1 / 24

The Civilian Information Infrastructure and Computer Network Attack

The Civilian Information Infrastructure and Computer Network Attack. Joe R. Gonzalez Jr. Texas A&M University Engineering Program jgonzalez@tamu.du. 1. Purpose. To describe the representation of the Civilian Information Infrastructure being integrated into OneSAF.

cynara
Download Presentation

The Civilian Information Infrastructure and Computer Network Attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Civilian Information Infrastructureand Computer Network Attack Joe R. Gonzalez Jr.Texas A&M University Engineering Programjgonzalez@tamu.du 1

  2. Purpose • To describe the representation of the Civilian Information Infrastructure being integrated into OneSAF. • To describe the representation of Computer Network Attack on the Civilian Information Infrastructure. 2

  3. Civilian Information Infrastructure (CII) - The power, communications, transportation, services and supporting structures that form the backbone for the exchange of information for any geo-political region. - Can be characterized locally to global. - The alternative communications means (ACM) are the means within the CII that perform information transmission and receipt. 3

  4. Contemporary Operating Environment (COE) The COE is the Operational Environment (the composite of the conditions, circumstances and influences that affect the employment of military forces and bear on the decisions of the unit commander – JP 1-02) that exists in the world today and is expected to exist in the clearly foreseeable future. • The COE Opposing Force (OPFOR) comprises the collective set of organizations (combatant, noncombatant, corporate, non-government, government and international) existing in and acting on the environment in the Blue Force (BLUFOR) area of operations as representative of current military operations. • They can be categorized as conventional forces (Regular Armed Forces), irregular forces (Paramilitary, Guerrilla, Terrorist, Militia) and Civilians on the Battlefield (Combatant and Non-Combatant). 4

  5. Organizational Categories Named Organizations COE Organizations Regular Armed Forces Irregular Forces Civilians on the Battlefield Civilians on the Battlefield (Non-Combatant) Regular/ Conventional Armed Forces Guerrillas Militia Civilians on the Battlefield (Combatant) Paramilitary/ Internal Security Forces Terrorists Medical Teams Civilians (Combatant) Indigenous Civilians (Locals) Displaced Persons & Transients Border/ Security Brigade Private Security Organizations Humanitarians Relief Organizations Trans- National Corporations Drug & Criminal Organizations Police Forces National Police Media (Local, National, International) Foreign Gov’t & Diplomatic Personnel District Police Special Purpose Forces Local Police 5

  6. CII Relationship to the COE - COE OPFOR organizations will use components of the CII as a principal or alternate Battle Command System and Information Operations mechanism. - These CII means, the ACM, represent a departure from the use of combat net radios for battle command system use. - Irregular COE OPFOR forces will use ACM as both their primary battle command system and information operations mechanism. - Conventional COE OPFOR forces will use ACM as a parallel battle command system and as the primary information operations mechanism. - The COE OPFOR know BLUFOR is reluctant to disrupt the CII. 6

  7. CII Portrayal Value Added - Exercising the CII in simulation creates greater fidelity in portraying the COE to the Warfighter. Comms networks exercised Allows SIGINT/HUMINT Activities Reply New Message Forward Message Enables COE Activities Sender Receiver Recipients stimulated to act No Action Action - The Warfighter has more familiarity in dealing with COE OPFOR command and control. 7

  8. What Enables Communications Process Alternative Communications Means Performance Characteristics Infrastructure Dependence Regional Communications Tiers Coverage Areas Battle Damage Assessment 8

  9. ACM Classes & Types Multimedia Telecommunications Device* Landline Telephone Telephone Based Facsimile Cell Phone Cell Text Messager Pager Pager Text Messager Satellite Phone AM/FM Radio Broadcast TV Satellite TV Cable TV Newspaper Magazine Flyer 4G Telephonic Broadcast Alternative Communications Means Courier 2 Way Radio Web Based Hand Held Radios Courier Website Chat Room BLOG Email Computer Based Facsimile Instant Messaging * The MTD will not be available until 2015. 9

  10. Performance Characteristics - Each ACM has a set of characteristics that describe its performance envelope. Connection Power Range Line Of Sight Min Frequency Max Frequency Frequency of Publication Circulation Market Range Connection Speed Power Range Line Of Sight Min Frequency Max Frequency Landline Telephone Telephone Based Facsimile Email Computer Based Facsimile Instant Messaging Website Chat Room BLOG TV - Cable Hand Held Radios AM Radio FM Radio Broadcast TV Satellite TV Cell Phone Cell Text Messager Pager Pager Text Messager Satellite Phone MTD Frequency of Publication Circulation Market Range Speed Newspaper Magazine Flyer Courier 10

