Logo: to the web site of the Swedish Defence University

fhs.se
Change search
Refine search result
1 - 25 of 25
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Bengtsson, Johnny
    et al.
    Swedish National Forensic Centre, Swedish Police Authority and Department of Electrical Engineering, Linköping University, (SWE).
    Huskaj, Gazmend
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde.
    The Manifestation of Chinese Strategies Into Offensive Cyberspace Operations Targeting Sweden2021In: Proceedings of the 20th European Conference on Cyber Warfare and Security / [ed] Dr. Thaddeus Eze, Dr. Lee Speakman and Dr. Cyril Onwubiko, Reading, UK, 2021, p. 35-43Conference paper (Refereed)
    Abstract [en]

    The aim of this article is to present how Chinese strategies are manifested into offensive cyberspace operations targeting Sweden. It is commonly known that People’s Republic of China (PRC, and in this definition the meaning of thegovernment and its military), uses five-year plans (FYP) for social and economic steering strategy of their country. This has been going on since 1953 until today. In 2015, the national strategic plan Made in China 2025 (中国制造2025) was launched by Le Keqiang, the Premier of the State Council of PRC. The main goal with this plan is to strengthen the economic development. In addition, Chinese military strategists noted the importance of information warfare and intelligence during military operations. This article is based on open sources: the official English translated version of the 13th Five-year plan (FYP) and other reporting on cyberspace operations linked to the PRC. A number of cases are presented to highlight the link between the PRC FYP and their targets. Next, the current situation in Sweden is presented and how the country is targeted by PRC-linked activities, both in and through cyberspace, but also military infiltration on academia. The results show that Sweden has been, and is continuously the target of offensive cyberspace operations. In parallel, the country is also the target of military infiltration on the academia, and direct investment strategies such as Huawei attempting to compete for the 5G frequency actions arranged by the Swedish Post and Telecom Authority. In conclusion, Sweden will continue to experience cyberespionage from PRC on all levels and on all domains; science, technology, IP and privacy information theft. Previously unveiled cyberspace operations cases in this article have proven to be a convenient strategy for the PRC to reduce its research and development gap in several ways; innovatively, financially and to shortening the time-to-market (TTM).

  • 2.
    Boschetti, Nicolò
    et al.
    (USA).
    Gordon, Nathaniel
    (USA).
    Sigholm, Johan
    Swedish Defence University, Department of Systems Science for Defence and Security, Systems Science for Defence and Security Division.
    Falco, Gregory
    (USA).
    Commercial Space Risk Framework Assessing the Satellite Ground Station Security Landscape for NATO in the Arctic and High North2022In: 40th IEEE Military Communications Conference, Rockville, MD, USA, November 28 - December 2, 2022., IEEE , 2022, p. 679-686Conference paper (Refereed)
    Abstract [en]

    Satellite ground stations in the Arctic and High North are of strategic importance to NATO, given their ability to collect intelligence from space assets in polar Earth orbit. Commercial space infrastructure such as ground systems are increasingly dual-use, employed for both civilian and defense purposes. Their dual-use could cause them to become military targets. As such, commercial operators must strategically consider ground station placement to optimize for utility, while accounting for their security risk. This research presents a frame-work to assess the commercial satellite ground station security landscape by outlining security and performance tradeoffs given geographic location, including proximity to potential adversaries, and designates eight separate risk regions. Particularly, Sweden's and Finland's space infrastructure is of focus given their recent application to join NATO in the wake of Russian aggression. The paper concludes that, to secure ground stations and the assets and services that they enable, a comprehensive risk evaluation including positioning of ground stations is critical.

  • 3.
    Boschetti, Nicolò
    et al.
    Johns Hopkins University, (USA)..
    Sigholm, Johan
    Swedish Defence University, Department of Systems Science for Defence and Security, Systems Science for Defence and Security Division.
    Wallén, Mattias
    Swedish Space Corporation, (SWE)..
    Falco, Gregory
    Johns Hopkins University, (USA)..
    A Hybrid Space Architecture for Robust and Resilient Satellite Services2023In: 2023 IEEE International Conference on Space Mission Challenges for Information Technology (SMC-IT), Institute of Electrical and Electronics Engineers (IEEE) , 2023, p. 114-122Conference paper (Refereed)
    Abstract [en]

