13th_European_Conference_on_Cyber_Warfar.pdf - P...

This preview shows page 1 out of 341 pages.

Unformatted text preview: P Proceedings di off the th 13th European Conference on Cyber Warfare and Security Th University The U i it off Piraeus Pi Greece 3-4 July 2014 Edited by Andrew Liaropoulos and George Tsihrintzis A conference managed by ACPI, UK Proceedings of the 13th European Conference on Cyber Warfare and Security ECCWS‐2014 The University of Piraeus Piraeus, Greece 3‐4 July 2014 Edited by Andrew Liaropoulos and George Tsihrintzis Copyright The Authors, 2014. All Rights Reserved. No reproduction, copy or transmission may be made without written permission from the individual authors. Papers have been double‐blind peer reviewed before final submission to the conference. Initially, paper abstracts were read and selected by the conference panel for submission as possible papers for the conference. Many thanks to the reviewers who helped ensure the quality of the full papers. These Conference Proceedings have been submitted to Thomson ISI for indexing. Further copies of this book and previous year’s proceedings can be purchased from ‐bookshop.com E‐Book ISBN: 978‐1‐910309-25-4 E‐Book ISSN: 2048‐8610 Book version ISBN: 978‐1‐910309-24-7 Book Version ISSN: 2048‐8602 CD Version ISBN: 978‐1‐910309-26-1 CD Version ISSN: 2048‐8629 Published by Academic Conferences and Publishing International Limited Reading UK 44‐118‐972‐4148 ‐publishing.org Contents Paper Title Author(s) Page No. Preface iii Committee iv Biographies vi Possible Scenarios and Maneuvers for Cyber Operational Area Ugur Akyazi 1 Digital Forensics as a Science in Higher Education Olga Angelopoulou and Stilianos Vidalis 8 Knowledge Accessibility and Cyber Macht Leigh Armistead and Scott Starsman 17 A Strategic Approach to Managing Security in SCADA Systems Mehdi Asgarkhani and Elena Sitnikova 23 Fuzzy Application With Expert System for Conducting Information Security Risk Analysis Jiří Bartoš, Bogdan Walek, Cyril Klimeš and Radim Farana 33 Identity Multipliers and the Mistaken Twittering of ‘Birds of a Feather’ David Cook 42 Secret Sharing Framework Based on Digital Certificates Paul Crocker and Adolfo Peixinho 49 Improving Cyber‐Security Awareness on Industrial Control Systems: The CockpitCI Approach Tiago Cruz, Jorge Proença, Paulo Simões, Matthieu Aubigny, Moussa Ouedraogo, Antonio Graziano and Lasith Yasakhetu 59 Putting Counterintelligence in Cyber Counterintelligence: Back to the Future Petrus Duvenage and Sebastian von Solms 70 Information Security Economics: Induced Risks and Latent Costs Evangelos Frangopoulos, Mariki Eloff and Lucas Venter 80 The Opportunities of National Cyber Strategy and Social Media Arto Hirvelä, Aki‐Mauri Huhtinen and Tommi Kangasmaa 88 Online Social Networks: A Vehicle for Malware Propagation Ehinome Ikhalia and Johnnes Arreymbi 95 Countering Threats ‐ a Comprehensive Model for Utilization of Social Media for Security and law Enforcement Authorities Margarita Jaitner and Harry Kantola 102 Potential Cyber Warfare Capabilities of Major Technology Vendors Audun Jøsang 110 Manpower Planning and Management in Cyber Defense Ilker Kilaz, Akif Onder and Murat Yanik 116 The Effectiveness of Online Gaming as Part of a Security Awareness Program William Aubrey Labuschagne and Mariki Eloff 125 Cyberconflict and Theoretical Paradigms: Current Trends and Future Challenges in the Literature Andrew Liaropoulos 133 Planning Method of Information Security for Military Organizations José Martins, Henrique dos Santos, Mendes Dias and José Borges 140 Comparison of two Specifications to Fulfill Security Control Objectives Riku Nykänen andTommi Kärkkäinen 150 Challenges in Information Security Protection Teresa Pereira and Henrique Santos 160 Enrolment Time as a Requirement for Face Recognition Biometric Systems Vítor Sá, Sérgio Magalhães and Henrique Santos 167 i Paper Title Author(s) Page No. Retaining Control Over Private Virtual Machines Hosted by a Cloud Provider Using Mandatory Access