  11. Infrastructure Dependence • Dependent upon supporting components in the local infrastructure to function properly: • Enable broadcast transmissions and the distribution and routing of telephone and internet network traffic. • Must be present in the simulated environment’s infrastructure. • Antenna and switch based. • Comprised of a structure and functional component. Antenna Based: - Structure is a tower. - Component is an antenna. - An antenna is required to provide a source for a broadcast signal or to receive and send radio signals. Switch Based: - Structure is a building. - Component is a switch. - A switch will connect compatible ACMs together in a specific service region. 11

  12. Regional Communications Tiers Wired and wireless communications, internet access, radio and television broadcast network’s technological sophistication. The existence of sustainment and maintenance capabilities to support communications or print media distribution pathways. Infrastructure Support Level Expectation of Service High Medium Low Tier 1 Tier 1 High Medium Low Technology Maturity Level Latency Tier 2 Tier 2 Time to Repair/ Replace Tier 3 Tier 4 Expectation of Service is the probability that the desired service is not available at the time of desired use or that a message sent will not be received. Latency is the additional time required for delivery of a message from its standard performance. 12

  13. Coverage Areas • A finite area of defined shape within which point to point ACMs can communicate or broadcast ACMs can distribute information. • - Rule sets exist to calculate each type of coverage area. Switch Based Power Range Broadcast Location Line of Sight interrupts Regional Comms Tier Local/Ethnic diversity Political Divisions Geography Antenna Based Cell Based Service Limit 13

  14. Battle Damage Assessment (BDA) • As the antenna or switch system becomes damaged its ability to operate is reduced: • - For antenna systems the reduction is a function of range. • For switch systems it is a function of active coverage area. • Cell networks (system of antennas) are a special case of antennas. • BDA assessed by OneSAF activities. • BDA is cumulative. • BDA is repairable. Antenna System Switch System As BDA is assessed BDA assessment grid rectangles are randomly removed reducing the effective coverage area. Switch coverage areas will retain some portion of their coverage area until the cumulative BDA reaches 100%. Based on proportional relationship between elastic (yield strength) and plastic (to ultimate strength) regions of the stress-strain diagram for steel and assessed BDA of the antenna tower. 14

  15. Key Areas Covered Alternative Communications Means Performance Characteristics Infrastructure Dependence Regional Communications Tiers Coverage Areas Battle Damage Assessment 15

  16. CNA of the CII One COE organization attacks another or other organizations via CNA to achieve: - Operational advantage manifested by operational and/or tactical gain. - Psychological advantage manifested by political gain and/or social leverage. CNA events on the CII in simulation: - Conduct of Information Operations (passive/active) is organic in the COE. - Affects mood of the population and confronts BLUFOR with new variables to consider in decision making processes. 16

  17. ACM1 ACM1 ACM2 ACM2 Gain Information Change Information ACM1 ACM1 ACM2 ACM2 Deny Information Create Information Information Control Methods (ICM) 17

  18. Who and What Can Be Attacked Attacks will impact soft factors, cooperation matrix & CEB. BLUFOR can conduct CNA by proxy via cooperative COE organization. 18

  19. Methods, Types & Models Wave BAG Attrition Area 19

  20. Regional Communications Tiers in CNA Infrastructure Security and Restoration are functions of regional communications tiers. 20

  21. Determining Vulnerability Propagation Rate: Pf Infection Factor: If Restoration Factor: Rf Vulnerability Pf = How quickly the infection factor can be applied to systems in the targeted ACM coverage. If = The probability that any given system can become infected during the conduct of a CNA event. If = Sf * Cf * Ef * Tf Sf (susceptibility factor) = ACM susceptibility to information control methods. Cf (compatibility factor) = Information control method level of compatibility to attack types. Ef (efficiency factor) = Attack type efficiency relationship with event models. Tf (tier security factor) = The contribution of implemented security to the reduction of vulnerability. Rf = The probability an attacked ACM is restored to full functionality after the event. 21

  22. CNA Event Process Determine Need & Resources Event Preparation Conduct & Evaluate Event COE Org elects to conduct an CNA event Select Coverage Area(s) Select Target COE Org(s) Select Attack Origin(s) Conduct Event Select Event Method Select Start/Stop Duration Determine Resources Determine Vulnerability Factors 22

  23. Conclusion CII • Can more accurately portray the COE OPFOR’s battle command messaging in simulation. • - Enhanced fidelity of the threat’s capabilities will generate communications indicators that can allow for BLUFOR interception and interdiction of COE OPFOR activities and intent. • - Communications will create an environment with a denser set of COE OPFOR behaviors enriching the ‘sense’ of the environment. CNA • Can portray computer network attack of the civilian information infrastructure on COE organizations in simulation. • - Information flow is the key in the CII model. Can target systems, messages or organizations. • - Will create conditions that will need to be considered by BLUFOR. 23

  24. Interested in More Detail? Come to the Amphitheater. 1530 on Tuesday, the 8th of April. 24

More Related