Cyber warfare: African research must address emerging reality

This thematic report sets out the case for why studies in cyber security and cyber conflict need to be prominent in the African digital transformation research agenda.CA2016www.wits.ac.za/linkcentre/aji

A systematic literature review of cyberwarfare and state-sponsored hacking teams

It is expected that the creation of next-generation wireless networks would result in the availability of high-speed and low-latency connectivity for every part of our life. As a result, it is important that the network is secure. The network's security environment has grown more complicated as a result of the growing number of devices and the diversity of services that 5G will provide. This is why it is important that the development of effective security solutions is carried out early. Our findings of this review have revealed the various directions that will be pursued in the development of next-generation wireless networks. Some of these include the use of Artificial Intelligence and Software Defined Mobile Networks. The threat environment for 5G networks, security weaknesses in the new technology paradigms that 5G will embrace, and provided solutions presented in the key studies in the field of 5G cyber security are all described in this systematic literature review for prospective researchers. Future research directions to protect wireless networks beyond 5G are also covered.Comment: 3 figure

Zero day exploits and national readiness for cyber-warfare

A zero day vulnerability is an unknown exploit that divulges security flaws in software before such a flaw is publicly reported or announced. But how should a nation react to a zero day? This question is a concern for most national governments, and one that requires a systematic approach for its resolution. The securities of critical infrastructure of nations and states have been severally violated by cybercriminals. Nation-state espionage and the possible disruption and circumvention of the security of critical networks has been on the increase. Most of these violations are possible through detectable operational bypasses, which are rather ignored by security administrators. One common instance of a detectable operational bypass is the non-application of periodic security updates and upgrades from software and hardware vendors. Every software is not necessarily in its final state, and the application of periodic updates allow for the patching of vulnerable systems, making them to be secure enough to withstand an exploit. To have control over the security of critical national assets, a nation must be “cyber-ready” through the proper management of vulnerabilities and the deployment of the rightful technology in the cyberspace for hunting, detecting and preventing cyber-attacks and espionage. To this effect, this paper discusses the implications of zero day exploits and highlights the dangers posed by this cankerworm for an unprepared nation. The paper also adopts the defence-in-depth strategy for national readiness and a foolproof system that enforces the security of critical national infrastructure at all levels.Keywords: exploits, zero day, vulnerability, cyberspace, cyber-warfar

Cyber Warfare Impact to National Security - Malaysia Experiences

This study analyzed the cyber warfare impact on national security and focusing on Malaysia experiences. The issues regarding cyber warfare have become a serious concern since it was a risk of national security in Malaysia. The objectives of the study are to analyze issues related to cyber warfare that affected Malaysian system security, to determine causes that caused to cyber warfare. This study used a qualitative research approach to evaluate the current defense approaches related to cyber warfare in Malaysia. The interviews were conducted with the respective respondents: the Senior Manager, Research Management Centre, Strategic Research, and Advisory Department of Cyber Security Malaysia Department. This study can contribute to expanding the security of national security by demanding the government to adopt a broad acquisition risk management strategy. It can assist in the development of highly effective aggressive and defensive methods to any company dealing with future cyber warfare challenges and risk.   Keywords: cyber warfare, national security, experiences

TESTING DECEPTION WITH A COMMERCIAL TOOL SIMULATING CYBERSPACE

Deception methods have been applied to the traditional domains of war (air, land, sea, and space). In the newest domain of cyber, deception can be studied to see how it can be best used. Cyberspace operations are an essential warfighting domain within the Department of Defense (DOD). Many training exercises and courses have been developed to aid leadership with planning and to execute cyberspace effects that support operations. However, only a few simulations train cyber operators about how to respond to cyberspace threats. This work tested a commercial product from Soar Technologies (Soar Tech) that simulates conflict in cyberspace. The Cyberspace Course of Action Tool (CCAT) is a decision-support tool that evaluates defensive deception in a wargame simulating a local-area network being attacked. Results showed that defensive deception methods of decoys and bait could be effective in cyberspace. This could help military cyber defenses since their digital infrastructure is threatened daily with cyberattacks.Marine Forces Cyberspace CommandChief Petty Officer, United States NavyChief Petty Officer, United States NavyApproved for public release. Distribution is unlimited

Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies

The scalable, low overhead attributes of Peer-to-Peer (P2P) Internet protocols and networks lend themselves well to being exploited by criminals to execute a large range of cybercrimes. The types of crimes aided by P2P technology include copyright infringement, sharing of illicit images of children, fraud, hacking/cracking, denial of service attacks and virus/malware propagation through the use of a variety of worms, botnets, malware, viruses and P2P file sharing. This project is focused on study of active P2P nodes along with the analysis of the undocumented communication methods employed in many of these large unstructured networks. This is achieved through the design and implementation of an efficient P2P monitoring and crawling toolset. The requirement for investigating P2P based systems is not limited to the more obvious cybercrimes listed above, as many legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g, voice over IP, instant messaging, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. In this work we introduce the Universal P2P Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in P2P network functionality. In combination with a reference database of known network characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework, which can intelligently determine the best investigation methodology and greatly expedite the evidence gathering process. A proof of concept tool was developed for conducting investigations on the BitTorrent network.Comment: This is a thesis submitted in fulfilment of a PhD in Digital Forensics and Cybercrime Investigation in the School of Computer Science, University College Dublin in October 201

Designing, Building, and Modeling Maneuverable Applications within Shared Computing Resources

Extending the military principle of maneuver into war-fighting domain of cyberspace, academic and military researchers have produced many theoretical and strategic works, though few have focused on researching actual applications and systems that apply this principle. We present our research in designing, building and modeling maneuverable applications in order to gain the system advantages of resource provisioning, application optimization, and cybersecurity improvement. We have coined the phrase “Maneuverable Applications” to be defined as distributed and parallel application that take advantage of the modification, relocation, addition or removal of computing resources, giving the perception of movement. Our work with maneuverable applications has been within shared computing resources, such as the Clemson University Palmetto cluster, where multiple users share access and time to a collection of inter-networked computers and servers. In this dissertation, we describe our implementation and analytic modeling of environments and systems to maneuver computational nodes, network capabilities, and security enhancements for overcoming challenges to a cyberspace platform. Specifically we describe our work to create a system to provision a big data computational resource within academic environments. We also present a computing testbed built to allow researchers to study network optimizations of data centers. We discuss our Petri Net model of an adaptable system, which increases its cybersecurity posture in the face of varying levels of threat from malicious actors. Lastly, we present work and investigation into integrating these technologies into a prototype resource manager for maneuverable applications and validating our model using this implementation

Identification of military Cyber Red teams skills and proposed continuous training methodology for projecting power in cyber warfare