Control, Trusted Boot and Attestation Armin Simma and Philipp Rusch 172 Cyber Security and Civil Engagement: Case of Lithuanian Virtual Community Projects Aelita Skaržauskienė, Agnė Tvaronavičienė and Gintarė Paražinskaitė 181 Determination of Meme Proliferation Factors Namosha Veerasamy and William Aubrey Labuschagne 188 Integration of a Network Aware Traffic Generation Device Into a Computer Network Emulation Platform Suné von Solms and Schalk Peach 198 Legal Solutions to State‐Level Cyber Intrusion Under International law: A Maze of Legal Uncertainty or not? Murdoch Watney 206 An Annotated Bibliographical Survey on Cyber Intelligence for Cyber Intelligence Officers Cagatay Yucel and Ahmet Koltuksuz 213 PHD Research papers 221 Intrusion Detection System Using Bayesian Network Modeling Chaminda Alocious, Nasser Abouzakhar, Hannan Xiao and Bruce Christianson 223 A Near‐Miss Management System to Facilitate Forensic Investigation of Software Failures Madeleine Bihina Bella, Jan Eloff and Martin Olivier 233 Requirements for Preparing the Cloud to Become Ready for Digital Forensic Investigation Moses Dlamini, Hein Venter, Jan Eloff and Mariki Eloff 242 A Generic Framework for Enhancing the Quality Digital Evidence Reports Nickson Karie and Hein Venter 251 A Framework to Address Challenges Encountered When Designing a Cyber‐Range Brendan Lawless, Jason Flood and Anthony Keane 258 A Cyber Attack Evaluation Methodology Kosmas Pipyros, Lilian Mitrou, Dimitris Gritzalis and Theodore Apostolopoulos 264 The Changing Character of war in the Global Information Age Anthimos Alexandros Tsirigotis 271 Masters Research papers 279 Spymasters Tools: A Comparative Approach to Side Channel Tuğçe Kalkavan Attacks 281 Models for the Forensic Monitoring of Cloud Virtual Machines Dirk Ras and Hein Venter 290 Non Academic paper 301 Distinguishing Cyber Espionage Activity to Prioritize Threats John Hultquist 303 Work In Progress paper 309 NATO Article Statue 5 in Terms of a Cyber‐War Selcuk Dal and Kadir Ozyurt 311 ii Preface This year sees the 13th European Conference on Cyber Warfare and Security (ECCWS 2014), which is hosted by The University of Piraeus, Greece. The Conference Chair is Andrew Liaropoulos, from the University of Piraeus, Piraeus, Greece. The Programme Chair is George Tsihrintzis, University of Piraeus, Piraeus, Greece. The Conference continues to bring together individuals working in the area of cyberwar and cyber security in order to share knowledge and develop new ideas with their peers. The range of papers presented at the Conference will ensure two days of interesting discussions. The topics covered this year illustrate the depth of the information operations’ research area, with the subject matter ranging from the highly technical to the more strategic visions of the use and influence of information. The opening keynote is given by Prof. Dimitris Gritzalis, Director of the Information Security & Critical Infrastructure Protection (InfoSec) Laboratory, Athens University of Economics and Business, Greece on the topic of “Open‐Source Intelligence produced from Social Media: A proactive Cyber Defense tool” and the second day keynote will be presented by Prof. Nikolaos Bourbakis, IEEE Fellow, Director of the Assistive Technologies Research Center (ATRC) Wright State University, USA, on the topic of “Cyber‐Security Challenges in the Cyber‐Space”. With an initial submission of 71 abstracts, after the double blind, peer review process there are 27 Research papers, 7 PHD Research papers, 2 Masters Research papers, 1 Non Academic paper and 1 Work in Progress Paper published in these Conference Proceedings. These papers come from all parts of the globe including Australia, Austria, Czech Republic, Finland, Greece, Lithuania, New Zealand, Nigeria, Norway, Portugal, Republic of South Africa, Turkey, UK and USA. I wish you a most interesting conference and an enjoyable stay in Greece. Andrew Liaropoulos and George Tsihrintzis, University of Piraeus, Greece June 2014 iii Conference Committee