Wednesday, May 31, 2017

Cyber Kill Chain

There is a demand for Cyber Security IT professionals, so I am updating my knowledge of the area to help teach this. Last year I presented a "Cyberwar: Hypothetical for Teaching ICT Ethics", about a confrontation in the South China Sea.

Cyber Kill Chain


Lockheed Martin offer a Cyber Kill Chain® framework for cyber security. For those not familiar with the aggressive terminology  of the military, such terms can sound confronting, but the "kill chain" from which Lockheed Martin's propitiatory framework is derived is simply the military version of a decision making loop: first investigate the problem, then select a course of action, act and then assess the results before going around the loop again.

Some of the research carried out by the military is in the public domain. Australia's Defence Science and Technology Organisation (DSTO ) produce occasional papers on cyber security. One is McNally, Yiu, Groveand Gerhardy's "Fuzzing: the state of the art" (2012). As the authors explain, fuzzing is a software testing technique which uses test data generated by one program to test  another program. This can be used, for example, for penetration testing, where many tests of passwords could be used to see if access is gained to a system.

 This paper starts with the origins of the technique for testing UNIX utilities at University of Wisconsin-Maddison by  Professor Barton Miller’s students. The paper provides a detailed discussion of more recent techniques. This is perhaps a little too detailed. Like many DSTO papers, at 55 pages, this is more than you need for a brief overview, so the casual reader might want just the introduction and conclusion.

References


McNally, R., Yiu, K., Grove, D., & Gerhardy, D. (2012). Fuzzing: the state of the art (No. DSTO-TN-1043). DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION EDINBURGH (AUSTRALIA). Retrieved from http://www.dtic.mil/dtic/tr/fulltext/u2/a558209.pdf

No comments:

Post a Comment