Dissertação (mestrado)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, Mestrado Profissional em Engenharia Elétrica, 2020.Defesa, reconhecimento e ataque são pré-requisitos para a projeção do poder militar na guerra cibernética e a eficácia das forças armadas nessas atividades determinam a imposição do Estado no mundo contemporâneo. Para melhorar suas habilidades cibernéticas, as organizações mili- tares, geralmente, criam exercícios para suas equipes ofensivas e defensivas. Esses exercícios aumentam as habilidades cibernéticas, mas são periódicos e dependem da disponibilidade de pro- fissionais. Para além disso, nota-se também que existe uma grande dificuldade, principalmente pelos Estados menos desenvolvidos, de estabelecer as habilidades necessárias a serem buscadas para suas equipes ofensivas. Isso acontece, pois determinados nichos como no caso das orga- nizações militares possuem certas peculiaridades que precisam ser bem compreendidas antes da implantação de um cyber red team. Neste trabalho são identificadas as competências que um cyber red team deve ter no contexto militar. Foram identificadas quatro competências macro, de onde se originaram mais oito competências, a partir das suas intersecções sucessivas. Com isso, pretende-se apresentar uma visão mais clara das competências necessárias para um cyber red team militar, de forma a aumentar a eficiência de sua montagem e ação nesse contexto. Para esse fim, este trabalho propõe também uma metodologia de treinamento contínuo que não exige que os profissionais se envolvam exclusivamente nos exercícios, mas que permite um aumento cons- tante das habilidades cibernéticas. Essa metodologia proposta trabalha com três redes diferentes em paralelo. Uma rede exclusiva para desenvolvimento de ataques, outra para confronto real em ambiente simulado e a rede de produção, que sofre correções de acordo com as falhas encontra- das no confronto simulado. Para eficácia dessa metodologia proposta, leva-se em consideração que existem três equipes, o cyber red team para ações ofensivas, o cyber blue team para ações defensivas e o cyber purple team que é responsável por gerenciar as infraestruturas das redes pro- postas na metodologia. A eficácia da metodologia foi demonstrada a partir de um experimento de aproximadamente nove meses que foi realizado com a participação de dezessete militares. Neste experimento foi constatado o aprimoramento das habilidades inerentes aos pré-requisitos para a projeção do poder militar na guerra cibernética, sem causar danos à atividade real.Defense, reconnaissance and attack are prerequisites for the military power projection when considering cyber warfare, also the effectiveness of the armed forces in these activities determi- nes the imposition of the its States in the contemporary world. In order to improve cyber skills of their personnel, military organizations often create exercises to put to the test cyber red and blue teams. Such exercises increase their cyber skills, but they are periodic and high dependent on the availability of professionals. In addition, it is also noted that there is a great difficulty, mainly by the less developed States to establish the necessary skills to be sought for their offensive teams. This happens because certain niches as in the case of military organizations have peculiarities that must be well understood before to implement a cyber red team. This work identifies the com- petencies required for a cyber red team in the military context. Four macro competences were specified, originating by their successive intersections eight more competences. In this context, we expect to provide a better vision of the skills needed for a military cyber red team, in order to increase the efficiency of its composition and action in this context. With such considerations in mind, this work proposes a cyber red team formation methodology with continuous training that does not require professionals to be exclusively involved in the exercises, but which permits a constant development of cyber skills. The proposed methodology also considers different kno- wledge domains with three different networks in parallel. An exclusive network for cyber attacks developments, another for attack and defense teams confrontation in a simulated environment and the production network, which is corrected according to the flaws found in the simulated confrontation. For the effectiveness of the proposed methodology, there must be three cyber te- ams, the cyber red team for offensive actions, the cyber blue team for defensive actions and the cyber purple team, which acts as judge and manages the infrastructures of the networks proposed in the methodology. Methodology effectiveness was demonstrated from an experiment of nine months approximately that was carried out with the participation of seventeen militaries. In this experiment, the skills inherent in prerequisites for the military power projection in cyber warfare inhanced and there was not causing real damage to cyber production environments

The Legal Aspects of Cybercrime in Nigeria: An Analysis with the UK Provisions

Cybercrime offences know no limits to physical geographic boundaries and have continued to create unprecedented issues regarding to the feasibility and legitimacy of applying traditional legislations based on geographic boundaries. These offences also come with procedural issues of enforcement of the existing legislations and continue to subject nations with problems unprecedented to its sovereignty and jurisdictions. This research is a critical study on the legal aspects of cybercrime in Nigeria, which examines how laws and regulations are made and applied in a well-established system to effectively answer questions raised by shortcomings on the implementation of cybercrime legislations, and critically reviews various laws in Nigeria relating or closely related to cybercrime. This research will provide insight into current global cybercrime legislations and the shortfalls to their procedural enforcement; and further bares the cybercrime issues in Nigeria while analysing and proffering a critique to the provisions as provided in the recently enacted Nigerian Cybercrime (Prohibition and Prevention) Act 2015, in contradistinction to the existing legal framework in the United Kingdom and the other regional enactments like the Council of Europe Convention on Cybercrime, African Union Convention on Cybersecurity and Personal Data Protection 2014, and the ECOWAS Directive on Cybercrime 2011

Application of service composition mechanisms to Future Networks architectures and Smart Grids

Aquesta tesi gira entorn de la hipòtesi de la metodologia i mecanismes de composició de serveis i com es poden aplicar a diferents camps d'aplicació per a orquestrar de manera eficient comunicacions i processos flexibles i sensibles al context. Més concretament, se centra en dos camps d'aplicació: la distribució eficient i sensible al context de contingut multimèdia i els serveis d'una xarxa elèctrica intel·ligent. En aquest últim camp es centra en la gestió de la infraestructura, cap a la definició d'una Software Defined Utility (SDU), que proposa una nova manera de gestionar la Smart Grid amb un enfocament basat en programari, que permeti un funcionament molt més flexible de la infraestructura de xarxa elèctrica. Per tant, revisa el context, els requisits i els reptes, així com els enfocaments de la composició de serveis per a aquests camps. Fa especial èmfasi en la combinació de la composició de serveis amb arquitectures Future Network (FN), presentant una proposta de FN orientada a serveis per crear comunicacions adaptades i sota demanda. També es presenten metodologies i mecanismes de composició de serveis per operar sobre aquesta arquitectura, i posteriorment, es proposa el seu ús (en conjunció o no amb l'arquitectura FN) en els dos camps d'estudi. Finalment, es presenta la investigació i desenvolupament realitzat en l'àmbit de les xarxes intel·ligents, proposant diverses parts de la infraestructura SDU amb exemples d'aplicació de composició de serveis per dissenyar seguretat dinàmica i flexible o l'orquestració i gestió de serveis i recursos dins la infraestructura de l'empresa elèctrica.Esta tesis gira en torno a la hipótesis de la metodología y mecanismos de composición de servicios y cómo se pueden aplicar a diferentes campos de aplicación para orquestar de manera eficiente comunicaciones y procesos flexibles y sensibles al contexto. Más concretamente, se centra en dos campos de aplicación: la distribución eficiente y sensible al contexto de contenido multimedia y los servicios de una red eléctrica inteligente. En este último campo se centra en la gestión de la infraestructura, hacia la definición de una Software Defined Utility (SDU), que propone una nueva forma de gestionar la Smart Grid con un enfoque basado en software, que permita un funcionamiento mucho más flexible de la infraestructura de red eléctrica. Por lo tanto, revisa el contexto, los requisitos y los retos, así como los enfoques de la composición de servicios para estos campos. Hace especial hincapié en la combinación de la composición de servicios con arquitecturas Future Network (FN), presentando una propuesta de FN orientada a servicios para crear comunicaciones adaptadas y bajo demanda. También se presentan metodologías y mecanismos de composición de servicios para operar sobre esta arquitectura, y posteriormente, se propone su uso (en conjunción o no con la arquitectura FN) en los dos campos de estudio. Por último, se presenta la investigación y desarrollo realizado en el ámbito de las redes inteligentes, proponiendo varias partes de la infraestructura SDU con ejemplos de aplicación de composición de servicios para diseñar seguridad dinámica y flexible o la orquestación y gestión de servicios y recursos dentro de la infraestructura de la empresa eléctrica.This thesis revolves around the hypothesis the service composition methodology and mechanisms and how they can be applied to different fields of application in order to efficiently orchestrate flexible and context-aware communications and processes. More concretely, it focuses on two fields of application that are the context-aware media distribution and smart grid services and infrastructure management, towards a definition of a Software-Defined Utility (SDU), which proposes a new way of managing the Smart Grid following a software-based approach that enable a much more flexible operation of the power infrastructure. Hence, it reviews the context, requirements and challenges of these fields, as well as the service composition approaches. It makes special emphasis on the combination of service composition with Future Network (FN) architectures, presenting a service-oriented FN proposal for creating context-aware on-demand communication services. Service composition methodology and mechanisms are also presented in order to operate over this architecture, and afterwards, proposed for their usage (in conjunction or not with the FN architecture) in the deployment of context-aware media distribution and Smart Grids. Finally, the research and development done in the field of Smart Grids is depicted, proposing several parts of the SDU infrastructure, with examples of service composition application for designing dynamic and flexible security for smart metering or the orchestration and management of services and data resources within the utility infrastructure