Conference Executive Dr Andrew N. Liaropoulos Department of International and European Studies, University of Piraeus, Greece Dr George A. Tsihrintzis University of Piraeus, Greece Mini track chairs Dr. Nasser Abouzakhar, University of Hertfordshire, UK Dr Ahmet Koltuksuz, Yasar University , Turkey Dr. Rupali Jeswal, Xiphos‐ISS (Intelligence & Security Solutions) Asst Prof Dr Selma Tekir, Izmir Institute of Technology, Turkey Asst Prof Dr Serap Sahin, Izmir Institute of Technology, Turkey Dr Martti Lehto, University of Jyväskylä, Finland Committee Members The conference programme committee consists of key individuals from countries around the world working and researching in the Information Warfare and Security community. The following have confirmed their participation: Dr. Mohd Faizal Abdollah (University Technical Malaysia Melaka, Melaka); Dr. Nasser Abouzakhar (University of Hertfordshire, UK); Dr. Kari Alenius (University of Oulu, Finland); Prof. Antonios Andreatos (Hellenic Air Force Academy, Greece); Dr. Olga Angelopoulou (University of Derby, UK); Dr. Leigh Armistead (Edith Cowan University, Australia); Colin Armstrong (Curtin University, Australia, Australia); Johnnes Arreymbi (University of East London, UK); Debi Ashenden (Cranfield University, Shrivenham, UK); Dr. Darya Bazarkina (Sholokhov Moscow State Humanitarian University, Russian Federation); Laurent Beaudoin (ESIEA, Laval, France); Ass Prof. Maumita Bhattacharya (Charles Sturt University, Australia); Prof. Matt Bishop (University of California at Davis, USA); Andrew Blyth (University of Glamorgan, UK); Colonel (ret) Colin Brand (Graduate School of Business Leadership, South Africa); Dr. Svet Braynov (University of Illinois at Springfield, USA); Prof. Larisa Breton (University of the District of Columbia, USA); Bill Buchanen (Napier University, UK); Dr. Joobin Choobineh (Texas A&M University, USA); Dr. Maura Conway (Dublin City University, Ireland); Dr. Paul Crocker (Universidade de Beira Interior, Portugal); Dr. Christian Czosseck (CERT Bundeswehr (German Armed Forces CERT), Germany); Geoffrey Darnton (Bournemouth University, UK); Josef Demergis (University of Macedonia, Greece); Moses Dlamini (SAP Research Pretoria, South Africa); Paul Dowland (University of Plymouth, UK); Marios Efthymiopoulos (Political Science Department University of Cyprus, Cyprus); Dr. Ramzi El‐Haddadeh (Brunel University, UK); Daniel Eng (C‐PISA/HTCIA, China); Prof. Dr. Alptekin Erkollar (ETCOP, Austria); Prof. Robert Erra (ESIEA PARIS, France); John Fawcett (University of Cambridge, UK); Prof. Eric Filiol (Ecole Supérieure en Informatique, Electronique et Automatique, France); Dr. Chris Flaherty (University of New South Wales, Australia); Prof. Steve Furnell (University of Plymouth, UK); Assoc. Professor Javier Garci'a Villalba (Universidad Complutense de Madrid, Spain); Kevin Gleason (KMG Consulting, MA, USA); Dr. Michael Grimaila (Air Force Institute of Technology, USA); Prof. Stefanos Gritzalis (University of the Aegean, Greece); Dr. Marja Harmanmaa (University of Helsinki, Finland); Ulrike Hugl (University of Innsbruck, Austria); Aki Huhtinen (National Defence College, Finland); Bill Hutchinson (Edith Cowan University, Australia); Dr. Berg Hyacinthe (State University of Haiti, Haiti); Dr. Abhaya Induruwa (Canterbury Christ Church University, UK); Hamid Jahankhani (University of East London, UK); Dr. Amit Jain (BenefitFocus Inc, USA); Dr. Helge Janicke (De Montfort University, UK); Joey Jansen van Vuuren (CSIR, South Africa); Saara Jantunen (University of Helsinki, Finland); Andy Jones (BT, UK); James Joshi (University of Pittsburgh, USA); Nor Badrul Anuar Jumaat (University of Malaya, Malaysia); Maria Karyda (University of the Aegean, Greece); Ass Prof. Vasilis Katos (Democritus University of Thrace, Greece); Dr. Anthony Keane (Institute of Technology Blanchardstown, Dublin, Ireland); Jyri Kivimaa (Cooperative Cyber Defence and Centre of Excellence, Tallinn, Estonia); Dr. Spyros Kokolakis (University of the