The transition of the warfare mentality from the conventional domains of engagement (air, land, maritime, and space) to the cyberspace domain has not been an easy one for established organizations... Show More

The transition of the warfare mentality from the conventional domains of engagement (air, land, maritime, and space) to the cyberspace domain has not been an easy one for established organizations and institutions. The battlefield, in which now speed and stealth instead of size and budget are the determining factors that provide an edge have not well for many, especially those in the military. Now they do not clearly dictate who amongst combatants have the ‘upper hand' and represent a significant paradigm shift from factors that were very good predictors of a potential outcome of military conflicts. The battles of the past were largely over territories and resources (Landscape Metrics, 2015). We see outcomes now being influenced by a broader range of factors, including politics, culture, economy, religion, and ethnicity. These new ‘pivot points' for conflict require a very different understanding and approach to achieve desired outcomes. Technology continues to be the main enabler that has transformed the battlefield and the rules of engagement from the conventional domains to cyberspace. The issue of attribution has been a huge differentiator and looms very large in cyberspace conflicts because it is very difficult to determine within a sufficient timeframe the source of an attack and to be able to respond to or prevent attacks. Now conflicts have expanded in such a way that combatants now cross all prospective levels of society from targets to attackers or perpetrators. The low cost required to provide significant damage to a desired target environment in cyberspace has been a game changer. As a result, the rules of engagement which were much clearer in conventional domains on military fronts are much more blurred due to the new realm of combatants, and as such, has changed many of the approaches and methodologies that were standard practices in traditional campaigns. In this paper, we focus on cyber conflicts and how the cultural differences of these three communities have plagued the ability to achieve a simple and coherent response against attackers and perpetrators. We pursue the relevance of trust and deterrence and their influence on ‘warfare' tactics in the cyberspace domain. We also look at culture and the ‘new norm' and how they have required consideration of new and unconventional approaches. We see how data can better inform decision makers and those responsible for designing and implementing campaigns in this new era of conflict. Our results indicate the need for a different model to work through the differences in culture if better are to be obtained by the combatants. In addition, we see that an approach that includes cyber deterrence framed in the context of active defense provides optimism on future outcomes.

Cyber threats pose a growing risk to national security for all nations; cyberpower is consequently becoming an increasingly prominent driver in the attainment of national security for any state.... Show More

Cyber threats pose a growing risk to national security for all nations; cyberpower is consequently becoming an increasingly prominent driver in the attainment of national security for any state. This paper investigates the national cyberpower environment by analysing the elements of cyberspace as part of national security. David Jablonsky (1997) distinguishes between natural and social determinants of power in his discussion of national power. Also, Jablonsky refers to Ray Cline's formula (Cline, 1993) to determine a rough estimate of “perceived” national power by focusing primarily on a state's capacity to wage war. In this paper, the formula for Perceived Power (PP) will be adapted for use in cyberspace to create a similar formula for Perceived Cyberpower (PCP) that focuses primarily on a state's capacity for cyberwarfare. Military cyberpower is one of the critical elements of cyberpower. The paper also discusses how to operationalise military cyberpower.

Recent attacks against critical infrastructures have shown that it is possible to take down an entire infrastructure by targeting only a few of its components. To prevent or minimize the effects of... Show More

Recent attacks against critical infrastructures have shown that it is possible to take down an entire infrastructure by targeting only a few of its components. To prevent or minimize the effects of this kind of attacks, it is necessary to identify these critical components whose disruption, damage or destruction can lead to the paralysis of an infrastructure. This paper shows that the identification of critical components can be made thanks to a particular pattern of the graph theory: the vertex cover. To illustrate how the vertex cover can be useful for the identification of critical components, the electrical power transmission and distribution system of the United States is used as an example. It is shown how it is possible to build an attack scenario against an infrastructure with the results of a vertex cover algorithm.

Internet-enabled devices or Internet of Things as it has been prevailed are increasing exponentially every day. The lack of security standards in the manufacturing of these devices along with the... Show More

Internet-enabled devices or Internet of Things as it has been prevailed are increasing exponentially every day. The lack of security standards in the manufacturing of these devices along with the haste of the manufacturers to increase their market share in this area has created a very large network of vulnerable devices that can be easily recruited as bot members and used to initiate very large volumetric Distributed Denial of Service (DDoS) attacks. The significance of the problem can be easily acknowledged due to the large number of cases regarding attacks on institutions, enterprises and even countries which have been recently revealed. In the current paper a novel method is introduced, which is based on a data mining technique that can analyze incoming IP traffic details and early warn the network administrator about a potentially developing DDoS attack. The method can scale depending on the availability of the infrastructure from a conventional laptop computer to a complex cloud infrastructure. Based on the hardware configuration as it is proved with the experiments the method can easily monitor and detect abnormal network traffic of several Gbps in real time using the minimum hardware equipment.