Conference PaperPDF Available

Parameters Differentiating the Characteristics and Security of Military Information Systems

Authors:

Abstract

Revolution in the area of information technology has brought about changes in many spheres of life. Today, information systems are being used in very sensitive areas such as defence and missile control systems, nuclear plants, etc. Not only has it changed how business is conducted, it has also brought about entirely new paradigms like that of information and cyber warfare. Similarly, one of the many impacts that it has made, is how wars are fought. For all what it has contributed, the information stored on digital devices and computers has become a precious resource and special measures are taken to guard it against attacks from malicious users. These special measures are needed by any enterprise be it a business firm, a commercial entity, a government agency or a military organization. However, requirements and specifications for information security and assurance for a military organization are essentially different from those of commercial or business applications. This paper highlights and discusses various aspects related to the security of information resources of military importance and outlines certain parameters that should be taken into consideration when talking about the security of military information resources. W also describe the role satellite reconnaissance can play in cyber war. Authors proclaim that this paper is first such attempt to correlate cyber war with satellite reconnaissance.
Parameters Differentiating the Characteristics and
Security of Military Information Systems
Muhammad Farooq-i-Azam
COMSATS Institute of Information Technology
Lahore, Pakistan
farooq@chase.org.pk
Dr. Muhammad Naeem Ayyaz
University of Engineering and Technology
Lahore, Pakistan
mna@uet.edu.pk
ABSTRACT
Revolution in the area of information technology has brought
about changes in many spheres of life. Today, information
systems are being used in very sensitive areas such as defence and
missile control systems, nuclear plants, etc. Not only has it
changed how business is conducted, it has also brought about
entirely new paradigms like that of information and cyber warfare.
Similarly, one of the many impacts that it has made, is how wars
are fought. For all what it has contributed, the information stored
on digital devices and computers has become a precious resource
and special measures are taken to guard it against attacks from
malicious users. These special measures are needed by any
enterprise be it a business firm, a commercial entity, a government
agency or a military organization. However, requirements and
specifications for information security and assurance for a military
organization are essentially different from those of commercial or
business applications. This paper highlights and discusses various
aspects related to the security of information resources of military
importance and outlines certain parameters that should be taken
into consideration when talking about the security of military
information resources. W also describe the role satellite
reconnaissance can play in cyber war. Authors proclaim that this
paper is first such attempt to correlate cyber war with satellite
reconnaissance.
Keywords
Military information systems, cyber warfare, cyber arms,
information warfare.
1. INTRODUCTION
Information systems in current age use digital processing and
storage. Like other spheres of life military is also increasingly
dependent upon digital information systems. Digital systems and
networks because of their inherent characteristics are susceptible
to various kinds of remote attacks. Therefore, the military needs to
adopt special measures to protect the confidentiality, integrity and
availability of its own sensitive information resource related to its
own functioning and operations. Furthermore, when attacks
against the information resources of other important non-military
institutions of a country are mounted in an organized manner by a
hostile country, the role of military again comes into play which is
to protect and defend the information resources of its country and
to launch offensive attacks against the perpetrator as a tactical and
strategic measure. Recently, information and cyber warfare has
been focus of much attention around the world. In particular, the
CIA, intelligence outfit of USA, carried out cyber warfare
exercises in 2005 [8]. It is also important to mention that in May
2010 US army has announced the creation of a cyber war
command and appointed a four star general to lead it [4]. This
significant step forecasts the role of information technology in
future wars and also nature of these wars. Other militaries will
sooner or later follow these same steps.
For the information and cyber warfare, the cyber arms needed are
peculiar information systems particularly designed and developed
for this purpose. At the heart of these systems are software and
tools both for attack and defence. Traditionally, there are a lot
many such tools available including free and open source
developed by hackers and security professionals and commercial
software and tools developed by companies. However, these
traditional tools though suited to attack or defend commercial and
business systems, are not suited to the needs of a military.
One of the major reasons for this is the simple fact that software
tools developed by someone else cannot be relied upon for
mission critical tasks. There may be intentional or un-intentional
trap doors left in such tools and software so that it may be
rendered inoperable at a critical moment.
Another important factor is the fact that the enemy will not be
using traditional tools and software for the reasons stated above.
Therefore, capability, capacity and characteristics of such systems
are not known in advance. As a result, the countermeasures
required against such attacks cannot be based upon traditional
techniques and rather are tailored to use by the military. For
example, to communicate some information related to trade and
commerce, one may rely on openly available commercial
solutions and encryption algorithms. However, information
which is related to defence and military operations needs to be
taken more seriously. Instead of deploying tools and software
using a third party encryption algorithm, the military would need
to develop and implement its own encryption algorithm and
software for this purpose. In addition, like an integrated circuit
has different military specifications, this software for use by the
military would also have different specifications. By the same
token, the attack mechanisms and countermeasures used by the
military for information systems are different from traditional
systems.
Furthermore, the military information systems may not simply
comprise of merely computer systems, computer networks and
software tools. For example, information and cyber war will
inevitably also use military reconnaissance satellites. Therefore,
implications and effects of such satellite systems in a cyber war
should also be taken into account and capacity to counter such a
scenario should also be developed.
It is to be further noted that military information systems is not an
open topic of research due to obvious reasons and not much
information is available in this area. The research presented in this
paper is first-hand research and is derived from authors’
experience and consistent observation of military use of the
Internet over the years.
2. MILITARY INFORMATION SYSTEMS
REQUIREMENTS
We have stated previously the reasons for military information
systems to have different characteristics and security
requirements. In this section, we give brief details of such
requirements and characteristics regardless how easy or difficult
these requirements are as far as their implementation is concerned.
2.1 Anonymity
In the case of commercial and business enterprises, the IP address
blocks used by the organization may be known to the public and
probably cannot be hidden from being discovered. There are
various means through which an attacker can enumerate the IP
address blocks of such organizations.
However, in the case of military organizations, there are various
levels of security and confidentiality that are ascribed to different
institutions of the military. In this case, the IP address blocks used
by certain unclassified institutes may be known to the public.
However, IP blocks used by certain other more classified projects
should be hidden from public view. By stating that an IP address
block is in public knowledge, we mean, for example, that:
1- Geographic location of an IP address i.e. country, city
can be found out.
2- Organization to which the IP address is assigned can be
found out.
3- How do Internet registrars respond to queries against
these IP address blocks.
In the case of information warfare with military implications, it is
very important that the source network used for the attack cannot
be traced back to. Therefore any design and audit of such a
military network needs special considerations which are different
from those of commercial and business networks. It is to be noted
that how such a level of anonymity may be achieved is entirely
another area of research. In brief, the level of anonymity one can
achieve is relative to the capability of the enemy.
2.2 Traffic Concealment
It is usual in military to keep a tab on the activity of the enemy.
Translated to the cyber warfare, this means that a military should
keep a tab on the defence networks of the hostile countries and
similarly expect the same from the other side and adopt means to
hide or conceal its networks activity and traffic. If the enemy
cannot penetrate a network, it would simply be interested to know
what kind of traffic is flowing to and from network perimeter.
What kinds of search queries are flowing to and from the network,
the email messages, who are the people or networks at the other
end, etc. The exact solution for this problem is encryption.
However, not all destination networks with which a source
network communicates support encryption. Therefore, a means
should be found out to conceal the traffic of a defence network. It
is to be noted that requirement of concealment of traffic is another
layer of security on top of anonymity. Appropriate levels of traffic
concealment may be applied to different computer systems and
networks having various levels of security.
2.3 Specialized Encryption
Conventional encryption algorithms and those available
commercially are not suitable for the purposes of defence and
military purposes. On the other hand, a military would never trust
or share the encryption algorithm it uses itself with another
country. Or if does, then the communication that uses it is secure
as long as the provider does not decide to just intercept and
decipher the cipher text. In other words, an encryption algorithm
is not something that you can buy from somewhere. For a trusted
information and communication system, the military needs to
build, develop and deploy its own encryption algorithms. It is
general knowledge that the countries like US do not even allow
the export of commercial versions of certain encryption
algorithms beyond certain key lengths.
