Defense and Security Studies Commons^™

A Conceptual Frame For Us Counterterrorism Policy: Examining The Effectiveness Against Al Qaeda And Its Associates Prior To 9/11, "Tod" Thomas Patrick Brown

Publications

The United States (US) has been engaged in a “war on terrorism” to “defeat” al Qaeda since 2001. This study presented and tested an over-arching conceptual framework for US Counterterrorism (CT) policy. The conceptual frame was tested using qualitative thematic analysis of archival records from the Reagan through Clinton era. The research also used a case study of al Qaeda as the context to bound the selected records for the study. This new conceptual frame was used to evaluate the success, failure, and effects of US CT policy activities related to al Qaeda, using the records identified for the study. …

Armed And Unarmed Drone Perception In Conflict Zones, Nazish Chunara

Student Works

Regions across the globe that are impacted by conflict are often the recipients of both armed and unarmed drones. These dual-use systems blur the boundary between military and civilian objectives. The goal of this literature review is to understand the scope of research conducted in conflict zones from the perspective of the civilian. Civilian includes resident, visitor, and worker. A gap in the available literature has been identified within the context of dual-use systems, conflict zones, and the civilian perspective.

An Empirical Study Of The Evolution Of Homeland Security Definitions And The Public Perception Of Homeland Security, Alexander Siedschlag, Andrea Jerković

Publications

Objectives

• To introduce results from a currently conducted empirical study (quantitative systematic review) of the evolution of official homeland security definitions from related federal strategies, frameworks, guidelines, the QHSRs, enterprise agencies’ FY strategic plans, and related documents.

• To identify continuing and changing ingredients of the sprouting public policy and strategy definition of homeland security.

• To compare those findings to the development of the public perception of homeland security and how people would define the term, using the example of Pennsylvania, with our multi-year poll study of residents’ perception of homeland security.

Utility

• While valuable analyses of …

Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk

Annual ADFSL Conference on Digital Forensics, Security and Law

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …

A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …

Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …

Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …

The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan

Annual ADFSL Conference on Digital Forensics, Security and Law

In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …

Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …

Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …

Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …

A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow

Annual ADFSL Conference on Digital Forensics, Security and Law

Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …

Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha

Annual ADFSL Conference on Digital Forensics, Security and Law

The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …

Civic Homeland Security Culture: A Poll Study Approach And The Example Of Pennsylvania, Alexander Siedschlag

Publications

COVID-19 response experience around the world has demonstrated that it is indispensable to understand the public understanding of, and needs during, risk, hazards, and crisis in public policy, in particular related to the security of society as a whole. The ultimate goal of homeland security and broader civil (or sometimes referred to as societal) security alike, as well as of related security science research, is to accomplish resilient societies through a culture of preparedness. Civic security culture is a necessary ingredient to such a culture of preparedness. The security culture perspective also helps understand how a resilient society and nation …

Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri

Publications

As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable.

Whole-Community Response Planning For Pennsylvania’S Ongoing Opioid Emergency, Alexander Siedschlag

Publications

The Penn State Center for Security Research and Education (CSRE), in collaboration with Penn State Homeland Security Programs and the Pennsylvania Emergency Management Agency (PEMA), held a tabletop exercise that addressed first-responder and whole-community response and resilience to the ongoing opioid crisis. The exercise, which took place Sept. 24, 2019, at PEMA headquarters in Harrisburg, Pa., also was supported by the Governor’s Office for Homeland Security and the Pennsylvania Department of Health’s Bureau of Public Health Preparedness. The Dickinson School of Law and Immaculata University were academic contributors. This article summarizes the main outcome in the current COVID-19 context.

Cyber Supply Chain Risk Management: Implications For The Sof Future Operating Environment, J. Philip Craiger, Laurie Lindamood-Craiger, Diane M. Zorri

Publications

The emerging Cyber Supply Chain Risk Management (C-SCRM) concept assists at all levels of the supply chain in managing and mitigating risks, and the authors define C-SCRM as the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology products and service supply chains. As Special Operations Forces increasingly rely on sophisticated hardware and software products, this quick, well-researched monograph provides a detailed accounting of C-SCRM associated laws, regulations, instructions, tools, and strategies meant to mitigate vulnerabilities and risks—and how we might best manage the evolving and ever-changing array of …

Ethical, Legal, And Social Issues (Elsi), Andrea Jerkovic´, Alexander Siedschlag

Publications

This chapter introduces the concept of ethical, legal, and social issues – known as ELSI – as it is relevant to security science research and security science-informed practice. After defining ethical, legal, and social issues, the chapter addresses main ELSI domains and discusses how to address those in security science. Arguments are illustrated using examples from domains such as critical infrastructure protection and novel coronavirus pandemic (COVID-19) response. Subsequently, the chapter demonstrates the relevance of ELSI analysis in security science for risk assessment and vulnerability analysis. It argues for a comprehensive approach to ELSI assessment and consideration in security science …

The Role Of The Internet In Intelligence Gathering And Spreading Propaganda, Leila Halawi

Publications

The analysis of American intelligence as an academic discipline exhibits an excellent level of integration regarding subject matter and methods from military history and strategic studies. The knowledge and information revolution steered a different online culture of sharing and oversharing. While the study of intelligence has primarily been associated with historical methods thus far, opportunities for innovation are also afforded by advances in theoretical and conceptual thinking about intelligence. Such revolutions can help intelligence history while concurrently enlightening the disputes on intelligence in the twentyfirst century. The takings from the information age consist of low cost for access to data …

Pennsylvania’S Covid-19 Response Vs. Homeland Security Frameworks And Research: Masking The Whole Community, Alexander Siedschlag

Publications

This essay offers an intermediate discussion of select policy, strategic, operational, and tactical issues that demonstrate where and how the Commonwealth of Pennsylvania’s novel coronavirus response on the one hand, and homeland security frameworks and research on the other, converge or—more often so—diverge, and how to narrow this gap. Although typically framed as a pandemic owned by the public health sector, the COVID-19 response falls directly within the homeland security mission space, whose core missions include “Ensuring Resilience to Disasters.” In some respects, Pennsylvania’s response exemplifies best practices suggested by research. In other dimensions, it is neither in line with …

China’S “Three Warfares”: People’S Liberation Army Influence Operations, Edwin S. Cochran, U.S. Department Of Defense, Retired

International Bulletin of Political Psychology

The following article—whose author is both a retired US Army officer and retired Department of Defense civilian employee with multiple publications—focuses on Chinese information operations. Readers might wish to speculate on matters such as why the Chinese have organized the way they have, whether the organization leads to optimal integration of tools of national security/political power, and how vulnerable specific populations and even intelligence cultures are to specific types of information operations. One might even conclude that the only thing that has not changed in thousands of years has been the technology available to influence others.

This article examines the …

Washington Dc Model North Atlantic Treaty Organization, Mackenzie Creighton, Kaylee Coffman, Kevin Lundquist, Cameron Zarnich, Colin Molitor, Marc Rego, Stefan Johnson, Robert Belz-Templeman, Takashi Quinlan, Niklas Becker-Brown

Discovery Day - Prescott

Model North Atlantic Treaty Organization (NATO) consists of several committees, each of whom draft policy relevant to their respective topics of discussion. The Committees debate for the course of the conference, drafting NATO policy to solve a multitude of issues. During this time, a simulated crisis also occurs, and each committee must respond to the updates from the crisis as well as focus on their original goals. After the final committee sessions of the conference, the final resolutions passed by each committee are sent to the North Atlantic Council (NAC), who works to approve all of them unanimously. The end …

Integrating Aviation Technology, Emergency Services, And Human Resilience: Considerations From Social Scientists, Chelsea A. Lenoble Ph.D., Joel M. Billings Ph.D., Allison A. Kwesell Ph.D., Ray H. Chang Ph.D.

National Training Aircraft Symposium (NTAS)

Unmanned aerial systems (UAS) have a range of applications within the field of disaster response. This presentation offers a novel framework of psychosocial considerations designed to advance UAS and disaster management integration. Social scientists highlight important challenges to the effective integration of three primary entities: UAS, the team of teams that responds to disasters, and populations affected by disasters.

The presentation adopts an emerging theoretical perspective on the intersection between UAS capabilities and disaster phases and extends it by bringing necessary attention to social science issues. Specifically, the framework outlines psychosocial considerations and areas of improvement for preparation (training), response …

Penn State’S School Of Public Affairs Security-Related Academic Programs Amid The Novel Coronavirus Catastrophe, Alexander Siedschlag

Publications

Due to its large OL student population, Penn State’s School of Public Affairs had (unintended) applicable crisis contingency protocols in place prior to the COVID-19 outbreak. With the support of our college’s Center for Teaching Excellence, many traditional F2F residential courses had already been set up on our learning management system (LMS), Canvas. As a result, many of our school’s traditional students and faculty had a handle on using Canvas and remote learning technology. The center enhanced and focused its services to faculty as COVID-19 evolved (Center for Teaching Excellence, 2020). As the COVID-19 crisis hit Penn State during the …

Current Trends In Small Unmanned Aircraft Systems: Implications For U.S. Special Operations Forces, J. Philip Craiger, Diane Maye Zorri

Publications

This paper assesses current trends in small unmanned aircraft systems (sUAS) technology and its applications to the Special Operations Forces (SOF) community. Of critical concern to SOF is that commercial-off-the-shelf (COTS) sUAS technologies are relatively inexpensive, improving at a dramatic rate, and widely available throughout the world. Insurgents, terrorists, violent extremist organizations (VEOs) and other nefarious actors have used COTS sUAS to conduct offensive attacks as well as to develop battlefield situation awareness; these technological improvements combined with their widespread availability will require enhanced and rapidly adaptive counter-sUAS measures in the future. To understand the most current trends in the …

Us And The Cold War In Latin America, Thomas Field

Publications

The Cold War in Latin America had marked consequences for the region’s political and economic evolution. From the origins of US fears of Latin American Communism in the early 20th century to the collapse of the Soviet Union in the early 1990s, regional actors played central roles in the drama. Seeking to maximize economic benefit while maintaining independence with regard to foreign policy, Latin Americans employed an eclectic combination of liberal and anti-imperialist discourses, balancing frequent calls for anti-Communist hemispheric unity with periodic diplomatic entreaties to the Soviet bloc and the nonaligned Third World. Meanwhile, US Cold War policies toward …

Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …

Fatal Attractions, Elective Affinities, And Deadly Epistemologies, Ibpp Editor

International Bulletin of Political Psychology

This article cites film, the novel, and news report to underline the deadly seriousness of the quest for knowledge.

Espionage: Why Did Hanssen Do It?, Ibpp Editor

International Bulletin of Political Psychology

This article describes speculative elements of a post-dictive profile on Robert P. Hanssen’s convictions for espionage and conspiracy.

A Roundtable For Victoria M. Grieve, Little Cold Warriors: American Childhood In The 1950s, Thomas Field Jr., Julia L. Mickenberg, Lori Clune, Mary Brennan, Donna Alvah, Victoria M. Grieve

Publications

Dr. Thomas Field introduces a roundtable discussion of Victoria M. Grieve's Little Cold Warriors: American Childhood in the 1950s, providing a synopsis of reviewer critiques before the reviewers expand on their views and the author responds.