Cyber Security - Power and Technology.pdf - Intelligent Systems Control and Automation Science and Engineering Martti Lehto Pekka Neittaanm\u00e4ki Editors

Cyber Security - Power and Technology.pdf - Intelligent...

This preview shows page 1 out of 288 pages.

You've reached the end of your free preview.

Want to read all 288 pages?

Unformatted text preview: Intelligent Systems, Control and Automation: Science and Engineering Martti Lehto Pekka Neittaanmäki Editors Cyber Security: Power and Technology Intelligent Systems, Control and Automation: Science and Engineering Volume 93 Series editor Professor S. G. Tzafestas, National Technical University of Athens, Greece Editorial Advisory Board Professor Professor Professor Professor Professor Professor Professor Professor Professor Professor Professor Professor Professor Professor P. Antsaklis, University of Notre Dame, IN, USA P. Borne, Ecole Centrale de Lille, France R. Carelli, Universidad Nacional de San Juan, Argentina T. Fukuda, Nagoya University, Japan N. R. Gans, The University of Texas at Dallas, Richardson, TX, USA F. Harashima, University of Tokyo, Japan P. Martinet, Ecole Centrale de Nantes, France S. Monaco, University La Sapienza, Rome, Italy R. R. Negenborn, Delft University of Technology, The Netherlands A. M. Pascoal, Institute for Systems and Robotics, Lisbon, Portugal G. Schmidt, Technical University of Munich, Germany T. M. Sobh, University of Bridgeport, CT, USA C. Tzafestas, National Technical University of Athens, Greece K. Valavanis, University of Denver, Colorado, USA More information about this series at Martti Lehto Pekka Neittaanmäki • Editors Cyber Security: Power and Technology 123 Editors Martti Lehto Faculty of Information Technology University of Jyväskylä Jyväskylä Finland Pekka Neittaanmäki Faculty of Information Technology University of Jyväskylä Jyväskylä Finland ISSN 2213-8986 ISSN 2213-8994 (electronic) Intelligent Systems, Control and Automation: Science and Engineering ISBN 978-3-319-75306-5 ISBN 978-3-319-75307-2 (eBook) Library of Congress Control Number: 2018933475 © Springer International Publishing AG, part of Springer Nature 2018 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. Printed on acid-free paper This Springer imprint is published by the registered company Springer International Publishing AG part of Springer Nature The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Preface The traditional military environments of ground, sea, and air have been expanded to include a cyber environment. The cyber environment is not a separate area, but rather cyber-threats and attacks manifest in all other environments. Cyber battlespace and unmanned capabilities have lowered the threshold of warfare, and at the same time changed the traditional war–peace setting. During the cold war, a concept known as a gray period was used, which was understood as the time before the actual war. Hybrid warfare has created a state that can precede traditional war, appear after the war’s activity phase or without traditional warfare. A new paradigm of warfare is replacing the traditional model of declaration of war and the creation of a peace treaty, by creating a state in which war is not declared nor is a peace treaty made. The target of hybrid warfare has to live rather long within a state of conflict and instability, where cyberspace is increasingly the target of activities. New elements are being merged to form the warfare of the 2020s, especially in the cyber environment, the aim being to stay under the threshold of war. Deliberately maintaining instability with non-kinetic operations, especially in the case of a superpower, can justify presence and operations in a certain region. Operations are justified as peacekeeping, maintaining stability, protecting one’s own interests and citizens or assisting allies, which are all seemingly appropriate activities. The cyber environment has created a new state through which to influence the regions of other countries by taking advantage of different military and nonmilitary means to achieve goals by political and military pressure. The new capabilities of armed forces have created new opportunities for the kinetic and non-kinetic use of force in the cyber environment. This environment needs to be able to seamlessly integrate manned and unmanned platforms working in the air, on the surface, beneath the surface, and in cyberspace. Through new systems, targets can be more effectively spotted, monitored, and identified, troops can be lead, and weapons systems can be guided to achieve the desired impact. Forming a real-time situational picture and shared situational awareness needs to happen even faster. The leading process needs information content as accurate and