Presenting a method to perform cyber maneuvers

Performing cyber maneuvers in an operational environment is not easy. We need a cyber-situational awarenessframework to perform its maneuvers to protect the cyberspace and to cope with its attacks. The battlefield provided hasessential information for detecting cybercrime events. The present study resolved the challenges of implementing thesemaneuvers through dynamic simulation of the cyber battlefield. The cyber battlefield contains detailed information oncyberspace elements, including the vulnerability knowledge repository, the tangible and intangible components of thecyberspace allowing maneuvering, penetration testing, injection attacks, tracking attacks, visualization, evaluation ofthe impact of cyberattacks, and risk evaluation. By injecting attacks and using the proposed algorithms, an impactassessment of each attack step on each of the elements of the environment has been done to identify potential threats.Using the proposed algorithms, an impact assessment has been performed on each of the environmental elements inorder to identify potential threats. A dynamic updating simulator engine has been designed to update the vulnerabilityknowledge base automatically and change the topology and features of elements, accesses, services, hosts, and users.Modeling and simulation were evaluated using a qualitative research method and creating a focus group.

PDF

___

[1] US Air Force. United States Air Force Cyberspace Science and Technology Vision 2012-2025. Washington, DC, USA: US Air Force, 2012.
[2] Endsley MR. Toward a theory of situation awareness in dynamic systems. Hum Factors 1995; 37: 32-64.
[3] Meshkini A, Habibi K, Alizadeh H. Using fuzzy logic and GIS tools for seismic vulnerability of old fabric in Iranian cities (case study: Zanjan city). J Intell Fuzzy Syst 2013; 25: 965-975.
[4] Lotfian S. Strategy and Strategic Planning. Tehran, Iran: Ministry of Foreign Affairs, Political Science, 1997 (in Persian).
[5] Shakibazad M, Rashidi AJ. A framework to achieve dynamic model of cyber battlefield. Soc Roy Sci Liège. 2017; 86: 474-483.
[6] Phillips C, Swiler LP. A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms; 1998; New York, NY, USA. pp. 71-79.
[7] Lippmann RP, Ingols KW. An Annotated Review of Past Papers on Attack Graphs. Cambridge, MA, USA: MIT Lincoln Laboratory, 2005.
[8] Vidalis S, Jones A. Using Vulnerability Trees for Decision Making in Threat Assessment. Pontypridd, UK: University of Glamorgan School of Computing, 2003.
[9] Schneier B. Attack trees. Dr Dobbs J 1999; 24: 21-29.
[10] Yang SJ, Holsopple J, Liu D. Elements of impact assessment: a case study with cyber attacks. In: Intelligent Sensing, Situation Management, Impact Assessment, and Cyber-Sensing; 2009; New York, NY, USA. p. 8.
[11] Kotenko I, Chechulin A. A cyber attack modeling and impact assessment framework. In: 5th International Conference on Cyber Conflict; April 2013; Tallinn, Estonia. pp. 1-24.
[12] Wheeler BF. A Computer Network Model for the Evaluation of Moving Target Network Defense Mechanisms. Rochester, NY, USA: Rochester Institute of Technology; 2014.
[13] Moskal S, Wheeler B, Kreider D, Kuhl ME, Yang SJ. Context model fusion for multistage network attack simulation. In: IEEE Military Communications Conference; 2014; New York, USA. pp. 158-163.
[14] Kott A, Wang C, Erbacher RF. Cyber Defense and Situational Awareness. New York, NY, USA: Springer, 2015.
[15] Ashtiani M, Abdollahi Azgomi M. A distributed simulation framework for modeling cyber attacks and the evaluation of security measures. Simulation 2014; 90: 1071-1102.
[16] Tounsi W, Rais H. A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput Secur 2018; 72: 212-233.
[17] Qamar S, Anwar Z, Rahman MA, Al-Shaer E, Chu BT. Data-driven analytics for cyber-threat intelligence and information sharing. Comput Secur 2017; 67: 35-58.
[18] Mavroeidis V, Bromander S. Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In: European Intelligence and Security Informatics Conference; 11–13 September 2017; Karlskrona, Sweden. pp. 91-98.
[19] Rezvani M, Sekulic V, Ignjatovic A, Bertino E, Jha S. Interdependent security risk analysis of hosts and flows. IEEE T Inf Foren Sec 2015; 10: 2325-2339.
[20] Wang W, Wang X, Feng D, Liu J, Han Z, Zhang X. Exploring permission-induced risk in Android applications for malicious application detection. IEEE T Inf Foren Sec 2014; 9: 1869-1882.
[21] Nguyen PH, Ali S, Yue T. Model-based security engineering for cyber-physical systems: a systematic mapping study. Inform Software Tech 2017; 83: 116-135.
[22] Bayoğlu B, Soğukpınar İ. Polymorphic worm detection using strong token-pair signatures. Turk J Electr Eng Co 2009; 17: 163-182.
[23] Jiang W, Xu H, Dong H, Jin H, Liao X. An improved security framework for Web service-based resources. Turk J Electr Eng Co 2016; 24: 774-792.
[24] Uğur A, Soğukpınar İ. Multilayer authorization model and analysis of authorization methods. Turk J Electr Eng Co 2016; 24: 4915-4934.
[25] Bazargan A. An Introduction to the Qualitative and Mixed Methods Research Approaches Used in Behavioral Science. Tehran, Iran: Didar, 2010 (in Persian).