Aegean, Greece); Prof. Ahmet Koltuksuz (Yasar University, Dept. of Comp. Eng., Turkey); Theodoros Kostis (Hellenic Army Academy, Greece); Prashant Krishnamurthy (University of Pittsburgh, USA); Dan Kuehl (National Defense University, Washington DC, USA); Peter Kunz (DiamlerChysler, Germany); Pertti Kuokkanen (Finnish Defence Forces, Finland); Dr. Erikk Kurkinen (University of Jyväskylä, Finland); Takakazu Kurokawa (National Defence Acadamy, Japan); Rauno Kuusisto (Finnish Defence Force, Finland); Tuija Kuusisto (National Defence University, Finland); Dr. Laouamer Lamri (Al Qassim University and European University of Brittany, Saudi Arabia); Michael Lavine (John Hopkins University's Information Security Institute, USA); Martti Lehto (National Defence University, Finland); Tara Leweling (Naval Postgraduate School, Pacific Grove, USA); Paul Lewis (technology strategy board, UK); Peeter Lorents (CCD COE, Tallinn, Estonia); Hossein Malekinezhad (Islamic Azad University,Naragh Branch, Iran); Mario Marques Freire (University of Beira Interior, Covilhã, Portugal); Ioannis Mavridis (University of Macedonia, Greece); Rob McCusker (Teeside University, Middlesborough, UK); Jean‐Pierre Molton Michel (Ministry of Agriculture, Haiti); Durgesh Mishra (Acropolis Institute of Technology and Research, India); Dr. Yonathan Mizrachi (University of Haifa, Israel, Israel); Edmundo Monteiro (University of Coimbra, Portugal); Evangelos Moustakas (Middlesex University, London, UK); Dr. Kara Nance (University of Alaska Fairbanks, USA); Muhammad Naveed (IQRA University Peshawar, Pakistan, Pakistan); Mzukisi Njotini (University of South Africa, South Africa); Rain Ottis (Cooperative Cyber Defence Centre of Excellence, Estonia); Tim Parsons (Selex Communications, UK); Michael Pilgermann (University of Glamorgan, UK); Engur Pisirici (govermental ‐ independent, Turkey); Dr. Muttukrishnan Rajarajan (City University London, UK); Andrea Rigoni ( Booz & Company,, USA); Dr. Neil Rowe (US Naval iv Postgraduate School, Monterey, USA); Raphael Rues (DigiComp Academy, Switzerland); Filipe Sa Soares (University of Minho, Portugal); Prof. Henrique Santos (University of Minho, Portugal); Prof. Chaudhary Imran Sarwar (Mixed Reality University, Pakistan); Dr. Damien Sauveron (Mathematics and Computer Sciences, University of Limoges, France); Sameer Saxena (IAHS Academy, Mahindra Special Services Group , India); Prof. Dr. Richard Sethmann ( University of Applied Sciences Bremen, Germany); Dr. Yilun Shang (Singapore University of Technology and Design, Singapore); Prof. Paulo Simoes (University of Coimbra, Portugal); Prof. Jill Slay (University of South Australia, Australia); Anna Squicciarini (University of Milano, Italy); Iain Sutherland (University of Glamorgan, Wales, UK); Jonas Svava Iversen (Danish Broadcast Corporation, Denmark); Anna‐Maria Talihärm (Tartu University, Estonia); Dr. Selma Tekir (Izmir Institute of Technology, Turkey); Prof. Sérgio Tenreiro de Magalhães (Universidade Católica Portuguesa, Portugal); Prof. Dr. Peter Trommler (Georg Simon Ohm University Nuremberg, Germany); Craig Valli (Edith Cowan UniversitY, Australia); Rudi Vansnick (Internet Society, Belgium); Richard Vaughan (General Dynamics UK Ltd, UK); Stilianos Vidalis (Newport Business School, Newport, UK); Dr. Natarajan Vijayarangan (Tata Consultancy Services Ltd, India); Marja Vuorinen (University of Helsinki, Finland); Michael Walker (Vodafone, UK); Prof Mat Warren (Deakin University, Australia, Australia); Dr. Kenneth Webb (Edith Cowan University , Australia); Dr. Stuart Weinstein (University of Hertfordshire School of Law, UK); Dr. Santoso Wibowo (Central Queensland University, Australia); Dr. Trish Williams (Edith Cowan University, Australia); Simos Xenitellis (Royal Holloway University, London, UK); Dr. Omar Zakaria (National Defence University of Malaysia, Malaysia); v Biographies Conference Chair Dr Andrew N. Liaropoulos is a Lecturer in University of Piraeus, Department of International and European Studies, Greece. He also teaches