timely as possible, in order to execute centralized command and decentralized v vi Preface operations and protect its own operations in the cyber environment. Grounds for the use of resources have to be created faster than the adversary can effect their decision process, by analyzing the situational view and the adversary’s operations, goals and capabilities. Systems thinking is emphasized in the development of cyber influence. In strategic thinking, the focus needs to be given to system influence and not to individual targets. Military operations require accurate analysis, with the emphasis on the adversary’s focus, critical structures, and vital functions and their vulnerabilities. Only through this kind of comprehensive approach can strategic goals be achieved with kinetic and non-kinetic operations. The target of cyberattacks is not only armed forces but also the society’s critical functions. The critical functions of a society need to be protected in all circumstances. Currently in international politics the emphasis is on cyberpolitics, which describes the cyber environment primarily as a political operational environment. Matters of cybersecurity are more prominent and given more importance in international forums and organizations, such as OSCE, EU, NATO, OECD, and the European Council. Superpowers have compared cyberattacks to military actions, which can be responded to by all means necessary. For now, cyber operations have been interpreted as so-called soft operations, which is why the threshold for their use is lower than that of traditional military operations. The openness of cyberspace enables entities to launch attacks from around the world by taking advantage of system vulnerabilities, which can be found in the actions of individual, the operational procedures of organizations, and the information technology in use. It is hard to protect against complex and advanced malware. Attackers are hard to identify in the abstract, let alone determining their true identities. Cyberspace has changed international dominance. It creates the possibility for small countries and non-state actors to operate efficiently. In cyberspace, size and mass no longer dominate; know-how is now paramount. Jyväskylä, Finland May 2017 Dr. Pekka Neittaanmäki Dean, Professor Dr. Martti Lehto Professor Contents Part I Cyber Power The Modern Strategies in the Cyber Warfare . . . . . . . . . . . . . . . . . . . . Martti Lehto 3 Cyber Capabilities in Modern Warfare . . . . . . . . . . . . . . . . . . . . . . . . . Jim Q. Chen and Alan Dinerman 21 Developing Political Response Framework to Cyber Hostilities . . . . . . . Jarno Limnéll 31 Cyber Security Strategy Implementation Architecture in a Value System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Rauno Kuusisto and Tuija Kuusisto Cyber Deterrence Theory and Practise . . . . . . . . . . . . . . . . . . . . . . . . . Andreas Haggman 49 63 Jedi and Starmen—Cyber in the Service of the Light Side of the Force . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Torsti Sirén and Aki-Mauri Huhtinen 83 Alternative Media Ecosystem as a Fifth-Generation Warfare Supra-Combination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Andreas Turunen 99 Part II Cyber Security Technology Data Stream Clustering for Application-Layer DDoS Detection in Encrypted Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Mikhail Zolotukhin and Timo Hämäläinen Domain Generation Algorithm Detection Using Machine Learning Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Moran Baruch and Gil David vii viii Contents Tailorable Representation of Security Control Catalog on Semantic Wiki . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 Riku Nykänen and Tommi Kärkkäinen New Technologies in Password Cracking Techniques . . . . . . . . . . . . . . . 179 Sudhir Aggarwal, Shiva Houshmand and Matt Weir Survey of Cyber Threats in Air Traffic Control and Aircraft Communications Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 Elad Harison and Nezer Zaidenberg Stopping Injection Attacks with Code and Structured Data . . . . . . . . . . 219 Ville Tirronen Algorithmic Life and Power Flows in the Digital World . . . . . . . . . . . . 233 Valtteri Vuorisalo Honeypot Utilization for Network Intrusion Detection . . . . . . . . . . . . . . 249 Simo Kemppainen and Tiina Kovanen Security Challenges of IoT-Based Smart Home Appliances . . . . . . . . . . 