| 1. |
- Sigholm, Johan, et al.
(författare)
-
Best-Effort Data Leakage Prevention in Inter-Organizational Tactical MANETs
- 2012
-
Ingår i: Proceedings of the 2012 IEEE Military Communications Conference. - : IEEE Communications Society. - 9781467317306 - 9781467317290 ; , s. 1143-1149
-
Konferensbidrag (refereegranskat)abstract
- Reconfigurable Radio Systems (RRS), based on technologies such as Software Defined Radio (SDR) and Mobile Ad-hoc Networks (MANETs) offer considerable advantages for military operations, such as increased network survivability and interoperability. The RRS-based Common Tactical Radio System (GTRS), currently in development by the Swedish Armed Forces, is designed for use in diverse geographical settings and for purposes varying from international combat missions to national contingency operations. However, protecting these networks from attacks and safeguarding the carried information against leaks is an ongoing research challenge, especially in combined scenarios where tactical data may flow across organizational boundaries. This paper presents a best-effort approach to Data Leakage Prevention (DLP) for inter-organizational RRS-based networks. The proposed architecture makes use of data mining techniques and an efficient n-dimensional clustering algorithm which has previously been successfully used for real-time anomaly detection in critical infrastructure protection. The DLP architecture is developed as an extension to the GTRS system, modeled and simulated in OPNET™ Modeler. Our results show that common data leaks can be efficiently identified by the proposed scheme, while keeping the important false positive rate at a very low level.
|
|
| 2. |
- Kävrestad, Joakim, 1989-, et al.
(författare)
-
How the Civilian Sector in Sweden Perceive Threats from Offensive Cyberspace Operations
- 2021
-
Ingår i: Proceedings of the 20th European Conference on Cyber Warfare and Security. - Reading : ACI Academic Conferences International. - 9781912764433 - 9781912764990 ; , s. 499-506
-
Konferensbidrag (refereegranskat)abstract
- The presence of state-sponsored actors executing offensive cyberspace operations (OCO) has been made evident in recent years. The term offensive cyberspace operations encompass a range of different actions, including cyberespionage, disinformation campaigns, spread of malware and more. Based on an analysis of past events, it is evident that state-sponsored actors are causing harm to the civilian sector using OCO. However, the degree to which civilian organizations understand the threat from state-sponsored actors is currently unknown. This research seeks to provide new a better understanding of OCO and their impact on civilian organizations. To highlight this domain, the case of the threat actor Advanced Persistent Threat 1 (APT1) is presented, and its impact on three civilian organizations discussed. Semi-structured interviews were used to research how the threats from OCO and state-sponsored actors are perceived by civilian organizations. First, a computational literature review was used to get an overview of related work and establish question themes. Next, the question themes were used to develop questions for the interview guide, followed by separate interviews with five security professionals working in civilian organizations. The interviews were analysed using thematic coding and the identified themes summarized as the result of this research. The results show that all respondents are aware of the threat from OCO, but they perceive it in different ways. While all respondents acknowledge state-sponsored actors at a threat agent executing OCO, some respondent’s argue that state-sponsored actors are actively seeking footholds in systems for future use while others state that the main goal of state-sponsored actors is to steal information. This suggests that the understanding of the threat imposed by OCO is limited, or at least inconsistent, among civilian security experts. As an interview study, the generalisability of this research is limited. However, it does demonstrate that the civilian society does not share a common view of the threat from state-sponsored actors and OCO. As such, it demonstrates a need for future research in this domain and can serve as a starting point for such projects.