in the Joint Staff War College, the Joint Military Intelligence College, the National Security College, the Air War College and the Naval Staff Command College. He earned his Master’s Degree in Intelligence and Strategic Studies at Aberystwyth University and his Doctorate Diploma at Swansea University. His research interests include international security, intelligence reform, strategy, military transformation, cyber security and Greek security policy. Dr. Liaropoulos is also a senior analyst in the Research Institute for European and American Studies (RIEAS), the assistant editor of the Journal of Mediterranean and Balkan Intelligence (JMBI) and the convenor of the Greek Politics Specialist Group (GPSG) Programme Chair Dr George A. Tsihrintzis received the Diploma of Electrical Engineer from the National Technical University of Athens, Greece (with honors) and the M.Sc. and Ph.D. degrees in Electrical Engineering from Northeastern University, USA. He is currently a Member of the Council, Professor and Director of Graduate Studies in “Advanced Computing and Informatics Systems” in the University of Piraeus, Greece. His current research interests include Pattern Recognition, Decision Theory, and Statistical Signal Processing and their applications in Multimedia Interactive Services, Security, User Modeling, Knowledge‐based Software Systems, Human‐ Computer Interaction and Information Retrieval. He has (co)‐authored 5 monographs, 11 edited volumes and over 250 research publications in international journals, book chapters, and conference proceedings in his areas of research interest. Keynote Speakers Dr. Dimitris Gritzalis is a Professor of ICT Security and the Director of the Information Security and Critical Infrastructure Protection Research Group ( ) with the Dept. of Informatics of the Athens University of Economics and Business, Greece. He holds a B.Sc. (Mathematics, Univ. of Patras), a M.Sc. (Computer Science, City University of New York), and a Ph.D. (Critical Information Systems Security, Univ. of the Aegean). He has served as Associate Commissioner of the Greek Data Protection Commission and as the President of the Greek Computer Society. He is the representative of Greece to IFIP TC‐11. For more than twenty five years he has been participating in numerous R&D and consulting projects funded by the European Commission, international organizations (EUROPOL, CEN), public administration (Ministries of the State, Government, Economy, Healthcare, Interior, Education, Social Security, etc.), private institutions (Banking, Transportation, Telecommunication, Health, Energy, etc.). His technical publications include 9 books and more than 150 papers. His current research interests focus on security in ambient intelligence, new security paradigms, critical infrastructure protection, and strategies for security‐critical infrastructures. Dr.Nikolaos Bourbakis (IEEE Fellow) received his BS degree in mathematics from the National University of Athens, Greece and his PhD in computer science and computer engineering from the University of Patras, Greece in 1963. He is currently a Distinguished Professor in Informatics & Technology, J.A Professor of Geriatrics and the Director of Assistive Technology Research Center (ATRC) at Wright State University, Ohio. He has published more than 380 articles in refereed International Journals, book chapters and Conference Proceedings and 10 books as an author or co‐author editor Mini Track Chair Dr Ahmet Koltuksuz received his Ph.D. in the field of cryptanalysis of Symmetrical Ciphers. He is currently affiliated with Yasar University, School of Engineering Department of Computer Engineering in Turkey. His research interests are Cryptology, Theory of Numbers, Information Theory, Theory of Computation, Operating Systems, Multicore Architectures, Cyberspace Defense & Security, Open Sources Intelligence Analysis and of Computer Forensics. He is a frequent speaker...
View Full Document

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture