Franz, T. (2011, Summer). The cyber warfare professional: Realizations for developing the next generation. Air and Space Power Journal, 26(2), 87-99. Retrieved from http://www.airpower.au.af.mil/ [Full text available in the Academic Search Complete database.]
The cyberspace environment presents conceptual and operational challenges for military leaders not unlike those associated with the early days of human flight. As technologies emerged to exploit each new domain, leaders at first dismissed them before finally recognizing the importance of dominance in the new environment. Although exploiting and defending cyberspace carries an opportunity cost, as early military leaders discovered with airpower, failing to properly organize, train, and equip for the new domain can undermine our current military advantage and our prospects for success.
The National Security Agency is on a hiring blitz. The cryptologic intelligence agency - home to the government's chief codemakers and breakers - announced its intention to hire as many as 3,000 people over the next two years, many of them cybersecurity experts. In fact, NSA recruiters even took a trip to Las Vegas in the last few weeks to look for potential hires at DefCon, a high-profile hacker conference there. Dickie George, the technical director of the Information Assurance Directorate at NSA, told the Federal Drive the agency is partnering with academia and industry to find the "best and brightest" in cybersecurity.
Ryan, J., Mazzuchi, T. A., Ryan, D. J., de la Cruz, J. L., & Cooke, R. (2012). Quantifying information security risks using expert judgment solicitation. Computers and Operations Research, 39(4), 774-784. doi:10.1016/j.cor.2010.11.013 [Full text available in the ScienceDirect database.]
In the information security business, 30 years of practical and theoretical research has resulted in a fairly sophisticated appreciation for how to judge the qualitative level of risk faced by an enterprise. Based upon that understanding, there is a practical level of protection that a competent security manager can architect for a given enterprise. It would, of course, be better to use a quantitative approach to risk management, but, unfortunately, sufficient quantitative data that has been scientifically collected and analyzed does not exist. There have been many attempts to develop quantitative data using traditional quantitative methods, such as experiments, surveys, and observations, but there are significant weaknesses apparent in each approach. The research described in this paper was constructed to explore the utility of applying the well-established method of expert judgment elicitation to the field of information security. The instrument for eliciting the expert judgments was developed by two information security specialists and two expert judgment analysis specialists. The resultant instrument was validated using a small set of information security experts. The final instrument was used to elicit answers to both the calibration and judgment questions through structured interviews. The data was compiled and analyzed by a specialist in expert judgment analysis. This research illustrates the development of prior distributions for the parameters of models for cyber attacks and uses expert judgment results to develop the distributions.
McAfee white paper that links attacks on 70+ corporations and government agencies worldwide to a single actor, likely based in China. [More from the Washington Post.]
Beidel, E., & Magnuson, S. (2011, August). Government, military face severe shortage of cybersecurity experts. National Defense, 96(693), 32-34. Retrieved from http://www.ndia.org [Full text available in Academic Search Complete database.]
There is an acute shortage of Internet security experts in the government, and no large pool of applicants waiting in the wings to join the fight. "We need to be on the cutting edge with everyone else, from the teenager to the terrorist," Lt. Gen. Michael Basia, vice commander of Air Force Space Command, said at the Space Foundation's Cyber 1.1 conference in Colorado Springs, Colo., earlier this year. "For this domain, big brains are more important than big guns or big brawn."
Choo, K. R. (2011). The cyber threat landscape: Challenges and future research directions. Computers and Security (article accepted, in press). doi:10.1016/j.cose.2011.08.004 [Full text available in the ScienceDirect database.]
Cyber threats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. Increased variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain personal and confidential information, as highlighted in this paper. [I] describe how the Routine Activity Theory can be applied to mitigate these risks by reducing the opportunities for cyber crime to occur, making cyber crime more difficult to commit and by increasing the risks of detection and punishment associated with committing cyber crime. Potential research questions are also identified.
Goel, S. (2011). Cyberwarfare: Connecting the dots in cyber intelligence. Communications of the ACM, 54(8), 1132-1140. doi:10.1145/1978542.1978569 [Full text available in the Business Source Complete database.]
Discussion of "the cyberwarfare landscape, as well as the challenges involved in data collection, analysis, and attribution in cyberwarfare incidents."
Anonymous crosses swords with Facebook: Will hackers bring it down on Nov.5. (2011, August 10). International Business Times. Retrieved from http://www.ibtimes.com/
(
full text:
http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&bquery=(TI+(anonymous+AND+crosses+AND+swords+AND+with+AND+facebook))&type=1&site=eds-live&scope=site)
“The dark angels of anti-security, hacker collective Anonymous, have set eyes on Facebook for its alleged large-scale security violations and sell-off of private individuals' data to government agencies.”
Aruba Networks, Inc. (2011, August 10). Aruba Fields an impenetrable network based on Its Mobile Virtual Enterprise (MOVE) architecture at Black Hat USA 2011. Business Wire. Retrieved from http://www.businesswire.com/portal/site/home/
(
full text: http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bwh&AN=bizwire.c35955276&site=eds-live&scope=site)
“Aruba Networks, Inc. (NASDAQ:ARUN), which provided and maintained the wireless network for last week’s Black Hat USA 2011 conference in Las Vegas, Nev., today provided some interesting statistics around the network’s use. Black Hat is the world’s largest annual gathering of computer hackers, and has become one of the most important computer and networking security shows as a result.”
D’Agostino, D. M., & Wilshusen, G. C. (2011, July 29). Defense Department cyber efforts: Definition, focal point, and methodology needed for DOD to develop full-spectrum cyberspace budget estimates (A briefing for the Subcommittee on Energy Threats and Capabilities, Committee on Armed Services, House of Representatives). Retrieved from https://www.hsdl.org/?view&did=682639
“ This letter formally transmits the enclosed final briefing in response to a request from the House Armed Services Committee, Subcommittee on Emerging Threats and Capabilities, that asked GAO to examine the Department of Defense’s (DOD) cyber and information assurance budget for fiscal year 2012 and future years defense spending. The objectives of this review were to (1) assess the extent to which DOD has prepared an overarching budget estimate for full-spectrum cyberspace operations across the department; and (2) identify the challenges DOD has faced in providing such estimates. We provided your offices a preliminary briefing on these issues on April 28, 2011. “
Faysel, M. (2011). Design and implementation of a data mining based cyber attack defense technique for hospital information system (Doctoral dissertation). Retrieved from Dissertations & Theses database. (Publication No. AAT 3446509). Retrieved from http://proquest.umi.com.ezproxy.umuc.edu/pqdweb?did=2291671411&sid=1&Fmt=2&clientId=8724&RQT=309&VName=PQD
“A number of research have shown promising outcomes in detecting novel cyber attacks by applying data mining based anomaly detection techniques but most of them are not suitable for real-time cyber attack detection in a hospital network environment. This dissertation work presents design and implementation of a probabilistic data mining based cyber attack defense technique suitable for hospital information network. Utilizing weekly basis real-world hospital network traffic data for training the detection algorithm showed promising detection capabilities compared to a commercially used Intrusion Prevention System (IPS). The cyber defense technique developed in this dissertation work also had the capability of generating real-time cyber attack alert notification to administrator.”
Sengupta, S. (2011, August 7). U. S. agents, an aerial snoop and teams of hackers. New York Times, p. B6. Retrieved from http://www.nytimes.com/2011/08/08/technology/scenes-from-hacker-gatherings-in-las-vegas.html?pagewanted=1&_r=1&ref=computersecurity
“Naturally, federal agents have been hanging out at hacker gatherings for years to snoop. “Cloak and dagger,” as one put it. This time they came with another purpose: to schmooze, impress and, perhaps ultimately, lure. The United States Cyber Command, the Pentagon’s Internet defense arm, “has a work force issue,” said Daron Hartvigsen, special agent with the Air Force Office of Special Investigations. ‘We have needs that some in this community can solve. We need folks with skills.’ “
UN network compromised for two-years by unknown foreign power: Are Anonymous hackers helping the world get serious about cyber crime? (2011, August 3). International Business Times. Retrieved from http://www.ibtimes.com/
(
full text: http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&bquery=(TI+(un+AND+network+AND+compromised+AND+for))&type=1&site=eds-live&scope=site )
“With news just breaking that over 72 government and private organisations have fallen victim to cyber attacks, the debate about cyber security is more pertinent than ever. Yet, as Anonymous hackers continue to be targeted by the FBI, the question arises; has Anonymous and LulzSec's "hacktivism" helped the world get serious about hacking before it's too late?The Recent AttackEarlier today Security company McAfee revealed that it had uncovered what appears to be the largest coordinated hacking campaign ever seen, with 72 government and business organisations networks all being compromised.The laundry-list of victims included the United States, Taiwanese, Indian, South Korean, Vietnamese and Canadian governments. The report also highlighted the United Nations (UN), International Olympic Committee (IOC), the World Anti-Doping Agency and numerous tech companies -- some with high-profile military contracts -- as other targets.The campaign was discovered when McAffee researchers stumbled upon logs of the attacks on a server it was reviewing while investigating the 2009 defence company data breaches.According to the security firm the earliest network intrusions found thus far date back to mid-2006, possibly even earlier.”
