An integrated network/firepower operation model based on Lanchester equation

In this paper, an analysis is made to the network/firepower integrated combat mode based on the development trend of future combat equipment and existing combat cases. Then, the system dynamics model of network/firepower integrated strike is established based on the mechanism of network reconnaissance/attack and firepower attack. The Attrition-Rate Coefficients model of network/firepower combat is established by studying the effectiveness evaluation method of network attack and firepower attack. The Lanchester model of network/firepower integrated confrontation covering normal nodes, infected nodes and all infected nodes is established. In order to study the dynamic, uncertain network counter process, a type of the vibration network attack is introduced to Lanchester equation and its effectiveness in network attack process is discussed by means of the simulation results

Agent Based Simulation Seas Evaluation of DoDAF Architecture

With Department of Defense (DoD) weapon systems being deeply rooted in the command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) structure, it is necessary for combat models to capture C4ISR effects in order to properly assess military worth. Unlike many DoD legacy combat models, the agent based model System Effectiveness and Analysis Simulation (SEAS) is identified as having C4ISR analysis capabilities. In lieu of requirements for all new DoD C4ISR weapon systems to be placed within a DoD Architectural Framework (DoDAF), investigation of means to export data from the Framework to the combat model SEAS began. Through operational, system, and technical views, the DoDAF provides a consistent format for new weapon systems to be compared and evaluated. Little research has been conducted to show how to create an executable model of an actual DoD weapon system described by the DoDAF. In collaboration with Systems Engineering masters student Captain Andrew Zinn, this research identified the Aerospace Operation Center (AOC) weapon system architecture, provided by the MITRE Corp., as suitable for translation into SEAS. The collaborative efforts lead to the identification and translation of architectural data products to represent the Time Critical Targeting (TCT) activities of the AOC. A comparison of the AOC weapon system employing these TCT activities with an AOC without TCT capabilities is accomplished within a Kosovo-like engagement (provided by Space and Missile Center Transformations Directorate). Results show statistically significant differences in measures of effectiveness (MOEs) chosen to compare the systems. The comparison also identified the importance of data products not available in this incomplete architecture and makes recommendations for SEAS to be more receptive to DoDAF data products

Modeling and Analysis of Resolve and Morale for the `Long War\u27

In The Art of War, Sun Tzu begins by stating: War is a matter of vital importance to the State; the province of life or death; the road to survival or ruin. It is mandatory that it be thoroughly studied. Sun Tzu follow\u27s this opening by stating five fundamental factors a commander must master to be successful in combat. The first of these factors is moral influence which Sun Tzu defines as that which causes the people to be in harmony with their leaders, so they will accompany them in life and death without fear of mortal peril. In the face of the instant communication provided by satellites, 24 hour news media coverage, and other technological advances, this factor is even more relevant today. This research provides an analytic framework, based on the principles of fourth generation operations, capturing the effects of will and resolve of the combatant and population. The strategic level model investigates the long term impacts of asymmetric conflict. These results are primarily measured in the socio-political arena rather than the military battlefield. The model developed in this dissertation remains a model of conflict and combat. However, some of the impacts from the political, economic, and informational instruments of power are represented in the model through the dynamic adaptation of public resolve and combat spirit. To paraphrase Sun Tzu, war is vitally important and must be studied. Therefore, this dissertation puts forth a means to model key aspects of conflict in the `long war\u27

Critical Infrastructure Protection Metrics and Tools Papers and Presentations

Contents: Dr. Hilda Blanco: Prioritizing Assets in Critical Infrastructure Systems; Christine Poptanich: Strategic Risk Analysis; Geoffrey S. French/Jin Kim: Threat-Based Approach to Risk Case Study: Strategic Homeland Infrastructure Risk Assessment (SHIRA); William L. McGill: Techniques for Adversary Threat Probability Assessment; Michael R. Powers: The Mathematics of Terrorism Risk Stefan Pickl: SOA Approach to the IT-based Protection of CIP; Richard John: Probabilistic Project Management for a Terrorist Planning a Dirty Bomb Attack on a Major US Port; LCDR Brady Downs: Maritime Security Risk Analysis Model (MSRAM); Chel Stromgren: Terrorism Risk Assessment and Management (TRAM); Steve Lieberman: Convergence of CIP and COOP in Banking and Finance; Harry Mayer: Assessing the Healthcare and Public Health Sector with Model Based Risk Analysis; Robert Powell: How Much and On What? Defending and Deterring Strategic Attackers; Ted G. Lewis: Why Do Networks Cascade

