DOC PREVIEW
MTU CS 6461 - Combating Cyber Terrorism

This preview shows page 1-2 out of 6 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Combating Cyber Terrorism: Countering Cyber Terrorist Advantages ofSurprise and Anonymity M. W. David, K. SakuraiCubic CorporationKyushu UniversityFaculty of Information Science andElectrical EngineeringAbstractThe paper proposes ways to counter the CyberTerrorist (CT) advantages of surprise andanonymity. It recommends the creation of aCyberint Analysis Center to develop andevaluate methods to improve the ability todetect, identify and deter Cyber Terroristattack. It also proposes ways to implementresponsible, accountable and identifiable use ofthe Internet, and deny anonymity to theattackers.1. INTRODUCTIONThis paper takes the position that the mission oforganizations dealing with information security is notonly to protect, detect and react, but to also try to predictand prevent Cyber Terrorism (CT). It proposes how tocounter two of the key terrorist advantages of surpriseand anonymity. At the tactical level of specific attacks, itis almost impossible to design systemic strategies foridentifying the immediate threat details of exactly where,when and how an attack will occur. However, at theoperational level, how cyber terrorists plan to useinformation technology, automated tools and identifytargets may be observable and to some extent, predictable[9]. We do not discuss the policy level, but severalquestions need to be addressed in that realm. Is there trulya need to have anonymous access to the Internet? Whoseinterests does anonymous access really serve? Do thepotential threats outweigh the perceived value ofanonymous Internet access? We suggest the price offreedom is not anonymity, but accountability. Unlessindividuals and governments can be held accountable, welose recourse to the law. In order to protect the innocent,all communications must be subject to the rule of law,and this implies their originators must be accountable,hence not anonymous [Davenport, 2002]. To counter theCT advantage of surprise, we propose the establishmentof a Cyber Intelligence (CYBERINT) Analysis Center.To counter the CT advantage of anonymity, we advocateand propose a methodology for and responsible,accountable and identifiable (RAI) access to the Internet.The primary mission and objectives of the CAC will be toenhance the capability to predict, prevent or deter anattack. The goal of RAI access to the Internet is toimprove the capability of defining the “who” related to anattack. 2. The Cyber Intelligence (CYBERINT)Analysis Center (CAC)2.1 Mission and Objectives In the most simplistic terms, provide intelligenceanalysis and reporting that will help prevent a surprise CTattack. However, this is far from simple. Therefore, wewill review some efforts related to cyber infrastructureprotection to provide an understanding of the CAC’s role. The President’s Commission on Critical InformationProtection (PCCIP) in October 1997 identified the basicmission and objectives of something like the CAC inbroad terms. The commission recommended a strategyfor infrastructure protection through industry cooperationand information sharing, a broad program of awarenessand education, reconsideration of laws related toinfrastructure protection, a revised program of researchand development and a national organization structure.The commission proposed seven elements within thisnational organization structure. The sixth element was anInformation Sharing and Analysis Center [19]. Dorothy Denning envisioned the PCCIP’s InformationSharing and Analysis Center (ISAC) as consisting ofgovernment and industry representatives workingtogether to receive information from all sources, analyzeit to draw conclusions about what is happening to theinfrastructures, and appropriately informing governmentand private sector users. Dr. Denning foresaw the ISACinitially focusing on gathering strategic information aboutthreats, vulnerabilities, practices and resources to enableProceedings of the17 th International Conference on Advanced Information Networking and Applications (AINA’03) 0-7695-1906-7/03 $17.00 © 2003 IEEEeffective analysis to better understand the cyberdimension of the infrastructure [8]. In their present form, ISACs are organized with theprivate sector in conjunction with the NationalInfrastructure Protection Center (NIPC). These ISACsare related to sectors like telecommunications, banking,water supply, energy, etc. However, according to Col.Tom Gibson, Joint Task Force for Computer NetworkOperations (JTFCNO), they are very closed communities.Most of the ISACs are private meetings to which onemust be invited to attend. However, none of theinformation is repeatable outside the meeting unless it issanitized [15]. A Carnegie Mellon University report looked atinformation sharing from the perspective of CyberIntelligence (CYBERINT). The report defined thepurpose of CYBERINT analysis as follows [22]. (1) Identify the need for action.(2) Provide the insight and context for decidingamong courses of action.(3) Provide information on the effectiveness ofpursuing the selected course of action. Ross Anderson has suggested research into how to porttechniques and experience from the world of electronicwarfare (EW) to the Internet. A subset of EW is trafficanalysis, which is a tool of the signal intelligence(SIGINT) community. Traffic analysis is looking at thenumber of messages by source and destination. This cangive very valuable information, not just about imminentattack, but also about unit movements. However, trafficanalysis really comes into its own when sifting throughtraffic on public networks, where its importance (both fornational intelligence and police purposes) is difficult tounderstate [1]. We suggest part of the mission of theCAC should be to support the conduct of traffic analysison the Internet. The objective should of course beprotecting critical infrastructure from cyber attack. We propose the main focus of the CAC be onCYBERINT. Intelligence should provide the essentialelements of enemy information (EEEI): who, what,when, where, why and how. That is, who will attackwhat, at what time and place, for what purpose


View Full Document

MTU CS 6461 - Combating Cyber Terrorism

Documents in this Course
Tapestry

Tapestry

13 pages

Load more
Download Combating Cyber Terrorism
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Combating Cyber Terrorism and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Combating Cyber Terrorism 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?