271 Tuomas Tenkanen, Heli Kallio and Janne Poikolainen Part I Cyber Power The Modern Strategies in the Cyber Warfare Martti Lehto Abstract As there is no generally accepted definition for cyber warfare, it is a term that is quite liberally used in describing events and actions in the digital cyber world. The concept of cyber warfare became extremely popular from 2008 to 2010, partly superseding the previously used concept of information warfare which was launched in the 1990s. For some, cyber warfare is war that is conducted in the virtual domain. For others, it is a counterpart to conventional “kinetic” warfare. According to the OECD’s 2001 report, cyberwar military doctrines resemble those of so-called conventional war: retaliation and deterrence. Researchers agree with the notion that the definition of cyberwar should address the aims and motives of war, rather than the forms of cyber operations. They believe that war is always widespread and encompasses all forms of warfare. Hence, cyber warfare is but one form of waging war, used alongside kinetic attacks. The new capacities of armed forces create new possibilities, for both the kinetic and non-kinetic use of force in cyberspace. Cyber era capabilities make possible operations in the new nonlinear and indefinite hybrid cyber battlespace. It must be possible to seamlessly integrate the decision-makers, actors and all types of manned and unmanned platforms in the air, on the surface, under the surface, in space, and in cyberspace. The main trends that are changing the cyber battlespace are networking, time shortening, the increase in the amount of data, and proliferation of autonomous and robotic systems, as well as artificial intelligence and cognitive computing. Keywords Cyber warfare · Non-kinetic · Battle management 1 Introduction Digitalization is taking place by leaps and bounds in the armed forces. In this discourse, computers are seen as robust equipment and the metaphors promise total surveillance, efficient control, and technological solutions to several complex probM. Lehto (B) Faculty of Information Technology, University of Jyväskylä, Jyväskylä, Finland e-mail: [email protected] © Springer International Publishing AG, part of Springer Nature 2018 M. Lehto and P. Neittaanmäki (eds.), Cyber Security: Power and Technology, Intelligent Systems, Control and Automation: Science and Engineering 93, 3 4 M. Lehto lems in the battlefield. Information technology establishes and nurtures this development by creating a real-time intelligence, surveillance, and command system, as well as battlespace structures. These new digital structures in the cyber domain enable the emergence of new threats (Edwards 1996). This millennium carries on the technological development whose inception began over 200 years ago. We are about to enter an era in which nanotechnology, highspeed computing capability, and artificial intelligence are coupled with massive data warehouses and their virtual networks. Technology has developed exponentially; this being the case, future decades will generate new innovation at a continually increasing rate (Weisbrook 2007). The cyberspace environment can be characterized by the acronym VUCA: volatility, uncertainty, complexity, and ambiguity. Cyberspace is both linked to and distinguished from air, land, sea, and space in that it is a man-made domain established using electronic technology and software, firmware, and hardware programs specifically designed to manipulate electromagnetic energy into encoded signals (Scherrer and Grund 2009). The armed forces’ new capabilities create new opportunities for the kinetic and non-kinetic use of force in cyberspace. Cyber age capabilities make it possible to function in the new, nonlinear and only vaguely demarcated hybrid battlespace. For this purpose, it must be possible to seamlessly integrate both manned and unmanned platforms that operate in the air, and both on and below the surface, as well as in space and cyberspace. New systems can better detect, track, and identify targets, command troops, and guide weapon systems to achieve their intended effect. Time and information become paramount in this operating environment. A real-time situational picture and shared situational awareness must be achieved ever more rapidly. The command process demands precise and correctly timed information, even when units are moving, to implement centralized command and dispersed action, and to carry out force protection in the cyber battlespace. Present warfare is totally dependent on the C5ISR system (command–control— communication–computers–cyber–intelligence–surveillance–reconnaissance). The command and control, coordination and communication of the military operations require a functional C5ISR system. The C5ISR system is the most vulnerable part, and therefore it should be the most important object in the cyber defense of the armed forces. The C5ISR system of today’s defense systems is a complex behemoth from the radios, radars, and mainframes, to the PC devices, to the embedded and cyberphysical systems. The C5ISR