Well, the conference is over. Here’s the thoughts I’ve been left with.
When military folks talk about "open source" they’re not talking about "OpenSource" as we know it i.e. OpenSource software. What they mean is non-military sources i.e. the mainstream media. Once I came to this realization several things I’d head in the past two days had completely different meanings.
This was my first "academic conference" and it’s not what I’m used to. What I’m used to us presentations about software, and events, and "here’s what we did". At this conference it was 20 minute presentations of the research presented as papers in the conference proceedings. I understand that this is the standard for academic conferences but I’m just not used to it. That doesn’t mean didn’t enjoy the conference but it was a tad frustrating hearing "and you can read more about it in my paper" in most of the sessions.
Overall I enjoyed my time over the past two days. I thought I was going to be in over my head but surprisingly I wasn’t. (Except for that last session.) It’s always interesting to step out of your comfort zone and learn some new thing and new perspective.
Douglas Kelly, Air Force Institute of Technology, Wright-Patterson AFB, OH
I’m tired and there’s way too much text on these slides for me to take coherent notes. Also, there’s serious math going on in this presentation which is way over my head. Sorry.
Colonel Steven Mains, US Combined Arms Center, Fort Leavenworth, KS
Director, Center for Army Lessons Learned
- Thesis
- us govt is ceding to the info war to our enemies
- more money is required
- govt must be reorganized to retake the initiative
- 2 examples of what could have been
- prior to OIF, France & Muslin world opposed invasion but were open to influence
- IEDs became weapon of choice but have severe vulnerabilities
- the problem
- coordinated campaign required
- info ops not integrated into planning and decision making
- govt to people comms almost nonexistent
- US Govt built in stovepipes
- complete reorganization of the govt not a feasible option
- End
- advance US ideals and policies by ensuing that everyone has access to factual, unbiased, unfiltered info about intentions, actions & character of US, allies & adversaries
- Ways
- gauge world views by region, ethnicity, religion
- identify market segments
- identify acceptance and effects of policies
- deliver truthful, tailored content that relies on our values to our policies
- continuous reassessment
- Means
- Dep advisor to prez for national security (strategic communications)
- increased national security council
- strategic comms task force
- dept of state reorg
- DNI: covert communications
- DHS: Infrastructure assurance
- USAID: substantially increased Public Diplomacy capability
- DOD: integrated into PD efforts, CNO
Jeff Boleng, US Sir Force Academy, Colorado Springs, CO
- Cyberspace added to USAF mission in 2005
- cyberspace is a warfighting domain
- cyberspace covers all the other domains (air, land, sea, space)
- different domains, different fucntions
- recent threats & motivations
- Hezbollah SIGINT attack on Israeli tanks
- DNS Root Server attack 2007
- Estonia 2007
- pakistan youtube redirect 2008
- IED jammers
- F-22 flight over international dateline (avionics went black)
- Broad requirements
- USAFA graduates 1/4 of all new 2nd lieutenants
- not “geek” focused
- technical w/ a large dose of
- ethics
- legal studies
- behavioral studies
- military strategic studies
- contrasting questions
- how can we exploit adversary’s e-systems
- what is the legal authority
- what are the national security implications
- is cyber attack an act of war
- prep of graduates
- currently underway
- core curriculum
- baseline content
- new upper-level courses
- ensure coverage of AF education and training requirements
- training to reinforce education
- “unlike a traditional college we own our students”
- basic cadet training scenarios
- global engagement integration
- summer space program
- summer UAV program
- DHS sponsored Black Dart
- CS – Cyber Warfare Track
- 37 grads since 2004, 8 in 2008
- offered to all CS majors
- NSA & DHS recognized standards
- 3 courses taken as major options
- cryptography
- Cs security & IW
- network security
- details on the three courses given
- Research
- Academy Center for Cyberspace Research
- current projects
- jam resistant communications
- biometrics
- security education
- Community involvement
- other front range colleges
- cyber defense exercise
- computer and network vulnerability assessment
Dr. Thomas J. Holt, University of North Carolina, Charlotte
- digital crime markets
- problem is increasing
- also becoming more complex
- criminological research
- little research has been done
- few studies have explored malware and hacker community in their own words
- online resources
- blogs
- forums
- this study focuses on Russia & China
- not using their real handles
- data & methods
- identify 2 via snowball samples
- qualitative analyses of open source materials online
- RUSH
- malware writer and hacker in Moscow
- skilled individual
- possible emotional problems
- RUN
- close associate of RUSH
- skilled hacker
- CS major at a Moscow university
- may have minor health issues
- loves his cat
- Black Hat Gang
- both RUSH and RUN belong
- no stated political or financial agenda
- provide a justification for their activities
- rush & ru seem to have dif levels of productivity
- SAINT
- Chinese national in Jinzhou