|
|
| 3. |
- Sigholm, Johan
(författare)
-
Secure Tactical Communications for Inter-Organizational Collaboration : The Role of Emerging Information and Communications Technology, Privacy Issues, and Cyber Threats on the Digital Battlefield
- 2016
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The development within the area of information and communications technology (ICT) has been rapid during the last couple of decades. Advancements in mobile technology, such as smartphones and other portable devices with embedded sensors, rapid expansion of communications infrastructure, and increased spectrum utilization, has had a major impact on civilian society, but increasingly also on professional organizations such as the Swedish Armed Forces. While this technology allows for enhanced capabilities in the areas of command and control, situational awareness, and information management, it also leads to new challenges in such areas as cyber security and privacy. For armed forces in many parts of the world, being able to deploy in new types of missions, such as humanitarian assistance and response operations due to natural or man-made disasters, is an increasingly sought-after capability. Such operations commonly require collaboration amongst several heterogeneous organizations, which in turn requires technical as well as organizational interoperability. While the actors must be able to share certain information efficiently, with regards to integrity and availability, sensitive or classified information must be safeguarded in terms of confidentiality.This thesis is concerned with studying emerging ICT for use on the battlefield of tomorrow, investigating how it can lead to more effective operations, and what preconditions that must be met in order for the technology to be of utility for inter-organizational collaboration. In particular, the thesis studies how an acceptable level of information security can be upheld in interconnected tactical communications networks. It is found that Mobile Ad-hoc Networks, Software-Defined Radio and Cognitive Radio are emerging technologies that, while still immature, can contribute to improved capabilities for communications, command and control, and information collection. Furthermore, Hastily Formed Networks is found to be an effective framework for collaboration between heterogeneous actors. However, in order for emerging ICTs to provide military utility, several non-technical requirements must be met. These include usability, trust, legality, cost, and verifying that the technology is in accordance with current military doctrine. Antagonistic as well as unintentional threats must also be mitigated, including information leaks caused by cyberattacks or insiders, and possible consequences of reduced user privacy.Besides to the Swedish Armed Forces, this thesis should be of interest to armed forces of comparable countries, and for professional organizations faced with similar challenges. Among the drawn conclusions, the thesis recommends continuously evaluating emerging ICT in support of new capabilities, through academic research as well as internal concept development. Adopting an incremental and modular process is also recommended when developing or procuring new ICT systems, instead of making long-term investments in proprietary technology. Furthermore, a focus should be put on promoting military requirements in future civilian ICT standards. In this way development costs can be reduced, while facilitating tactical use of commercial off-the-shelf products. Regarding information security in tactical networks for inter-organizational collaboration the thesis concludes that employing best-effort methods could allow for efficient information exchange between actors, while upholding acceptable risk levels regarding data leakage.
|
|
| 4. |
- Sigholm, Johan
(författare)
-
Reconfigurable Radio Systems : Towards Secure Collaboration for Peace Support and Public Safety
- 2010
-
Ingår i: Proceedings of the 9th European Conference on Information Warfare and Security. - Reading, UK : Academic Conferences Publishing. - 9781906638672 ; , s. 268-274
-
Konferensbidrag (refereegranskat)abstract
- As military priorities are shifting from invasion defense to crisis management and peace support operations, the capability to partake in efficient inter-organizational collaboration is becoming increasingly important for armed forces across Europe. The “solidarity clause” of the Treaty of Lisbon, which entered into force on December 1st 2009, dictates that all EU member states shall act jointly if another member state is the target of a terrorist attack or the victim of a natural or man-made disaster. Sweden has gone even further, stating that it will not remain passive if a member state or another Nordic country is attacked, and expects these countries to act in the same manner if Sweden is attacked. This declaration obligates Sweden to be able to collaborate successfully with allied partners, both within own territories and abroad. Application-based collaboration tools for use in unpredictable settings, requiring high user mobility and network survivability, put high demands on the underlying ICT systems in order to function correctly. Networks employing the TErrestrial Trunked RAdio (TETRA) standard are becoming pervasive as platforms for interagency collaboration in crisis response. Although these networks provide many benefits compared to legacy technology they lack the possibility to offer secure, infrastructure-less and disruption-tolerant communication in challenging environments. Emerging ICT such as MANET-based Reconfigurable Radio Systems (RRS) shows potential for overcoming these problems, in addition to resolving issues of technical heterogeneity. The Common Tactical Radio System (GTRS) is an RRS being developed by the Swedish Armed Forces, intended to be the future ICT system for all parts of the forces, used both in national and international mission settings. However, remaining challenges include threats of node compromisation and adversary network infiltration, as well as the safeguarding of confidential information shared by collaborating parties and preventing information leakage. This paper contributes by (i) giving a summary of recent work in mechanisms for achieving information security in tactical MANETs and Hastily Formed Networks for disaster response. The paper also (ii) presents in-progress work towards the design of a gossip-based cross-layer Distributed Intrusion Detection System (DIDS) for the GTRS system, which takes resource constraints of portable devices into account, and offloads traffic analysis and anomaly detection to more powerful “Big Brother” nodes. An outline of the proposed DIDS architecture is presented, and the paper (iii) suggests future work towards offering a dependable and trustworthy communications platform for efficient and secure inter-organizational collaboration.
|
|
