Thoughts about a General Theory of Influence in a DIME/PMESII/ASCOP/IRC2 Model

The leading question of this paper is: “How would influence warfare (“iWar”) work and how can we simulate it?” The paper discusses foundational aspects of a theory and model of influence warfare by discussing a framework built along the DIME/PMESII/ASCOP dimension forming a prism with three axes. The DIME concept groups the many instruments of power a nation state can muster into four categories: Diplomacy, Information, Military and Economy. PMESII describes the operational environment in six domains: Political, Military, Economic, Social, Information and Infrastructure. ASCOPE is used in counter insurgency (COIN) environments to analyze the cultural and human environment (aka the “human terrain”) and encompasses Areas, Structures, Capabilities, Organization, People and Events. In addition, the model reflects about aspects of information collection requirements (ICR) and information capabilities requirements (ICR) - hence DIME/PMESII/ASCOP/ICR2. This model was developed from an influence wargame that was conducted in October 2018. This paper introduces basic methodical questions around model building in general and puts a special focus on building a framework for the problem space of influence/information/hybrid warfare takes its shape in. The article tries to describe mechanisms and principles in the information/influence space using cross discipline terminology (e.g. physics, chemistry and literature). On a more advanced level this article contributes to the Human, Social, Culture, Behavior (HSCB) models and community. One goal is to establish an academic, multinational and whole of government influence wargamer community. This paper introduces the idea of the perception field understood as a molecule of a story or narrative that influences an observer. This molecule can be drawn as a selection of vectors that can be built inside the DIME/PMESII/ASCOP prism. Each vector can be influenced by a shielding or shaping action. These ideas were explored in this influence wargame

Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions

Double Whammy - How ICT Projects are Fooled by Randomness and Screwed by Political Intent

The cost-benefit analysis formulates the holy trinity of objectives of project management - cost, schedule, and benefits. As our previous research has shown, ICT projects deviate from their initial cost estimate by more than 10% in 8 out of 10 cases. Academic research has argued that Optimism Bias and Black Swan Blindness cause forecasts to fall short of actual costs. Firstly, optimism bias has been linked to effects of deception and delusion, which is caused by taking the inside-view and ignoring distributional information when making decisions. Secondly, we argued before that Black Swan Blindness makes decision-makers ignore outlying events even if decisions and judgements are based on the outside view. Using a sample of 1,471 ICT projects with a total value of USD 241 billion - we answer the question: Can we show the different effects of Normal Performance, Delusion, and Deception? We calculated the cumulative distribution function (CDF) of (actual-forecast)/forecast. Our results show that the CDF changes at two tipping points - the first one transforms an exponential function into a Gaussian bell curve. The second tipping point transforms the bell curve into a power law distribution with the power of 2. We argue that these results show that project performance up to the first tipping point is politically motivated and project performance above the second tipping point indicates that project managers and decision-makers are fooled by random outliers, because they are blind to thick tails. We then show that Black Swan ICT projects are a significant source of uncertainty to an organisation and that management needs to be aware of

Continuous Authentication for Voice Assistants

Voice has become an increasingly popular User Interaction (UI) channel, mainly contributing to the ongoing trend of wearables, smart vehicles, and home automation systems. Voice assistants such as Siri, Google Now and Cortana, have become our everyday fixtures, especially in scenarios where touch interfaces are inconvenient or even dangerous to use, such as driving or exercising. Nevertheless, the open nature of the voice channel makes voice assistants difficult to secure and exposed to various attacks as demonstrated by security researchers. In this paper, we present VAuth, the first system that provides continuous and usable authentication for voice assistants. We design VAuth to fit in various widely-adopted wearable devices, such as eyeglasses, earphones/buds and necklaces, where it collects the body-surface vibrations of the user and matches it with the speech signal received by the voice assistant's microphone. VAuth guarantees that the voice assistant executes only the commands that originate from the voice of the owner. We have evaluated VAuth with 18 users and 30 voice commands and find it to achieve an almost perfect matching accuracy with less than 0.1% false positive rate, regardless of VAuth's position on the body and the user's language, accent or mobility. VAuth successfully thwarts different practical attacks, such as replayed attacks, mangled voice attacks, or impersonation attacks. It also has low energy and latency overheads and is compatible with most existing voice assistants

Hack for impact – sociomateriality and the emergent structuration of social hackathons

Purpose Social hackathons are events designed to craft social change using technology that enables citizen empowerment or addresses societal issues by deploying data. Hackathons provide a framework for organizing to help create prototypes and business models through interaction with technology. The relevance of the sociomateriality of the emergent technology (prototype) and organizational structure raises the question if viable and impactful solutions can be developed within such frames. Design/methodology/approach This study applies an inductive research methodology based on ethnographic participant observation, interviews with participants and event organizers, and qualitative insights from surveys. Findings Events such as social hackathons are centered around technology and share a vision of creating opportunities for change. The materiality of prototypes may define their interaction patterns. The differentiation of the embodiment and emergent structuration of technology may be a breaking point for in-group dynamics and a barrier to social innovation. The emergent structuration of technology with a longer initial phase of problem definition and ideation within a group was found to have more potential for impactful embodiment with the technological artifact. Some cases reveal that “expert” participants who shared visions of change enabled by technology were constrained by other members. Originality/value The paper suggests an extended view on the connection of sociomateriality, organizing and social impact