey. The research identified the need for an evaluation of how organizations limit password choice by setting parameters for individuals.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Formal Mitigation Strategies for the Insider Threat
The advancement of technology and reliance on information systems have fostered an environment of sharing and trust. The rapid growth and dependence on these systems, however, creates an increased risk associated with the insider threat. The insider threat is one of the most challenging problems facing the security of information systems because the insider already has capabilities within the system. Despite research efforts to prevent and detect insiders, organizations remain susceptible to this threat because of inadequate security policies and a willingness of some individuals to betray their organization. To investigate these issues, a formal security model and risk analysis framework are used to systematically analyze this threat and develop effective mitigation strategies. This research extends the Schematic Protection Model to produce the first comprehensive security model capable of analyzing the safety of a system against the insider threat. The model is used to determine vulnerabilities in security policies and system implementation. Through analysis, mitigation strategies that effectively reduce the threat are identified. Furthermore, an action-based taxonomy that expresses the insider threat through measurable and definable actions is presented.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Defensive Cyber Battle Damage Assessment Through Attack Methodology Modeling
Due to the growing sophisticated capabilities of advanced persistent cyber threats, it is necessary to understand and accurately assess cyber attack damage to digital assets. This thesis proposes a Defensive Cyber Battle Damage Assessment (DCBDA) process which utilizes the comprehensive understanding of all possible cyber attack methodologies captured in a Cyber Attack Methodology Exhaustive List (CAMEL). This research proposes CAMEL to provide detailed knowledge of cyber attack actions, methods, capabilities, forensic evidence and evidence collection methods. This product is modeled as an attack tree called the Cyber Attack Methodology Attack Tree (CAMAT). The proposed DCBDA process uses CAMAT to analyze potential attack scenarios used by an attacker. These scenarios are utilized to identify the associated digital forensic methods in CAMEL to correctly collect and analyze the damage from a cyber attack. The results from the experimentation of the proposed DCBDA process show the process can be successfully applied to cyber attack scenarios to correctly assess the extent, method and damage caused by a cyber attack.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Geolocation of a Node on a Local Area Network
Geolocation is the process of identifying a node using only its Internet Protocol (IP) address. Locating a node on a LAN poses particular challenges due to the small scale of the problem and the increased significance of queuing delay. This study builds upon existing research in the area of geolocation and develops a heuristic tailored to the difficulties inherent in LANs called the LAN Time to Location Heuristic (LTTLH).LTTLH uses several polling nodes to measure latencies to end nodes, known locations within the LAN. The Euclidean distance algorithm is used to compare the results wit`h the latency of a target in order to determine the target's approximate location.Using only these latency measurements, LTTLH is able to determine which switch a target is connected to 95% of the time. Within certain constraints, this method is able to identify the target location 78% of the time. However, LANs are not always configured within the constraints necessary to geolocate a node. In order for LTTLH to be effective, a network must be configured consistently, with similar length cable runs available to nodes located in the same area. For best results, the network should also be partitioned, grouping nodes of similar proximity behind one switch.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Digital Warfare
Digital Data Warfare (DDW) is an emerging field that has great potential as a means to meet military, political, economic, and personal objectives. Distinguished from the "hacker" variety of malicious computer code, by its predictable nature and the ability to target specific systems, DDW provides the hacker with the means to deny, degrade, decieve, and/or exploit a targeted system. The five phases of DDW attack--penetration, propogation, dormancy, execution, and termination, are presented for the first time by the author in this paper. The nature allows it to be used in the stategic, operational, and tactical warfare roles. Three questions should be considered when developing a strategy for employing DDW: (1) Who should control the employment of DDW? (2) What types of systems should be targeted, and (3) Under what circumstances should DDW be used? Finally, a brief overview of possible countermeasures against DDW is provided as well as an outline of an effective information system security program that would provide a defense against DDW.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Toward Cyber Omniscience
It is widely accepted that cyberspace is a vulnerable and highly contested environment. The United Sates has and will face threats to its national security in the realm. As a result, the Office of the Secretary of Defense (OSD) has decided to consider new and evolving theories of deterrence to address the cyber domain. This OSD-sponsored paper examines a new cyberspace deterrence option know as cyber omniscience. Set in the year 2035, this paper will begin the process of developing the theory of cyber omniscience as a DoD deterrent. At the heart of cyber deterrence lays this question: "As technology rapidly advances in the contested cyber domain, can hostile individuals be deterred from employing highly advanced technologies through cyberspace that threaten national survival?" To answer this question, this paper will investigate a number of issues with regard to cyberspace deterrence: anticipated life (societal norms) and technology in 2035, hostile individual threats, what cyber omniscience entails, privacy issues, and policy recommendations. This multi-pronged approach will serve as the catalyst to a better understanding of the future of cyberspace, the threats, and deterrence.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
Cybermad
"Cyberspace has grown in importance to the United States (US), as well as the rest of the word. As such, the impact of cyberspace attacks have increased with time. Threats can be categorized as state or non-state actors. This research paper looks at state actors. It asks the question, should the US adopt a mutually assured destruction (MAD) doctrine for cyberspace? In order to answer this question, this research used a parallel historical case study. The case study was the US's nuclear MAD doctrine of the 1960s.This work has been selected by scholars as being culturally important, and is part of the knowledge base of civilization as we know it. This work was reproduced from the original artifact, and remains as true to the original work as possible. Therefore, you will see the original copyright references, library stamps (as most of these works have been housed in our most important libraries around the world), and other notations in the work.This work is in the public domain in the United States of America, and possibly other nations. Within the United States, you may freely copy and distribute this work, as no entity (individual or corporate) has a copyright on the body of the work.As a reproduction of a historical artifact, this work may contain missing or blurred pages, poor pictures, errant marks, etc. Scholars believe, and we concur, that this work is important enough to be preserved, reproduced, and made generally available to the public. We appreciate your support of the preservation process, and thank you for being an important part of keeping this knowledge alive and relevant.