2.4 Classification of Computer Systems
The computer systems, network and communication hardware
employed by the military is usually graded and assigned different
security levels. Before the equipment is deployed, it undergoes
various levels of security evaluations and checks. As a very crude
example, the computer systems may be assigned different security
levels ranging, say, from 1 to 7 with 1 being assigned to a non-
classified system and 7 to a highly classified system. Different
evaluation criteria may be developed for these systems which
again may range from checks on the design and various stages of
development of the equipment and then final testing before it is
deployed. It is to be noted that these checks are employed not only
on the software but also on the firmware and hardware i.e.
evaluation starts not on procurement but much earlier at the
design stage of the equipment. For militaries which do not design
and develop their equipment, this step is skipped thereby
compromising the security of these systems. If a military cannot
follow the steps described, it is always better to know where it
stands if the precautions described are not followed.
It is pertinent to mention here that hardware Trojan horses at the
level of circuit board and even integrated circuits are possible and
is focus of current research [11]. Similarly, BIOS rootkits have
also been designed and hence any hardware piece of equipment is
susceptible to almost same kinds of attacks as software systems.
2.4.1 Hardware Trojan Horses
Consider the case of a stand-alone digital system i.e. a digital
system that is not part of any network. As the digital device does
not interact with any external network, it may be thought that no
attacks can be mounted against the device. However, it is still
possible for a malicious design engineer to leave a malignant hole
i.e. a Trojan horse in the system. For example, a design engineer
could program a peripheral device to run correctly for all
operations except, say, #2600th, or program it in such a way to
behave erratically after certain number of operations or under a
certain critical condition.
The designer could also leave a hardware Trojan horse that can be
controlled remotely, possibly using a radio channel, in an
otherwise standalone digital system. It may be noted that the
Trojan horse may be part of a digital system in the shape of
discrete components or at the level of transistors in an integrated
circuit. In the first case, the Trojan horse may be present on a
circuit board of the system and in the second case, it may be
present inside an integrated circuit in the shape of transistors.
Above descriptions may seem unlikely to some, and therefore it
would be interesting to cite just two instances where hardware
Trojan horses were detected and found spying on unauthorized
information. In the first instance, Seagate external hard drives
were found to have a hardware Trojan horse that transmitted user
information to a remote entity [10]. In the second instance,
Prevelakis et al. report in [11] that, in 2006, Vodafone routers
installed in Greece were altered in such a manner so as to allow
eavesdrop phone conversations of the prime minister and many
other officials.
The hardware Trojan horse may be implanted in the hardware
system at any of the various stages from design to implementation
including plantation. This includes the possibility of implant by
the designer at the level of behavioral description, by a third party
synthesis tool or by the fabrication facility.
2.5 Software Engineering
Even in the world of hackers (we use the term in positive sense), it
is considered bad practice to use someone else’s tools or software
to test or penetrate a remote system and such folks are somewhat
derogatorily termed as script kiddies. Almost always, hackers
leave a trapdoor or some sort of bug in the “tool” they distribute
to others. For example, even Linux distributions like Slackware
and Debian which are otherwise considered very secure, leave a
few unnecessary remote services running which may allow an
attacker to intrude into the system. Other times, hackers may
purposely develop a tool such that it leaves a trace or some sort of
signature so that its action could later be tracked. Therefore, it is
imperative for the military to develop its own set of cyber arms
i.e. software and tools needed for military operations. As the only
resource required for the development of such software is human
resource, the cost factor is not important. Indeed, the cost of self-
built software may be quite lower than an equal quality software
purchased from a third party with the added advantage of
technology transfer.
2.6 Satellite Reconnaissance
From the current commercial satellites, the GeoEye-1 launched in
2008 and operated by the private firm GeoEye located in the US
has a stated resolution of 41 cm or 16 inches which is the highest
amongst commercial satellites [7]. Furthermore, just after two
years i.e. in 2012, the same company GeoEye would launch
satellite GeoEye-2 that would have resolution twice higher
resolution i.e. 20.5 cm or 8 inches. We can infer that commercial
satellite resolution increases at the rate of 2 every four years. Rate
of increase of resolution of military and reconnaissance satellites
must be higher than this as primary research in this area is carried
out by military. However, let us stick with the conservative rate of
increase of resolution as 2 per four years. Further, resolution of
military and reconnaissance satellites can be estimated by
comparing the size of corresponding commercial and military
organization that run this business When this comparison is
made, the private firm GeoEye comes out to be much smaller
enterprise than their military counterparts i.e. National
Reconnaissance Office (NRO), the organization which is
responsible to build and operate US spy satellites. For example, if
we consider the annual financial budget figures, NRO has annual
budget of almost US$ 8 billion whereas GeoEye has total assets
worth almost US$ 790 million i.e. less than one billion. In terms
of number of employees, GeoEye has only 410 employees as
compared to almost 3000 people employed by NRO. Therefore,
we can safely assume that NRO satellites have a resolution that is
at least 10 times better than that of commercial satellites.
Therefore, corresponding to GeoEye-1, a NRO military satellite
would have an estimated resolution of 4.1 cm or 1.6 inches i.e. it
can take photograph of an individual. And just after two years i.e.
by 2012, it would have an estimated resolution of 2.05 cm or 0.8
inches i.e. it would be able to what is being typed on a keyboard.
This estimate is corroborated from other sources as well. Dwayne
A. Day in [6] states that US spy satellite KH-8 could be used to
take photographs of smallest objects and even portraits of
individuals. We quote Dwayne A. Day from his article [6] as:
“The KH-8 could apparently see objects on the ground as small
as a baseball”
“There was the time that some Air Force officers used one to take
a self-portrait”.
It is to be noted that the spy satellite KH-8 for which above
remarks are made was operated in early 1970s. From this, we can
once again infer the resolution of current spy satellites. If we trust
above remarks and also consider the fact that it was almost 30
years ago that KH-8 was operated, it is certain that resolution of
the current spy satellites should rather be better than our
estimates.
Please note further that satellites have a variety of remote sensing
capabilities which may include seeing through building structures
as well. This may well be derived from the fact that satellites have
long been used to locate minerals and structures underground.
It is to be noted that, resolution of reconnaissance satellites is not
stated publicly due to obvious reasons and only estimates can be
made. Resolution of these satellites as calculated above in this
paper is what the authors consider as the best estimate.
Consider above stated capabilities of spy and reconnaissance
satellites being available for cyber and information warfare. Once
the geographical location and name of the organization where the
IP address of an enemy is located is found out, the spy satellite
can look directly at the person and the systems being used by
them. Obviously, this sort of capability would have a decisive
effect on the outcome of the war.
3. FUTURE WORK
Each of the characteristics of a military information system that
we described in this paper leads to a different and its own area of
research. The attributes and dimensions of a military information
system that we have provided here just give an abstract and upper
layer description which are by no means complete and merely
provide a starting point in this direction. Each of these areas needs
further investigation so as to provide lower level details of a
military information system.
4. CONCLUSION
In this paper, we have described and presented parameters that
differentiate a military information system from commercial and
business systems. In short, military information systems have
requirements which are essentially different from those of
commercial and business systems simply because of the reason
that military and business systems are used for entirely different
purposes. Some of such parameters are specialized encryption,
anonymity, traffic concealment, assignment of security levels to
computer systems according to their roles, etc. We have also
suggested and discussed the role that spy satellites can play in a
cyber war.
5. REFERENCES
[1] Banks, S.B., Stytz, M. R., 1996. Software Security
Requirements for Military Computer Generated Forces
System Architectures. Simulation Industry Association of
Australia DOI= http://www.siaa.asn.au/get/2396672378.pdf.
[2] Ceruti, M. G. 2003. Data Management Challenges and
Development for Military Information Systems. IEEE
Transactions on Knowledge and Data Engineering,
September/October 2003.
[3] Crawford, G. A. 1997. Information Warfare: New Roles for
Information Systems in Military Operations. Technical
Report Department of the Airforce, Washington DC. 1997.
[4] Beamount, P. 2010. US Appoints First Cyber Warfare
General. News Report, The Observer, May 2010.
[5] Schell, R. R., Downey, P. J., Popek, G. J. 1973. Preliminary
Notes on the Design of Secure Military Computer Systems.
National Institute of Standards and Technology, US.
[6] Day, D. A. 2009. Ike’s gambit: The KH-8 reconnaissance
satellite. The Space Review, January 2009.
[7] Science News. 2009. World’s Highest-Resolution
Commercial Satellite.. Science Daily 2009
[8] Leyden, J. 2005. CIA Plays Cyber Wargame. News Report,
The Register, May 2005.
[9] Bryant, J. H., Todd, M. A. 1965. The Design and
Implementation of Automated Military Information Systems.
IEEE Transactions on Military Electronics. Volume 9, Issue
2. 1965. 148-152.
[10] Farrell, N., 2007. Seagate hard drives turn into spy
machines”, The Inquirer, November 2007.
[11] Prevelakis, V., Spinellis, D. 2007. The Athens Affair. IEEE
Spectrum, July 2007.
ResearchGate has not been able to resolve any citations for this publication.
Article
Full-text available
In the past decade we have witnessed phenomenal growth in the capabilities of information management systems. National security implications of these capabilities are only now beginning to be understood by national leadership. Information warfare (IW) is one of the new concepts receiving a great deal of attention inside the Washington DC beltway; in some circles 1W is even touted as the cornerstone of future US military doctrine. There is no doubt IW is a concept the modern military officer should be familiar with, for advancements in computer technology have significant potential to dramatically change the face of military command and control. Information warfare theory has tremendous political, technical, operational and legal implications for the military. This article seeks to define IW for the layman and discuss its potential applications. It will also attempt to identify potential military uses of existing information systems technology and address some of the issues facing those who will be responsible for implementing this new doctrine.
Article
Full-text available
Military computer generated forces (CGFs) continue to increase in fidelity and breadth of capability, which has resulted in increasing adoption of these systems in military simulation environments in order to increase exercise fidelity. The success and fidelity of CGF software and data are making them increasingly popular targets for software piracy, reverse engineering, and other forms of misuse. The increasing hazard to CGF software can only be expected to increase as the fidelity of the CGF systems and of their data correspondingly increases. Coupled with the ever more tempting target of CGF software and data is the coming increase in computing and networking capabilities that can provide attackers with the tools and computing power needed to mount ever more sophisticated and powerful attacks. Because of the coming cyber threat and the effectiveness with which it can be mounted, current software development practices and CGF architectures must be modified in anticipation of the threat so that CGF software and data are protected. The development and maintenance of CGF software and data must be undertaken with the understanding that the software and data will come under attack in unpredictable ways using unforeseen techniques over the course of their deployment and use. Therefore, the software architecture and its implementation must be written so that it is inherently secure and can exploit continued advances in software and network security technologies. Unfortunately, there are few broad-based technical efforts that are focused on addressing the CGF software and data security need at either the architecture or implementation level. In response to this need, we identified software architecture requirements for CGF software and data security. Until recently, the need for application software protection and security for its data has been addressed indirectly through efforts to provide security for the simulation environment at the network level. The intended targets of the attacks, the software and the data relied solely upon network-based defenses and the operating system for protection. It has become obvious that merely securing the traffic on the network and login access to computers, while necessary, is not sufficient to provide the necessary security for the software and data involved in distributed simulation environments. Indeed, it is apparent that simulation software and data must be protected using a variety of technologies that are embedded in the software and data. These technologies prevent piracy, theft, and reverse engineering of software and data. Additional techniques are algorithms for detection of attempted compromise of software or data, techniques to allow applications to autonomously detect attempts at tampering, and metrics to permit the objective measurement and comparison of software and data protection techniques. All of these CGF security issues come to a point and can be addressed to some degree in the CGF architecture and design. In this paper, we discuss the architectural issues that must be addressed for CGF software and data security. However, current technologies are not sufficient to address the need, so we also present suggestions for future work.