system uses the data networks of armed forces, and in addition the Internet, civilian networks, wireless solutions, navigation systems, and radio networks of the wide frequency range. The networked C5ISR system also contains a huge variety of vulnerabilities. Hostile penetration is possible in any given part of the system and the attack can cause problems for radar surveillance, telecommunications or the air defense system. It can paralyze the fire control system, positioning system, and the satellite or mobile communication systems. The complexity of the system makes it impossible to totally eliminate the vulnerabilities and to identify and track penetrations inside the system. The networking increases the efficiency of the defense systems, but at the same time, more dangerous vulnerabilities arise. The Modern Strategies in the Cyber Warfare 5 Cyber defense uses a variety of different sources and methodologies to mitigate active threats, using fields such as incident response, malware analysis, digital forensics, and even intelligence-driven defense. Cyber warfare may be the greatest threat that nations have ever faced. Never before has it been possible for one person to potentially affect an entire nation’s security. And, never before could one person cause such widespread harm as is possible in cyber warfare. Cyber power will be as revolutionary to warfare as airpower, but the current vectoring of the domain will determine which nation will hold cyber dominance and to what effect (Alford 2009; Lee 2013). In the other warfighting domains, power is derived from the human ability to use tools to manipulate the domain to their advantage. The same logic applies to power in cyberspace. A useful definition of cyber power is the ability to use cyberspace to create advantages and influence events in all the operational environments and across the instruments of power (Kuehl 2009; Sorensen 2010). 2 The Shifting Nature of Warfare 2.1 Change in Networking The operating logic of military operations is to link together collectors, decisionmakers, and effectors in a flexible and simple manner that improves situational awareness, makes decision-making quicker, and increases the tempo of execution and survivability. The required information infrastructure will be achieved by fusing IT networks and ICT systems. Everything can be connected to everything else in cyberspace. Network centricity facilitates mobility, geographical dispersion, and the functioning of virtual organizations. Reliable, real-time dissemination, and the use of information in the entire area of operations are the necessary prerequisite for change, and a uniform situational picture must be taken all the way to the level of an individual combatant, fighter, and ship. It must also be possible to control the information from an “empty” area to facilitate one’s own operations. Network-centric warfare, including all relevant changes in warfare, is associated with a development in which the center of gravity has shifted from platforms to networks, where all actors merge into an adaptive ecosystem and in which the attention is focused on strategic choices and optimal decision-making. In US Defence Forces, Network Centric Operations (NCO) replaced the NCW vernacular in 2003 to counter the view that network-centric concepts and capabilities were only applicable to high-end combat; rather, it was desired that it will be known that it was applicable to the full mission spectrum, including non-kinetic missions. NCO is a real-time operation model designed to securely deliver mission-critical information throughout the chain of command anytime, anywhere, to achieve an advantage over an adversary. Its goal is to use relevant information to achieve the 6 M. Lehto desired results of a military operation with minimal casualties, and at minimal cost. NCO affects all levels of military activity, from the tactical to the strategic. At the operational level, it gives commanders the capability to perform precisely, at an efficient operational tempo. NCO is a collection of powerful organizational and technical concepts. On the organizational side, it posits that organizations are more effective when they bring “power to the edge,” that is, when they make information freely available to those who need it and permit free collaboration among those who are affected by or can contribute to a mission. This freedom brings the operational benefits of better and more widespread understanding of the commander’s intent, better self-synchronization of forces in planning and operations, fuller freedom...
View Full Document

  • Fall '19
  • World War II, Armed forces, United States armed forces, Cyberwarfare

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture