Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

2006

Computer Sciences

Australian Information Warfare and Security Conference

Articles 1 - 17 of 17

Full-Text Articles in Physical Sciences and Mathematics

Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks Dec 2006

Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks

Australian Information Warfare and Security Conference

The security industry comprises of diverse and multidisciplined practitioners, originating from many disciplines. It has been suggested that the industry has an undefined knowledge structure, although security experts contain a rich knowledge structure. There has also been limited research mapping security expert knowledge structure, reducing the ability of tertiary educators to provide industry focused teaching and learning. The study utilized multidimensional scaling (MDS) and expert interviews to map the consensual knowledge structure of security experts in their understanding of security risk. Security risk concepts were extracted and critiqued from West Australian university courses. Linguistic analysis categorised the more utilized security …

Go to article

Terrorism As Opiniotainment: Perceptions Warriors And The Public Battlefield, Luke Howie Apr 2006

Terrorism As Opiniotainment: Perceptions Warriors And The Public Battlefield, Luke Howie

Australian Information Warfare and Security Conference

Terrorism continues to have a significant impact on the lives of Australians. Whilst Australian cities remain untargeted during this present wave of terrorism, many Australians perceive the threat to be significant. Terrorism is offered for consumption daily in the news media and many Australians have seen the images of terrorism. In addition to television images, media consumers have been inundated with terrorism reporting on talkback radio, in feature films, and in newspapers. What impact does the perceptions wars on terrorism have on Australian society? Are the public more or less knowledgeable because of public debate? These are questions that need …

Go to article

Information Terrorism: Networked Influence, W Hutchinson Apr 2006

Information Terrorism: Networked Influence, W Hutchinson

Australian Information Warfare and Security Conference

The advent of digital information technology heralded the concept of information warfare. This ‘preliminary’ stage in the 1990s really consisted of technology warfare where the networks, upon which combat relied, were seen as weapons to gain ‘information superiority’. This was the inception of the technological aspect of Information Warfare. The realisation of the effectiveness of electronic networks to optimize organisational communication was taken up by industry, the military and terrorist groups alike. As society quickly became more reliant on digital networks to run its critical functions, it became apparent that this infrastructure was vulnerable and needed protection (as well as …

Go to article

Assessing End-User Awareness Of Social Engineering And Phishing, A Karakasiliotis,, S M. Furnell, M Papadaki Apr 2006

Assessing End-User Awareness Of Social Engineering And Phishing, A Karakasiliotis,, S M. Furnell, M Papadaki

Australian Information Warfare and Security Conference

Social engineering is a significant problem involving technical and nontechnical ploys in order to acquire information from unsuspecting users. This paper presents an assessment of user awareness of such methods in the form of email phishing attacks. Our experiment used a webbased survey, which presented a mix of 20 legitimate and illegitimate emails, and asked participants to classify them and explain the rationale for their decisions. This assessment shows that the 179 participants were 36% successful in identifying legitimate emails, versus 45% successful in spotting illegitimate ones. Additionally, in many cases, the participants who identified illegitimate emails correctly could not …

Go to article

Global Reach: Terrorists And The Internet, Simon O'Rourke Apr 2006

Global Reach: Terrorists And The Internet, Simon O'Rourke

Australian Information Warfare and Security Conference

The use of the Internet by terrorists appears to diverge into two distinct modes neither of which is mutually exclusive. The first aligns to the view that terrorists will use the Internet as a platform to launch cyber attacks against critical infrastructure nodes as well as key government and private sector networks. This paper discusses the alternate mode that being the primary use of the Internet by terrorists will be to recruit, train, communicate and gain information about potential targets by conducting virtual reconnaissance. It will examine the nexus between the virtual world and the physical threat that is manifested …

Go to article

The Awareness And Perception Of Spyware Amongst Home Pc Computer Users, M Jaeger, N L. Clarke Apr 2006

The Awareness And Perception Of Spyware Amongst Home Pc Computer Users, M Jaeger, N L. Clarke

Australian Information Warfare and Security Conference

Spyware is a major threat to personal computer based data confidentiality, with criminal elements utilising it as a positive moneymaking device by theft of personal data from security unconscious home internet users. This paper examines the level of understanding and awareness of home computer users to Spyware. An anonymous survey was distributed via email invitation with 205 completed surveys. From an analysis of the survey it was found that the majority of respondents do understand what Spyware is, however, there was found to be a lack of understanding of computer security in defending against Spyware, with 20% of survey respondents …

Go to article

Conceptual Modelling: Choosing A Critical Infrastructure Modelling Methodology, Graeme Pye, Matthew J. Warren Apr 2006

Conceptual Modelling: Choosing A Critical Infrastructure Modelling Methodology, Graeme Pye, Matthew J. Warren

Australian Information Warfare and Security Conference

This paper reports on further research undertaken regarding systems modelling as applied to critical infrastructure systems and networks and builds upon the initial modelling research of Pye and Warren (2006a). We discuss system characteristics, inter-relationships, dynamics and modelling of similar systems and why modelling of a critical infrastructure is important. In overview we compare four modelling methods and techniques previously used to model similar systems and discuss their potential transference to model critical infrastructure systems, before selecting the most promising and suitable for modelling critical infrastructure systems for further research.

Go to article

Electronic Records Management Criteria And Information Security, A Shaw, David T. Shaw Apr 2006

Electronic Records Management Criteria And Information Security, A Shaw, David T. Shaw

Australian Information Warfare and Security Conference

Records management practices are mandatory in many business and government operations. Records management is a mature discipline with extensive body of knowledge, professional associations and clearly defined Australian and international standards. Records systems encompass the hardware, software and people necessary for operation and include records generated by and for the system. The Australian legal system has clearly defined standards for admissible evidence in the Evidence Act. Relevant records may require substantial preparation for submission and yet be inadmissible in legal proceedings. The records and system may be challenged in both theoretical and practical senses and appropriate practices and associated records …

Go to article

Considerations On Deception Techniques Used In Political And Product Marketing, Carlo Kopp Apr 2006

Considerations On Deception Techniques Used In Political And Product Marketing, Carlo Kopp

Australian Information Warfare and Security Conference

This paper explores three deception techniques which are widely used in political and product marketing. These techniques are ‘deception by omission’, ‘deception by saturation’ and the use of ‘deception by spin’. These techniques are newly analysed in the framework of the four canonical strategies of Information Warfare and Shannon’s capacity and entropy theorems, and their respective strengths and weaknesses established. Specific strategies for the defeat of these deception techniques are discussed.

Go to article

Information Terrorism In The New Security Environment, Ken Webb Apr 2006

Information Terrorism In The New Security Environment, Ken Webb

Australian Information Warfare and Security Conference

Over the years there have been many interpretations of what constitutes Information Terrorism. This paper examines the correlation/relationship between Information Warfare and Terrorism, and describes what is considered to be Information Terrorism now. It achieves this by outlining the threat’s impact, advantage and capability. It then examines the positives that can be derived from such and, based on the literature available on the subject, provides a deduced interpretation of what Information Terrorism is. The paper concludes with remarks supporting the assertion that Information Terrorism is a major dynamic and asymmetric threat contributing to a new national security environment.

Go to article

Tags At War: A Review Of The United States Department Of Defence Rfid Tag Data Standard, Uros Urosevic, Christopher Bolan Apr 2006

Tags At War: A Review Of The United States Department Of Defence Rfid Tag Data Standard, Uros Urosevic, Christopher Bolan

Australian Information Warfare and Security Conference

The U.S. Department of Defence have mandated the use of RFID technology in their procurement and supply systems. To enable compatibility across civilian contractors and suppliers and military systems the US DOD RFTag Data Format 2.0 specification has been implemented. This paper outlines the features of this standard and the possible security implications of its adoption.

Go to article

A Study Of The Compliance Of Alarm Installations In Perth, Western Australia: Are Security Alarm Systems Being Installed To Australian Standard As2201.1 – “Systems Installed In A Client's Premises.”, Robert E. Mclaughlin, David J. Brooks Apr 2006

A Study Of The Compliance Of Alarm Installations In Perth, Western Australia: Are Security Alarm Systems Being Installed To Australian Standard As2201.1 – “Systems Installed In A Client's Premises.”, Robert E. Mclaughlin, David J. Brooks

Australian Information Warfare and Security Conference

This study presented an overview of the training available to intruder alarm installers. A survey of domestic and commercial intruder alarm systems (n=20) were completed across Perth, Western Australia, metropolitan area. The gathered data were evaluated against Australian Standard AS2201.1 for intruder alarm systems, to determine whether alarm installations comply with two parts of the standard, being that of control panel location and zone supervision. AS2201.1 requires that intruder alarm control equipment shall be located within the alarmed area, located outside the entry/exit point and operate as dual endofline supervision. The study presents significant findings into the compliance of installed …

Go to article

Engineering A Suburban Ad-Hoc Network, Mike Tyson, Ronald D. Pose, Carlo Kopp, Mohammad Rokonuzzaman, Muhammad Mahmudul Islam Apr 2006

Engineering A Suburban Ad-Hoc Network, Mike Tyson, Ronald D. Pose, Carlo Kopp, Mohammad Rokonuzzaman, Muhammad Mahmudul Islam

Australian Information Warfare and Security Conference

Networks are growing in popularity, as wireless communication hardware, both fixed and mobile, becomes more common and affordable. The Monash Suburban Ad-Hoc Network (SAHN) project has devised a system that provides a highly secure and survivable ad-hoc network, capable of delivering broadband speeds to co-operating users within a fixed environment, such as a residential neighbourhood, or a campus. The SAHN can be used by residents within a community to exchange information, to share access to the Internet, providing last-mile access, or for local telephony and video conferencing. SAHN nodes are designed to be self-configuring and selfmanaging, relying on no experienced …

Go to article

Deception On The Network: Thinking Differently About Covert Channels, Maarten Van Horenbeeck Apr 2006

Deception On The Network: Thinking Differently About Covert Channels, Maarten Van Horenbeeck

Australian Information Warfare and Security Conference

The concept of covert channels has been visited frequently by academia in a quest to analyse their occurrence and prevention in trusted systems. This has lead to a wide variety of approaches being developed to prevent and identify such channels and implement applicable countermeasures. However, little of this research has actually trickled down into the field of operational security management and risk analysis. Quite recently a number of covert channels and enabling tools have appeared that did have a significant impact on the operational security of organizations. This paper identifies a number of those channels and shows the relative ease …

Go to article

An Information Operation Model And Classification Scheme, D T. Shaw, S Cikara Apr 2006

An Information Operation Model And Classification Scheme, D T. Shaw, S Cikara

Australian Information Warfare and Security Conference

Information systems are used in overt and covert conflict and information operations target an opponent’s ability to manage information in support of operations for political, commercial and military advantage. System level attacks are complicated by logistic problems that require resources, command and control. Node level attacks are practical but of limited value. Collocated equipment comprises a temporary node that may be feasibly attacked. Estimation of IW operation merits may founder on the difficulty of predicting the net benefit for the costs. Starting from with Shannon’s model, a simple costbenefit model is discussed. Existing models are extended by an IW attack …

Go to article

Mediated Identification, D T. Shaw Apr 2006

Mediated Identification, D T. Shaw

Australian Information Warfare and Security Conference

Identity and identification are linked by variable meanings and applications and are essential in many remote transactions. Identification relying on mediation or third party intervention may be modified or withdrawn at will. Creating or reestablishing identity may require time and resources including artefacts such as the identity card usually sourced from a third party. The characteristics of the identification process and artefacts are discussed and the requirements of usermediated identification artefacts are explored. The implicit link between user identity and artefact identity may be broken under certain circumstances.

Go to article

Security Risk Assessment: Group Approach To A Consensual Outcome, Ben Beard, David J. Brooks Apr 2006

Security Risk Assessment: Group Approach To A Consensual Outcome, Ben Beard, David J. Brooks

Australian Information Warfare and Security Conference

AS/NZS4360:2004 suggests that the risk assessment process should not be conducted or information gathered in isolation. This insular method of data collection may lead to inaccurate risk assessment, as stakeholders with vested interests may emphasise their own risks or game the risk assessment process. The study demonstrated how a consensual risk assessment approach may result in a more acceptable risk assessment outcome when compared to individual assessments. The participants were senior managers at a West Australian motel located on the West Coast Highway, Scarborough. The motel consists of four three storey blocks of units, resulting in a total of 75 …

Go to article