3,392 research outputs found
Understanding Terrorist Network Topologies and Their Resilience Against Disruption
This article investigates the structural position of covert (terrorist or criminal) networks. Using the secrecy versus information tradeoff characterization of covert networks it is shown that their network structures are generally not small-worlds, in contradistinction to many overt social networks. This finding is backed by empirical evidence concerning Jemaah Islamiyah's Bali bombing and a heroin distribution network in New York. The importance of this finding lies in the strength such a topology provides. Disruption and attack by counterterrorist agencies often focuses on the isolation and capture of highly connected individuals. The remarkable result is that these covert networks are well suited against such targeted attacks as shown by the resilience properties of secrecy versus information balanced networks. This provides an explanation of the survival of global terrorist networks and food for thought on counterterrorism strategy policy.
Outsmarting Network Security with SDN Teleportation
Software-defined networking is considered a promising new paradigm, enabling
more reliable and formally verifiable communication networks. However, this
paper shows that the separation of the control plane from the data plane, which
lies at the heart of Software-Defined Networks (SDNs), introduces a new
vulnerability which we call \emph{teleportation}. An attacker (e.g., a
malicious switch in the data plane or a host connected to the network) can use
teleportation to transmit information via the control plane and bypass critical
network functions in the data plane (e.g., a firewall), and to violate security
policies as well as logical and even physical separations. This paper
characterizes the design space for teleportation attacks theoretically, and
then identifies four different teleportation techniques. We demonstrate and
discuss how these techniques can be exploited for different attacks (e.g.,
exfiltrating confidential data at high rates), and also initiate the discussion
of possible countermeasures. Generally, and given today's trend toward more
intent-based networking, we believe that our findings are relevant beyond the
use cases considered in this paper.Comment: Accepted in EuroSP'1
A Dynamic Game on Network Topology for Counterinsurgency Applications
Successful military operations are increasingly reliant upon an advanced understanding of relevant networks and their topologies. The methodologies of network science are uniquely suited to inform senior military commanders; however, there is a lack of research in the application of these methods in a realistic military scenario. This study creates a dynamic game on network topology to provide insight into the effectiveness of offensive targeting strategies determined by various centrality measures given limited states of information and varying network topologies. Improved modeling of complex social behaviors is accomplished through incorporation of a distance-based utility function. Moreover, insights into effective defensive strategies are gained through incorporation of a hybrid model of network regeneration. Model functions and parameters are thoroughly presented, followed by a detailed sensitivity analysis of factors. Two designed experiments fully investigate the significance of factor main effects and two-factor interactions. Results show select targeting criteria utilizing uncorrelated network measures are found to outperform others given varying network topologies and defensive regeneration methods. Furthermore, the attacker state of information is only significant given certain defending network topologies. The costs of direct relationships significantly impact optimal methods of regeneration, whereas restructuring methods are insignificant. Model applications are presented and discussed
Social Media Exploitation by Covert Networks: A Case Study of ISIS
Social media has quickly become a dominant mode of professional and personal communication. Unfortunately, groups who intend to perform illegal and/or harmful activities (such as gangs, criminal groups, and terrorist groups) also use it. These covert networks use social media to foster membership, communicate among followers and non-followers, and obtain ideological and financial support. This exploitation of social media has serious political, cultural, and societal repercussions that go beyond stolen identities, hacked systems, or loss of productivity. There are literal life-and-death consequences of the actions of the groups behind these covert networks. However, through tracking and analyzing social media content, government agencies (in particular those in the intelligence community) can mitigate this threat by uncovering these covert networks, their communication, and their plans. This paper introduces common social media analysis techniques and the current approaches of analyzing covert networks. A case study of the Syrian conflict, with particular attention on ISIS, highlights this exploitation and the process of using social media analysis for intelligence gathering. The results of the case study show that covert networks are resilient and continually adapt their social media use and presence to stay ahead of the intelligence community
Distinctiveness Centrality in Social Networks
The determination of node centrality is a fundamental topic in social network
studies. As an addition to established metrics, which identify central nodes
based on their brokerage power, the number and weight of their connections, and
the ability to quickly reach all other nodes, we introduce five new measures of
Distinctiveness Centrality. These new metrics attribute a higher score to nodes
keeping a connection with the network periphery. They penalize links to
highly-connected nodes and serve the identification of social actors with more
distinctive network ties. We discuss some possible applications and properties
of these newly introduced metrics, such as their upper and lower bounds.
Distinctiveness centrality provides a viewpoint of centrality alternative to
that of established metrics
Survey of Network Protocols
IPv4 is the network protocols of the present Internet, which is characterized by the Internet Engineering Task Force (IETF). Network protocols characterize guidelines, polices and traditions for communication between system devices. Every advanced protocol for computer organization utilizer a packet switching system to send and get the message. The protocols are intended to conquer the activities of any enemy that can lose the sent message, discretionarily change the fields of the sent message, and replay old messages. In the web, the colossal measure of information and the immense number of various protocols makes it perfect as a high-bandwidth speed vehicle for undercover communication. This article is an overview of the current methods for making the covert channels. Weadditionally gave a diagram of wide kinds of network protocol
Covert Channel in the BitTorrent Tracker Protocol
Covert channels have the unique quality of masking evidence that a communication has ever occurred between two parties. For spies and terrorist cells, this quality can be the difference between life and death. However, even the detection of communications in a botnet could be troublesome for its creators. To evade detection and prevent insights into the size and members of a botnet, covert channels can be used. A botnet should rely on covert channels built on ubiquitous protocols to blend in with legitimate traffic. In this paper, we propose a covert channel built on the BitTorrent peer-to-peer protocol. In a simple application, this covert channel can be used to discretely and covertly send messages between two parties. However, this covert channel can also be used to stealthily distribute commands or the location of a command and control server for use in a botnet
Network disruption and recovery: Co-evolution of defender and attacker in a dynamic game
The evolution of interactions between individuals or organizations are a central theme of complexity research. We aim at modeling a dynamic game on a network where an attacker and a defender compete in disrupting and reconnecting a network. The choices of how to attack and defend the network are governed by a Genetic Algorithm (GA) which is used to dynamically choose among a set of available strategies. Our analysis shows that the choice of strategy is particularly important if the resources available to the defender are slightly higher than the attackers'. The best strategies found through GAs by the attackers and defenders are based on betweenness centrality. Our results agree with previous literature assessing strategies for network attack and defense in a static context. However, our paper is one of the first ones to show how a GA approach can be applied in a dynamic game on a network. This research provides a starting-point to further explore strategies as we currently apply a limited set of strategies only
- …