    A 'hybrid space architecture' has been proposed to facilitate robust and resilient satellite data downlink, integration and analysis; however, the technical details for what may comprise a hybrid space architecture are severely lacking. Thus far, 'hybrid' principally entails the diversity of commercial providers. While diverse suppliers can contribute to hybrid space architectures, we argue that robustness and resilience will only be achieved through heterogeneous network and asset architectures. A connected satellite services ecosystem composed of the union of different networks with different characteristics would limit single points of failure, thereby generating high levels of redundancy, resilience and scalability. This research outlines parameters of a hybrid space architecture, documents satellite service reference architectures and provides a comparative analysis of the features for each architecture. Further, through a case study of existing satellite service providers, we propose how a hybrid space architecture could be piloted in Northern Europe and the High North.

  • 4.
    Boschetti, Nicolò
    et al.
    Johns Hopkins University (USA).
    Smethurst, Chelsea
    Microsoft (USA).
    Epiphaniou, Gregory
    University of Warwick (GBR).
    Maple, Carsten
    University of Warwick (GBR).
    Sigholm, Johan
    Swedish Defence University, Department of Systems Science for Defence and Security, Systems Science for Defence and Security Division.
    Falco, Gregory
    Johns Hopkins University (USA).
    Ground Station as a Service Reference Architectures and Cyber Security Attack Tree Analysis2023In: 2023 IEEE Aerospace Conference, Institute of Electrical and Electronics Engineers (IEEE), 2023Conference paper (Refereed)
    Abstract [en]

    As the Ground Station as a Service (GSaaS) paradigm transforms space infrastructure operations, new attack surface emerges for malicious actors. While the space community generally refers to GSaaS as a singular model, there are several flavors of these systems. After a description of the general GSaaS network's basic structure, this paper presents an analysis of four reference architectures of GSaaS. On the basis of this systems engineering analysis, a cybersecurity analysis of the critical nodes will be carried out through the attack tree method. Later the cybersecurity implication both of technical and strategic characteristic of GSaaS networks will be discussed and put in relation with the current state of space cyberwarfare landscape.

  • 5.
    Franke, Ulrik
    et al.
    Swedish Defence Research Agency (FOI); Swedish Institute of Computer Science (SICS).
    Cohen, Mika
    Swedish Defence Research Agency (FOI).
    Sigholm, Johan
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Applications Section.
    What can we learn from enterprise architecture models?: An experiment comparing models and documents for capability development2018In: Software and Systems Modeling, ISSN 1619-1366, E-ISSN 1619-1374, Vol. 17, no 2, p. 695-711Article in journal (Refereed)
    Abstract [en]

    Enterprise architecture (EA) has been established as a discipline to cope with the complex interactions of business operations and technology. Models, i.e., formal descriptions in terms of diagrams and views, are at the heart of the approach. Though it is widely thought that such architecture models can contribute to improved understanding and decision making, this proposition has not rigorously been tested. This article describes an experiment conducted with a real EA model and corresponding real traditional documents, investigating whether the model or the documents lead to better and faster understanding. Understanding is interesting to study, as it is a prerequisite to other EA uses. The subjects (N = 98) were officer cadets, and the experiment was carried out using a comprehensive description of military Close Air Support capability either (1) in the form of a MODAF model or (2) in the form of traditional documents. Based on the results, the model seems to lead to better, though not faster, understanding.

  • 6.
    Gradh, Anders
    Swedish Defence University.
    En stabs nätverkstrafik: En analys av användningen av datornätverkskapacitet i en operativ stab under övningen VIKING 112015Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
    Abstract [en]

    In 2014 the Swedish Armed Forces (SwAF) spent almost SEK 20 million on the procurement of satellite capacity for use during training, exercises and operations. However, according to SwAF Headquarters, the capacity procured did not meet unit demands.

    The aim of this study is to gain a better understanding of the capacity usage in an operational headquarters, based on the headquarters’ staff procedures and to see if there is any military utility to be gained in connection with this capacity.

    The starting point for the study is quantitative data about network usage. This quantitative data is then compared with staff work based on quantitative and qualitative data from war diaries, governing documentation and studies.

    The study shows that capacity usage is not related to staff work, but is instead linked to the presence of staff and their use of the Internet. The study also indicates that there could be potential for greater military utility of network capacity, but this will require the introduction of network priority mechanisms and further studies into user traffic.

    Download full text (pdf)
    fulltext
    Download (pdf)
    bilaga
  • 7. Hedén, Hugo
    Systems methodology for Analysis of Airborne Electronic Warfare Systems2021Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
    Abstract [en]

    This report is one of the first to examine how system methodology can be applied as a tool to facilitate a holistic view of fighter aircraft survivability. This is done through the application of a modified version of multi-agent influence diagrams (MAIDs), as an analytical tool of two generic one-on-one scenarios based on Robert E. Balls The Fundamentals of Aircraft Combat Survivability, Analysis and Design. The concept of survivability has been limited to susceptibility because this is where ECM, ECCM and ESM operate.

    The result: three influence diagrams for each scenario and a generic MAID developed for the first scenario. These should not be seen as an exact technical description of the interaction between threats and countermeasures, but as a pilot application of system methodology within the study area. Furthermore, the user validation indicates that the diagrams can convey the complexity of the interactions between threats and countermeasures through a graphical presentation. The diagrams led to a deeper discussion about which influences are important for survival.

    The conclusion is that MAID and systems methodology can serve as a tool to describe and help communicate the complex relationships between elements and influences that affect the aircraft's survivability between different actors, provided they are modelled correctly.

    Download full text (pdf)
    2FS003_Heden_22.04.13.pdf
  • 8.
    Huskaj, Gazmend
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Sweden.
    The Current State of Research in Offensive Cyberspace Operations2019In: Proceedings of the 18th European Conference on Cyber Warfare and Security, Academic Conferences and Publishing International Limited, 2019, p. 660-667Conference paper (Refereed)
    Abstract [en]

    Cyber-attacks have increased since the 1988-Morris worm and can target any connected device from any place in the world. In 2010, Stuxnet received a lot of attention as the first cyber-weapon. Its targets were the Iranian nuclear enrichment centrifuges. Nation states are developing cyberspace capabilities to conduct offensive cyberspace operations. Academic researchers have been calling for a more transparent discussion on offensive capabilities and have pointed out the positive impact researchers had during the development of nuclear capabilities. Shrouded in secrecy, the development of offensive capabilities used for operations makes it difficult to conduct research. Therefore, one way to mitigate this is to conduct a systematic review of the current state of research in offensive cyberspace operations. The systematic review method makes it possible to establish certain inclusion and exclusion criteria and systematically go through academic articles to identify the contents, thoughts and research focus of academic researchers. Six scientific databases were queried and 87 articles were read and clustered. The first insight is that, based on the results of the queried databases, research about offensive cyberspace operations is limited. The resulting clusters are a general cluster about cyberspace operations, followed by research in policy, decision-making, governance, capabilities, levels, models, training, deterrence and international affairs. These are then further grouped into: a) general cyberspace operations; b) deterrence; c) international affairs; d) modelling, simulation and training. The article concludes that research into offensive cyberspace operations is maturing as more information is becoming public. Secondly, current research lists some good basic ideas regarding effects which can be achieved through offensive cyberspace operations, how they should be conducted, and related tools, techniques and procedures. However, discrepancies in research efforts exist, with the majority of research coming primarily from the western world. In addition, secrecy and the resulting limited access to information, coupled with research being either too technically focused or too qualitatively focused, show that there still remains room for research in this field. Finally, some directions for future research are examined.

    Download full text (pdf)
    The Current State of Research in Offensive Cyberspace Operations
  • 9.
    Huskaj, Gazmend
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Sweden.
    What is a Substantial Contribution to a Research Project in Offensive Cyberspace Operations that Merits Co-Authorship?2022In: Proceedings of the 17th International Conference on Cyber Warfare and Security: State University of New York at Albany Albany, New York, USA 17-18 March 2022 / [ed] Dean Robert P. Griffin, Dr. Unal Tatar and Dr. Benjamin Yankson, Reading, UK: ACI Academic Conferences International, 2022, p. 385-394Conference paper (Refereed)
    Abstract [en]

    This article reviews the question what is a substantial contribution to a research project in offensive cyberspace operations that merits co-authorship? Frustrations and conflicts may develop during research projects when researchers with different backgrounds, cultures, research fields and expertise decide to conduct research and produce and publish those results. The focus of this paper is a research project in cyberspace operations while taking into account the power-dynamics inherent in the academic system and how these can affect the co-authorship of research products. First, the purpose with doing research is presented. Next, three models of the research process are reviewed, describing their differences and similarities. Then, linguistic analysis is applied on a set of terms in guidelines for co-authorship described in some different universities in Sweden. The results present a model for a research project in offensive cyberspace operations and based on the output of the linguistic analysis, the model is used to quantify and describe what a substantial contribution is in three scenarios that merits co-authorship. 

  • 10.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Sweden.
    Iftimie, Ion A.
    Eisenhower Defence Fellow, NATO Defense College, Rome, Italy (ITA); European Union Research Center, George Washington School of Business, Washington D.C., (USA); Central European University, Vienna, Austria (AUT).
    Toward an Ambidextrous Framework for Offensive Cyberspace Operations: a Theory, Policy and Practice Perspective2020In: Proceedings of the 15th International Conference on Cyber Warfare and Security / [ed] Payne, Brian K.; Wu, Hongyi, Reading, UK: Academic Conferences and Publishing International Limited, 2020, p. 243-253Conference paper (Refereed)
    Abstract [en]

    This article addresses the rise in state-sponsored cyber attacks over the past three decades and proposes a new ambidextrous framework for offensive cyberspace operations. Since 1982, nation states have embarked in a fierce race to develop both clandestine and covert offensive cyber capabilities. Their intended targets range from foreign militaries and terrorist organizations to civilian populations and the critical infrastructures that they rely upon. Advancements in cyber security have, however, contributed to the discovery and attribution of offensive cyber operations, such as state-sponsored ransomware attacks, where state-built cyber capabilities have been used to attack governments, industries, academia and citizens of adversary nations. The financial and psychological costs of these ransomware attacks are today a threat to any state’s national security. This article draws from academic research, the cyber military doctrines of four countries—a total of eight models from the Netherlands, Sweden, the U.S., and the U.K.—and the authors’ operational experience to propose a new ambidextrous framework for offensive cyberspace operations. This ambidextrous framework for offensive cyberspace operations and the associated Cyberspace Operations Canvas are needed today in order to increase the resilience of national critical infrastructures against attacks from state-developed tools. We use the WannaCry-case to illustrate how the implementation of the ambidextrous framework for offensive cyberspace operations would result in increased awareness and understanding of the prospective cyber threats, their intended target(s), the likelihood of cascading effects and the options available by nation states to minimize them.

    Download full text (pdf)
    Toward an Ambidextrous Framework for Offensive Cyberspace Operations - A Theory Policy and Practice Perspective
  • 11.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. University of Skövde, (SWE).
    Iftimie, Ion A.
    NATO Defense College, (ITA); European Union Research Center, George Washington School of Business, (USA).
    Wilson, Richard L.
    Towson University, (USA); Hoffberger Center for Professional Ethics, University of Baltimore, (USA).
    Designing attack infrastructure for offensive cyberspace operations2020In: Proceedings of the 19th European Conference on Cyber Warfare and Security: A Virtual Conference hosted by University of Chester UK / [ed] Thaddeus Eze, Lee Speakman, Cyril Onwubiko, Reading, UK: Academic Conferences and Publishing International Limited, 2020, p. 473-482Conference paper (Refereed)
    Abstract [en]

    This article addresses the question ‘what considerations should be taken by cyber commands when designing attack infrastructure for offensive operations?’. Nation-states are investing in equipping units tasked to conduct offensive cyberspace operations. Generating ‘deny, degrade, disrupt, destroy or deceive’ effects on adversary targets requires to move from own (‘green’), through neutral (‘grey’), to adversary (‘red’) cyberspace. The movement is supported by attack infrastructure for offensive cyberspace operations. In this paper, we review the professional and scientific literature identifying the requirements for designing an attack infrastructure. Next, we develop and define the concepts for attack infrastructure. Finally, we explain and describe the considerations for designing attack infrastructure. The research question is answered by proposing a framework for designing attack infrastructure. This framework is vital for military and civilian commands designing attack infrastructure for offensive cyberspace operations. 

