
Editorial
Select search scope: search across all journals or within the current journal

While long considered an important aspect of strategic and theater planning, situational awareness (SA) is the linchpin to both cyber planning and execution. As stated in Joint doctrine, before military activities in the information environment can be accurately and effectively planned, the “state” of the environment must be understood. At its core, cyber situational awareness requires understanding the environment in terms of how information, events, and actions will impact goals and objectives, both now and in the near future. Joint Information Operations (IO) doctrine defines three layers of information inherent to this; physical, informational, and cognitive. While a fair amount of time and effort has been focused on the physical and informational aspects of cyber situational awareness, very little emphasis has been placed on the cognitive layer as it relates to cyber space and how best to model and analyze it. This research examines aspects of the cognitive level by defining a cyber-based behavioral model contingent on the activities a user performs while on the Internet. We believe this is foundational to completely defining a cyber situational awareness model, thus providing commanders and decision makers a more comprehensive and real time view of the environment in which they are operating.
The Global Information Grid (GIG) is the military’s computer and communications network which supports the myriad of military missions. Military missions are highly planned, passing through many hands in the strategy-to-task methodology to ensure completeness, accuracy, coordination, cohesion, and appropriateness. A benefit of this planning is the possibility to collect knowledge of future conditions that could be of use to network designers whose goals include optimizing and protecting the GIG. This advanced knowledge includes which networked military equipment will be involved, what their capabilities are, where they will be, when they will be there, and particulars on the required data flows. A Network Tasking Order process is proposed as a means of collecting this information, analyzing the information to generate network taskings, and disseminating those taskings. Tactical integration of assets in mobile networks is introduced as another planning variable in the battlefield; not unlike logistical considerations such as fuel, ammunition, water, and so on used currently in operation planning. Modeling and simulation is used to support the proposed benefits.
Military and defense organizations rely upon the security of data stored in, and communicated through, their cyber infrastructure to fulfill their mission objectives. It is essential to identify threats to the cyber infrastructure in a timely manner, so that mission risks can be recognized and mitigated. Centralized event logging and correlation is a proven method for identifying threats to cyber resources. However, centralized event logging is inflexible and does not scale well, because it consumes excessive network bandwidth and imposes significant storage and processing requirements on the central event log server. In this paper, we present a flexible, distributed event correlation system designed to overcome these limitations by distributing the event correlation workload across the network of event-producing systems. To demonstrate the utility of the methodology, we model and simulate centralized, decentralized, and hybrid log analysis environments over three accountability levels and compare their performance in terms of detection capability, network bandwidth utilization, database query efficiency, and configurability. The results show that when compared to centralized event correlation, dynamically configured distributed event correlation provides increased flexibility, a significant reduction in network traffic in low and medium accountability environments, and a decrease in database query execution time in the high-accountability case.
In this paper we present a model for expressing attacks on control protocols that involve the exchange of messages. Attacks are modeled using the notion of an attacker who can block and/or fabricate messages. These two attack mechanisms cover a variety of scenarios ranging from power grid failures to cyber attacks on oil pipelines. The model provides a method to syntactically express communication systems and attacks, which supports the development of attack and defense strategies. For demonstration purposes, an attack instance is modeled that shows how a targeted messaging attack can result in the rupture of a gas pipeline.
This research compares three traditional categories of virtualization to a technique known as hybrid virtualization. Each technique is evaluated in terms of both capability and performance. The traditional methods of platform virtualization such as full virtualization, paravirtualization and operating system virtualization each comes with its own set of capabilities and engineering trade-offs. Hybrid virtualization attempts to leverage the benefits of full and operating system virtualization by allowing virtual machines of each type of virtualization to run simultaneously on the same host machine. This research measures the time required for each virtualization technique to perform a workload inside virtual machines as the number of virtual machines running the workload scales. This performance data will help determine the usefulness of the hybrid technique in building a military cyber warfare training simulation environment based on virtualization. The goal is to determine which technique is capable of supporting large-scale environments required by realistic network training scenarios. The capability evaluation results indicate that hybrid virtualization successfully leverages the benefits of its two virtualization components while minimizing the trade-offs of each individual technique. The performance results indicate that the performance of each virtualization technique differs significantly relative to the workload applied. Some workloads saw no significant differences in performance between techniques. However, in the workloads that did show significant difference, the hybrid technique performed as well as or better than full virtualization or operating system virtualization alone. This leads to the conclusion that hybrid virtualization is a viable candidate as the basis for a military cyber warfare simulation and training environment.
The SIPHER technique uses mathematically-uncomplicated processing to impart interesting effects upon a static image. Importantly, it renders certain areas of an image more perceptible than others, and draws a human observer’s attention to particular objects or portions of an image scene. By varying coefficients of the processing in a time-ordered sequence, we can create a multi-frame video wherein the frame-to-frame temporal dynamics further enhance human perception of image objects. In this article we first explain the mathematical formulations and present results from applying SIPHER to simple three-dimensional shapes. Then we explore SIPHER’s utility in enhancing visual perception of targets or objects of military interest, in imagery with some typical backgrounds. We also explore how and why these effects enhance human visual perception of the image objects.
This research develops a discrete event simulation to investigate factors that affect key Air Force (AF) metrics for gauging the health of the AF spares supply chain and the impact on maintaining the mission capability of individual weapon systems. We focus on the unscheduled maintenance actions at a single air base for a single weapon system – the B-1 Bomber. A notional fleet of 16 aircraft at a single air base is modeled based on historical supply and maintenance data. To identify and quantify the effects of various factors, an experimental design is used for analyzing the output of our high-level discrete event simulation. This exploration shows we successfully capture several factors that significantly impact the key metrics used for the B-1 and have the potential to significantly increase mission capability for this weapon system.
We propose a novel design for high-power laser source generation using a Gaussian pulse propagating within an embedded optical device system. The system consists of a non-linear microring resonator and an add-drop filter. In principle, a Gaussian laser pulse with a specified center wavelength ranging from 0.40 to 1.50 µm is fed into the designed system. By using suitable ring parameters, the required output at the specific center wavelength and power can be obtained by controlling the coupling coefficients of the add-drop filter. The power outputs for different center wavelengths were generated, for instance, 0.8, 1.3, 1.5 µm, which can be used to form suitable operating wavelengths for various applications, such as laser guns, swords and medical tools’.