Pre-filters in-transit malware packets detection in the network

Conventional malware detection systems cannot detect most of the new malware in the network without the availability of their signatures. In order to solve this problem, this paper proposes a technique to detect both metamorphic (mutated malware) and general (non-mutated) malware in the network using a combination of known malware sub-signature and machine learning classification. This network-based malware detection is achieved through a middle path for efficient processing of non-malware packets. The proposed technique has been tested and verified using multiple data sets (metamorphic malware, non-mutated malware, and UTM real traffic), this technique can detect most of malware packets in the network-based before they reached the host better than the previous works which detect malware in host-based. Experimental results showed that the proposed technique can speed up the transmission of more than 98% normal packets without sending them to the slow path, and more than 97% of malware packets are detected and dropped in the middle path. Furthermore, more than 75% of metamorphic malware packets in the test dataset could be detected. The proposed technique is 37 times faster than existing technique

LOGISTICS IN CONTESTED ENVIRONMENTS

This report examines the transport and delivery of logistics in contested environments within the context of great-power competition (GPC). Across the Department of Defense (DOD), it is believed that GPC will strain our current supply lines beyond their capacity to maintain required warfighting capability. Current DOD efforts are underway to determine an appropriate range of platforms, platform quantities, and delivery tactics to meet the projected logistics demand in future conflicts. This report explores the effectiveness of various platforms and delivery methods through analysis in developed survivability, circulation, and network optimization models. Among other factors, platforms are discriminated by their radar cross-section (RCS), noise level, speed, cargo capacity, and self-defense capability. To maximize supply delivered and minimize the cost of losses, the results of this analysis indicate preference for utilization of well-defended convoys on supply routes where bulk supply is appropriate and smaller, and widely dispersed assets on shorter, more contested routes with less demand. Sensitivity analysis on these results indicates system survivability can be improved by applying RCS and noise-reduction measures to logistics assets.Director, Warfare Integration (OPNAV N9I)Major, Israel Defence ForcesCivilian, Singapore Technologies Engineering Ltd, SingaporeCommander, Republic of Singapore NavyCommander, United States NavyCaptain, Singapore ArmyLieutenant, United States NavyLieutenant, United States NavyMajor, Republic of Singapore Air ForceCaptain, United States Marine CorpsLieutenant, United States NavyLieutenant, United States NavyLieutenant, United States NavyLieutenant, United States NavyLieutenant, United States NavyCaptain, Singapore ArmyLieutenant Junior Grade, United States NavyCaptain, Singapore ArmyLieutenant Colonel, Republic of Singapore Air ForceApproved for public release. distribution is unlimite

A Strategic Analysis of Information Sharing Among Cyber Attackers

One firm invests in security to defend against cyber attacks by two hackers. Each hacker chooses an optimal attack, and they share information with each other about the firm's vulnerabilities. Each hacker prefers to receive information, but delivering gives competitive advantage to the other hacker. We find that each hacker's attack and information sharing are strategic complements while one hacker's attack and the other hacker's information sharing are strategic substitutes. The attack is inverse U-shaped in the firm's unit defense cost, and reaches zero, while the firm's defense and profit decrease, and the hackers' information sharing and profit increase. The firm's profit increases in the hackers' unit cost of attack, while the hackers' information sharing and profit decrease. Our analysis also reveals the interesting result that the cumulative attack level of the hackers is not affected by the effectiveness of information sharing between them and moreover, is also unaffected by the intensity of joint information sharing. We also find that as the effectiveness of information sharing between hackers increases relative to the investment in attack, the firm's investment in cyber security defense and profit are constant, the hackers' investments in attacks decrease, and information sharing levels and hacker profits increase. In contrast, as the intensity of joint information sharing increases, while the firm's investment in cyber security defense and profit remain constant, the hackers' investments in attacks increase, and the hackers' information sharing levels and profits decrease. Increasing the firm's asset causes all the variables to increase linearly, except information sharing which is constant. We extend our analysis to endogenize the firm's asset and this analysis largely confirms the preceding analysis with a fixed asset.Information Systems Working Papers Serie

Modeling insurgency attrition and population influence in irregular warfare

We develop a model that is a combination of Lanchester and Deitchman attrition models and population epidemic models. Based on different attrition, recruitment, and transition rules we study the relationships between dynamic population flow and insurgency success or failure. The goal of our work is to provide an analytical framework for these situations and to analyze the effect of different initial conditions and interactions on the success or failure of an insurgency. The models developed herein are descriptive, not predictive, and are designed to give decision makers an insight into a complex insurgency process.http://archive.org/details/modelinginsurgen109453418US Army (USA) author.Approved for public release; distribution is unlimited