    Download full text (pdf)
    Designing attack infrastructure for offensive cyberspace operations
  • 12.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Sweden.
    Moradian, Esmiralda
    Department of Computer and Systems Sciences, Stockholm University, Sweden.
    Cyber Deterrence: An Illustration of Implementation2018In: 13th International Conference on Cyber Warfare and Security (ICCWS 2018) / [ed] John S. Hurley & Jim Q. Chen, Sonning: Academic Conferences and Publishing International Limited, 2018, p. 304-311Conference paper (Refereed)
    Abstract [en]

    Cyber deterrence is a strategy to deter attackers from conducting cyber-attacks in the first place. However, several issues exist when implementing cyber deterrence, which are identified in this paper. The findings show (1) non-existence of the deterrence strategy  (2) no doctrine or decision competence to retaliate to an adversary, (3) the armed forces have no authority to retaliate when Swedish sovereignty in Cyberspace is threatened, (4) no norms or regulations exist concerning retaliation, (5) no clear governance on using offensive cyber capabilities, and finally, (6) no credibility in its cyber deterrence posture regarding how much Sweden is willing to sacrifice to protect its electoral system, which is a Swedish national interest. Therefore, this research investigates how cyber deterrence can practically be implemented in Swedish cyber security policy. So far, researchers generally focused on the human aspect of cyber deterrence. By using the case study research strategy and utilizing the Swedish electoral system as a case, this paper examines possibilities to merge the human dimensions of cyber security with the technological dimensions. Data collection is performed through documents studies and semi-structured interviews with experts in the area to identify cyber deterrence components. Further, a mathematical approach is discussed in the paper to express the relationship between an adversary and a deterrent depicting each of the actor’s risk calculus. A result of the research work performed in this paper, the deterrence components for Swedish cyber deterrence are proposed and risk calculus is performed. Moreover, measures to increase Swedish cyber deterrence posture are proposed the practical implementation of cyber deterrence in Swedish cyber security policy in order to deter attacks on the Swedish electoral system is demonstrated.

    Download full text (pdf)
    Cyber Deterrence - An Illustration of Implementation
  • 13.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Skövde, Sweden.
    Wilson, R L
    Department of Philosophy and Computer and Information Sciences Towson University, Towson, Maryland, (USA), and Hoffberger Center for Professional Ethics, University of Baltimore, Baltimore, Maryland, (USA).
    Offensive Cyberspace Operations and Zero-days: Anticipatory Ethics and Policy Implications for Vulnerability Disclosure2021In: Journal of Information Warfare, ISSN 1445-3312, Vol. 20, no 1, p. 96-109Article in journal (Refereed)
    Abstract [en]

    This article addresses the question under which circumstances zero-day vulnerabilities should be disclosed or used for offensive cyberspace operations. Vulnerabilities exist in hardware and software and can be seen as a consequence of programming errors or design flaws. The most highly sought are so-called zero-day-vulnerabilities. These vulnerabilities exist but are unknown and, when exploited, enable one way of entry into a system that is otherwise not thought possible. Therefore, from an anticipatory ethics perspective, it is important to understand in what cases zero-days should be disclosed or not.

  • 14.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Skövde, Sweden.
    Wilson, Richard L.
    Towson University (USA), Hoffberger Center for Professional Ethics, University of Baltimore (USA).
    An Anticipatory Ethical Analysis of Offensive Cyberspace Operations2020In: 15th International Conference on Cyber Warfare and Security / [ed] Payne, Brian K.; Wu, Hongyi, Reading, UK: Academic Conferences and Publishing International Limited, 2020, p. 512-520Conference paper (Refereed)
    Abstract [en]

    This article presents the ethical issues using offensive cyberspace operations. Previously enshrouded in secrecy, and now becoming the new norm, countries are using them to achieve their strategic interests. Russia has conducted offensive operations targeting Estonia, Georgia and the Ukraine; Hamas was targeting Israeli targets; and Iran has been targeting U.S. targets. The response has varied; Estonia and Georgia struggled with the attacks and were unable to respond while Ukraine tried to respond but it was inefficient. Israel’s response on Hamas offensive operations was an air strike on a building with Hamas Cyber-operatives. Iran shot down a U.S. Drone over the Strait of Hormuz, and the U.S. initially intended to respond with kinetic capabilities in the form of missile strikes. However, in the last minute, the U.S. chose to respond with offensive cyberspace operations targeting the Iranian missile systems. This last-minute change of response choosing between kinetic or cyber capabilities shows a need to further investigate how offensive cyberspace operations can be used against which targets from an ethical perspective. This article applies anticipatory ethical analysis on U.S. offensive operations in the “Global Hawk”-case when Iran shot down a U.S. drone over the Strait of Hormuz. Anticipatory ethical analysis looks at emerging technologies and their potential consequences. Offensive cyberspace operations present a range of possibilities, which include lowering the risk of harm to cyber operatives’ lives belonging to the responding nation. However, a response can also be kinetic. Therefore, the analysis of the “Global Hawk”-case is compared with the Israeli-air strike of the building of Hamas Cyber-operatives. The authors argue that applying anticipatory ethical analysis on offensive operations and kinetic operations assist decision makers in choosing response actions to re-establish deterrence.