- does not specify his motives but gives Chinese perspective
- actions are somewhat contrary to his words
- young student but doesn’t enjoy school
- likes girls & posts comments about love & relationships
- SNAKE
- associate of SAINT
- difficult to gage his skill level
- may be a script kiddie
- is a student
- may also have emotional issues though no specific reasons given
- Hack Crew
- SNAKE & SAINT are members
- covert security technology group
- criteria for membership
- roles listed for members
- SNAKE is a cracker
- SAINT is a hacker/cracker
- not clear how skilled group is as a whole
- Discussion
- all extremely interested in tech
- variation in skill levels
- justify what they do as education
- some evidence of depression & substance abuse
- variation in information provided
- public & private resources needed to get mroe info
- further research needed
Jamison Scheeres, Air Force Institute of Technology
- what is social engineering
- techniques to manipulate people
- also shoulder surfing
- also dumpster diving
- trick someone into doing something
- huge threat in today’s environment
- red teams say SE is 100% effective
- current defensive techniques are not effective
- research
- successful SEs are not caught
- classification issues
- ethical issues in deceiving subjects
- psychological triggers
- authority
- reciprocation
- strong affect (phishing)
- overloading (buffer overflow for humans)
- deceptive relationships
- integrity/consistency
- principles of persuasion
- authority
- consistency
- liking
- reciprocity
- scarcity
- social proof
- resistance to persuasion
- inoculation theory
- self-efficacy
- forewarning
- “dispelling the illusion of invulnerability” (2002, Sagarin)
- methodology
- compared psych triggers to principles of persuasion
- determine relationship between illegitimate persuasion & social engineering
- military vulnerable to authority due to strict hierarchy of authority
- conclusions
- strong relationship between principles and triggers
- illegitimate persuasion = social engineering
- been trying to install resistance in the wrong way
- solution is to demo to the individual they are personally vulnerable
- security people must social engineer their people
- future research
- develope measurement
- compare/validate various means of resistance training
Brigadier General Davis, US Strategic Command (Network Warfare)
- Rapidly evolving battlespace
- as long as we have two eyes and opposable thumbs we’ll fight
- econ major in college, never taken a CS course
- I’m a social science guy
- was never good at math until he had to learn how to make a bomb hit its target
- Heads groups that operationalizes network warfare
- has been learning about the cyberspace fight
- tech has always made new inroads into warfare
- modern networking tech is no exception
- air, land, sea, space, now cyberspace
- evolutionary steps in warfare
- not going to talk about servers and high tech
- what can we learn from the past
- navigate the rocks and shoals of change
- looks back to the advent of air power in warfare
- some thought that war could be won by airpower alone
- Curtis LaMay, father of Strategic Air Command
- continuous readiness – 24/7
- should also apply to cyberspace
- Roy Geiger, saw airpower as part of a team effort, WWI Marine
- but airpower could still be decisive
- Geiger was there for for Bikini Atoll tests
- the change was about speed and reaction time in this nuclear age
- Geiger continued to say that it depended on an integrated effort
- in cyberspace timelines are reduced to miliseconds
- starting to learn what it takes to accomplish this
- some was it’s different, some things are the same
- must change and adapt
- “spectrum of conflict”
- peace-something happens-spool up-war-spool down-back to peace
- exploitation of anonymity
- across a broad spectrum of activities
- no one major adversary in cyberspace, could be anyone
- not just the velociraptor nation -state we’re up against
- must be able to scale up operations quickly
- final analysis: “there is no peace in cyberspace”
- must be ready 24/7
- multi-diciplined force of cyberwarriors is needed
- must be ready when a crisis presents itself, which could be anytime
- Marine General – three-block war: humanitarian/infrastructure, peacekeeping, high intensity conflict
- we have the advantage in cyberspace right now but superiority would be better
- no one military service can own this fight
- military must partner with the intel community, law enforcement, allies
- will need new authorities and policies
- we are a nation of laws and those must be followed
- “I’ve got a bunch of lawyers too”
- training & education is key
- must sustain operations to the highest level at all times including peacetime
- on guard at all times
- offensive and defensive tools
- must integrate cyberspace tools with those in other war-fighting domains
- must take account of trans-regional nature of cyberspace
- no geographic boundaries
- no single points of vulnerability
- a digital bullet doesn’t follow a straight line
- multi-point attacks
- our capabilities need to be distributed
My photos from day one of the conference are up in a flickr set. This evening I’l be adding my day two photos. Even if you’re not interested in the conference itself, be sure to check out the photos of Firefly, the supercomputer cluster on the UNO campus. Not only were we allowed into the room, we were actually allowed to walk within the clusters themselves. Let’s just say it was quite the experience.