Cybersecurity: Continued attention needed to protect our nation's critical infrastructure: Hearings before the Subcommittee on Oversight and Investigations, Committee on Energy and Commerce, House of Representatives, 112th Cong. (2011)(Statement of Gregory C. Wilshusen). Retrieved from https://www.hsdl.org/?view&did=682424"Increasing computer interconnectivity, such as the growth of the Internet, has revolutionized the way our government, our nation, and much of the world communicate and conduct business. However, this widespread interconnectivity poses significant risks to the government's and the nation's computer systems, and to the critical infrastructures they support. These critical infrastructures include systems and assets--both physical and virtual--that are essential to the nation's security, economic prosperity, and public health, such as financial institutions, telecommunications networks, and energy production and transmission facilities. Because most of these infrastructures are owned by the private sector, establishing effective public-private partnerships is essential to securing them from pervasive cyber-based threats. Federal law and policy call for federal entities, such as the Department of Homeland Security (DHS), to work with private-sector partners to enhance the physical and cyber security of these critical infrastructures."Kumar, P., & Selvakumar, S. (2011). Distributed denial of service attack detection using an ensemble of neural classifier. Computer Communications, 34(11), 1328-1341. doi:10.1016/j.comcom.2011.01.012 (full text available in the Science Direct database)“The vulnerabilities in the Communication (TCP/IP) protocol stack and the availability of more sophisticated attack tools breed in more and more network hackers to attack the network intentionally or unintentionally, leading to Distributed Denial of Service (DDoS) attack. The DDoS attacks could be detected using the existing machine learning techniques such as neural classifiers. These classifiers lack generalization capabilities which result in less performance leading to high false positives. This paper evaluates the performance of a comprehensive set of machine learning algorithms for selecting the base classifier using the publicly available KDD Cup dataset. Based on the outcome of the experiments, Resilient Back Propagation (RBP) was chosen as base classifier for our research. The improvement in performance of the RBP classifier is the focus of this paper. Our proposed classification algorithm, RBPBoost, is achieved by combining ensemble of classifier outputs and Neyman Pearson cost minimization strategy, for final classification decision. Publicly available datasets such as KDD Cup, DARPA 1999, DARPA 2000, and CONFICKER were used for the simulation experiments. RBPBoost was trained and tested with DARPA, CONFICKER, and our own lab datasets. Detection accuracy and Cost per sample were the two metrics evaluated to analyze the performance of the RBPBoost classification algorithm. From the simulation results, it is evident that RBPBoost algorithm achieves high detection accuracy (99.4%) with fewer false alarms and outperforms the existing ensemble algorithms. RBPBoost algorithm outperforms the existing algorithms with maximum gain of 6.6% and minimum gain of 0.8%.”The role of small business in strengthening cybersecurity efforts in the United States: Hearing before the Senate Committee on Small Business Entrepreneurship, 112th Cong. (2011) (testimony of Gregory von Lehmen). Retrieved from http://www.dnet.congress.org/congressorg/webreturn/?url=http://sbc.senate.gov (NOTE: click on Dr. von Lehmen’s name to obtain full text access to his testimony.)Zetter, K. (2011, July 11). How digital detectives deciphered Stuxnet, the most menacing malware in history. Wired.com. Retrieved from http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet/all/1“On the other side of the globe, a 52-year-old German named Ralph Langner was reading Symantec’s post with fascination. Langner had little interest in Windows systems or internet viruses — he doesn’t even have an internet connection at home. But he specializes in the obscure science of industrial-control-system security. It’s the only thing his three-man, boutique firm does. So he was particularly intrigued when Symantec wrote that Stuxnet was sabotaging PLCs…”