    Download full text (pdf)
    An Anticipatory Ethical Analysis of Offensive Cyberspace Operations
  • 15.
    Huskaj, Gazmend
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. School of Informatics, University of Skövde, Skövde, Sweden.
    Wilson, Richard L.
    Towson University, USA), Hoffberger Center for Professional Ethics, University of Baltimore (USA).
    Anticipatory Ethics for Vulnerability Disclosure2020In: Proceedings of the 15th International Conference on Cyber Warfare and Security / [ed] Payne, Brian K.; Wu, Hongyi, Reading, UK: Academic Conferences and Publishing International Limited, 2020, p. 254-261Conference paper (Refereed)
    Abstract [en]

    This article presents the ethical dilemma related to under what circumstances vulnerabilities should be disclosed. Vulnerabilities exist in hardware and software, and can be as a consequence of programming errors or design flaws. Threat actors can exploit these vulnerabilities to gain otherwise unintended access to information systems, resources and/or stored information. In other words, they can be used to impact the confidentiality, integrity and availability of information in information systems. As a result, various types of vulnerabilities are highly sought after since they enable this type of access. The most highly sought are so-called “zero-day”-vulnerabilities. These are vulnerabilities that exist but are unknown, and when exploited, enable one way of entry into a system that is not thought possible. This is also why zero-day vulnerabilities are very popular among criminal organizations, states and state-sponsored advanced persistent threats. The other side of the coin is when a state identifies a zero-day, and ends up in the ethical dilemma of whether to release the news and inform the vendor to patch it, i.e. close the vulnerability, or to use it for offensive or intelligence purposes. This article employs these distinctions to apply anticipatory ethics in the Stuxnet-case. Stuxnet was a computer software that was allegedly developed by the U.S. together with Israel to disrupt Iran’s development of uranium for their nuclear program. More exactly, it was developed to disable the uranium centrifuges used to enrich uranium. To achieve this, Stuxnet exploited four zero-day vulnerabilities and, according to some experts, managed to delay Iran’s nuclear program by one to two-years, forcing them to the negotiation table. Using vulnerabilities like zero-days presents opportunities but also risks. The results of the application of anticipatory ethics to the Stuxnet case are then compared with the “Osirak”-case and the “al-Kibar”-case. Osirak was the nuclear reactor in Iraq and was bombed in 1981; al-Kibar was the nuclear reactor being built up in Syria, also bombed in 2007.

    Download full text (pdf)
    Anticipatory Ethics for Vulnerability Disclosure
  • 16.
    Jiang, Zhihan
    et al.
    IoT Lab, Department of Electrical and Electronic Engineering, Faculty of Engineering, The University of Hong Kong, Hong Kong, (CHN).
    van Zoest, Vera
    Swedish Defence University, Department of Systems Science for Defence and Security, Systems Science for Defence and Security Division.
    Deng, Weipeng
    IoT Lab, Department of Electrical and Electronic Engineering, Faculty of Engineering, The University of Hong Kong, Hong Kong, (CHN).
    Ngai, Edith. C. H.
    IoT Lab, Department of Electrical and Electronic Engineering, Faculty of Engineering, The University of Hong Kong, Hong Kong, (CHN).
    Liu, Jiangchuan
    Department of Computing, Simon Fraser University, Burnaby, Canada, (CAN).
    Leveraging Machine Learning for Disease Diagnoses based on Wearable Devices: A Survey2023In: IEEE Internet of Things Journal, ISSN 2327-4662, Vol. 10, no 24, p. 21959-21981Article in journal (Refereed)
    Abstract [en]

    Many countries around the world are facing a shortage of healthcare resources, especially during the post-epidemic era, leading to a dramatic increase in the need for self-detection and self-management of diseases. The popularity of smart wearable devices, such as smartwatches, and the development of machine learning bring new opportunities for the early detection and management of various prevalent diseases, such as cardiovascular diseases, Parkinson’s disease, and diabetes. In this survey, we comprehensively review the articles related to specific diseases or health issues based on small wearable devices and machine learning. More specifically, we first present an overview of the articles selected and classify them according to their targeted diseases. Then, we summarize their objectives, wearable device and sensor data, machine learning techniques, and wearing locations. Based on the literature review, we discuss the challenges and propose future directions from the perspectives of privacy concerns, security concerns, transmission latency and reliability, energy consumption, multi-modality, multi-sensor, multi-devices, evaluation metrics, explainability, generalization and personalization, social influence, and human factors, aiming to inspire researchers in this field.