Geoffrey Darnton, Bournemouth University, UK
- “if you can get into people’s heads you can achieve anything”
- different consequences if people fear being killed vs. wanting to be killed
- scope and key issues
- currently, mainly conceptual
- conflics vs. war
- war and conflict can only occur if people are willing to play
- “willing” – coercion or real willingness
- belief systems are critical in info warfare
- war v conflict
- technically war is a legal state
- iw = information warfare
- maybe should be saying information conflict
- Civilian-ization of warfare via info technologies
- origins of war
- technology
- law
- social organization
- opinions and attitudes concerning basic values
- willingness
- religion and ideology
- both are complex sets of characteristics
- why does it matter in the discussion of IW?
- many acts of conflict and war are done n the name of furthering or preserving some important value of belief
- meta ideo-religious framework?
- experiential
- ritual
- mythology
- ethics
- doctrine
- social
- framework extensions
- symbols
- key personalities
- faith
- deification or reification
- example religions
- middle eastern
- indian
- far eastern
- example ideologies
- capitalism
- marxism
- humanism
- social anarchism
- democracy
- are there characteristics similar to religions?
- proselytizing
- done both by religions and ideologies
- often accompanied by behaviour to discourage “non belivers”
- studies of war
- stats based on religious wars
- extensions to ideology
- how many wars have been fought based on ideology?
- empirical questions
- how many have been killed as consequence of the pursuit of religion
- …pursuit of ideology
- predict that now ideology now kills more than religion
- Information operations
- targeted at belief systems
- goal to move people within info space
- change beliefs
- change value judgments
- relies on underlying epidemiological model for spread of beliefs
- causes of war
- seeking causes may be futile if war is a persistent human phenomenon
- suggests that something like “Information Peaceware”
- conclusion
- characteristics of religions and ideologies are similar for practical purposes to have the same effects when it comes to war and conflict.
Cynthia E. Irvine, Naval Post Graduate School, Monterey, CA
- Motivation
- collaboration permits information sharing
- attractive collaboration tool
- can it be applied in an MLS environment
- [M: don't comment on Wikipedia's "legitimacy", not relevant here in the least]
- objective
- develop multilevel wiki
- want high assurance policy enforcement
- run it as untrusted subject outside of TCB
- Testbed design slide
- highlights
- high assurance components
- ["thin client running OS from a CD"???]
- COTS components
- Underlying server
- BAE XTS-400
- “{linux like” interface
- background
- more than 140 wiki engines available
- aims
- narrow list
- select one or two to test
- selection methodology
- extensive public use
- wiki engines
- wikimatrix
- wikipedia
- considerations for MYSEA environment
- execute on red hat 8
- interface w/ apache
- simple setup, flat-file system
- other considerations
- MediaWiki used as a baseline
- Flat-file wiki list
- Short-listed wikis features slide
- 2 determining factors
- identity-based access control
- concurrent editing
- Decision
- TWiki
- better footprint
- better user control
- better editing
- porting methodology
- run on plain Red Hat 8
- Port Wiki to XTS-400 for execution as a single-level subject
- make multilevel aware
- web-based collaboration support
- logs into system
- logs into wiki
- user can read, edit, create
- high users able to read and modify content at high, able to view at low
- low users only able to read and modify wiki content at low, can link to high but not create high target
- wiki design & architecture
- standard twiki architacture
- apache runs as singe user
- file system DAC
- wiki DAC
- MYSEA WebDAV DAC
- Apache
- MYSEA Apache Config
- Implications
- Users can bypass TWiki access controls by going directly to filesystem
- Solution Space
- Testing
- conductedtesting at various stages
- objectives
- test plans conform to MYSEA documentation standard
- Wiki in MYSEA visualization slide
- Future work
- Single signon
- Multilevel data fusion