Article
Full-text available
This paper explores challenges facing information system professionals in the management of data and knowledge in the Department of Defense (DOD), particularly in the information systems utilized to support command, control, communications, computers, and intelligence (C<sup>4</sup> I). These information systems include operational tactical systems, decision-support systems, modeling and simulation systems, and nontactical business systems, all of which affect the design, operation, interoperation, and application of C<sup>4</sup> I systems. Specific topics include issues in integration and interoperability, joint standards, data access, data aggregation, information system component reuse, and legacy systems. Broad technological trends, as well as the use of specific developing technologies are discussed in light of how they may enable the DOD to meet the present and future information-management challenges.
Article
GeoEye-1 is the world’s most advanced commercial imaging satellite. This LEO satellite provides multi spectral imagery at 41 centimeter spatial resolution, from 681 kilometers in space. This talk will outline GE-1’s system specifications and performance.
Article
This document is a collection of working papers produced by the members of the Computer Security Branch, Directorate of Information Systems Technology, Deputy for Command and Management Systems. These papers identify the direction of ongoing computer security efforts. (Author)
Article
Information systems serve in a variety of ways in military environments but have the common objectives of supporting decision processes. Systems engineers have had difficulty in developing automated systems for this purpose because of the amount of lead time required to analyze a problem situation, to procure hardware and to design and prepare computer programs, and because the problems and the problem situation are highly dynamic. Extrapolating requirements for some time in the future from current problems and methods of operation have tended to result in inadequate or incomplete systems designs when systems are developed and tested against the actual requirements in an operational environment. A variety of approaches to system development have been employed. These have ranged from the "job shop" approach at one extreme to the "turn-key" approach at the other. The job shop approach is typified by many independent, special-purpose programs, each written to perform a particular job with its own data base. The programs are executed under job controls established by machine operators. New capabilities are developed and operated in the same way. This approach is usually responsive to individual staff elements since each program is designed for the specific purpose of the particular group which will have considerable input to the design, a good knowledge of the logic employed, and confidence in the products obtained from it. It has growth potential limited only by total machine capacity. Operational capability is provided and can be evaluated with relatively short lead time.
Article
How some extremely smart hackers pulled off the most audacious cell-network break-in ever. On 9 march 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months. The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries, including an employee of the U.S. embassy. The victims were customers of Athens based Vodafone-Panafon, generally known as Vodafone Greece, the country's largest cellular service provider. Tsalikidis was in charge of network planning at the company. A connection seemed obvious. Given the list of people and their positions at the time of the tapping, we can only imagine the sensitive political and diplomatic discussions, high-stakes business deals, or even marital indiscretions that may have been routinely overheard and, quite possibly, recorded. Even before Tsalikidis's death, investigators had found rogue software installed on the Vodafone Greece phone network by parties unknown. Some extraordinarily knowledgeable people either penetrated the network from outside or subverted it from within, aided by an agent or mole. In either case, the software at the heart of the phone system, investigators later discovered, was reprogrammed with a finesse and sophistication rarely seen before or since. A study of the Athens affair, surely the most bizarre and embarrassing scandal ever to engulf a major cellphone service provider, sheds considerable light on the measures networks can and should take to reduce their vulnerability to hackers and moles. It's also a rare opportunity to get a glimpse of one of the most elusive of cybercrimes. Major network penetrations of any kind are exceedingly uncommon. They are hard to pull off, and equally hard to investigate.
US Appoints First Cyber Warfare General The Observer
  • P Beamount
Beamount, P. 2010. US Appoints First Cyber Warfare General. News Report, The Observer, May 2010.
Seagate hard drives turn into spy machines
  • N Farrell
Farrell, N., 2007. Seagate hard drives turn into spy machines", The Inquirer, November 2007.
Ike's gambit: The KH-8 reconnaissance satellite. The Space Review
  • D A Day
Day, D. A. 2009. Ike's gambit: The KH-8 reconnaissance satellite. The Space Review, January 2009.