  • 17.
    Kantola, Harry
    Swedish National Defence College.
    Datanätverksattacker, trend eller nödvändighet?2011Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
    Abstract [sv]

    I dagens samhälle används information till att sköta dagliga ärenden. Både militära och civila är beroende av cybervärlden i freds- och kristid. För att kunna skydda sina system måste man förstå hur de kan angripas.

    Syftet med forskningen är att finna ambitionsnivåer och metoder inom datanätverksattack-verksamheten (CNA-verksamhet) som försvarsmakten kan vidmakthålla i stater med högtek-nologisk utveckling men med låga försvarsresurser. Vilken teknologisk datanäverkattack-förmåga rekommenderas en sådan stats försvarsmakt på fem till tio års tidsperspektiv samt med vilka sätt kan man uppnå verkan?

    I arbetet används kvalitativ dataanalys. Med axial kodning, enligt Strauss "Grounded Theo-ry", kategoriseras de olika komponenterna som CNA-förmågorna består av. Dessa kategorier analyseras sedan med hjälp av Rasmussens riskteori i ett informationsteknologiskt system.

    I studien framgår det att en högteknologisk småstat bör sträva efter spetskompetens i de för-mågor som bidrar till att man kan testa och försvara sina egna kritiska och sårbara system. En sådan kompetens är förmågan att utföra datanätverksexploatering (CNE-verksamhet). Om en försvarsmakt som har förmåga till att genomföra avancerad CNE-verksamhet, så kan den genomföra behövlig CNA-verksamhet. För en stat med begränsade försvarsresurser kräver genomförandet av CNA-verksamhet dock strategiskt samarbete med olika civila partner. Av dessa är universitet och teknologiskt avancerade företag/industrier de främsta partnerna.

    Resultatet visar dessutom att den informationstekniska kunskapen är av tillräcklig nivå, men att det behövs förbättringar inom det informationspsykologiska området. Ambitionsnivån be-höver inte överstiga förmågan att genomföra CNE-verksamhet.

    Även om CNE-verksamheten är teknologiskt betonad, så åstadkoms den informationspsyko-logiska effekten med att koordinera CNA-verksamheten inom informationsoperationer. I framtiden är det troligare att uppnå en högre effekt på en motståndare via en informations-psykologisk inriktning.

    Organisatoriskt är det kostnadseffektivare att skapa "eldledningsförmåga inom CNA" än se-parata enheter som man inkorporerar i den normala organisationsstrukturen. Storleken på en CNA-enhet kan hållas låg med hjälp av strategiska partner.

    Som biprodukt framgår det att det behövs ytterligare forskning i uppdelandet ansvaret i at-tack-, exploaterings-, underrättelseinhämtnings- och försvarsförmåga (CNA/CNE/CNI/CND-verksamheten).

  • 18.
    Kävrestad, Joakim
    et al.
    School of Informatics, University of Skövde, (SWE).
    Huskaj, Gazmend
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section. University of Skövde, Sweden.
    How the Civilian Sector in Sweden Perceive Threats From Offensive Cyberspace Operations2021In: 20th European Conference on Cyber Warfare and Security / [ed] Dr. Thaddeus Eze, Dr. Lee Speakman and Dr. Cyril Onwubiko, Chester: Academic Conferences and Publishing International Limited, 2021, p. 499-506Conference paper (Refereed)
    Abstract [en]

    The presence of state-sponsored actors executing offensive cyberspace operations (OCO) has been made evident in recent years. The term offensive cyberspace operations encompass a range of different actions, including cyberespionage, disinformation campaigns, spread of malware and more. Based on an analysis of past events, it is evident that state- sponsored actors are causing harm to the civilian sector using OCO. However, the degree to which civilian organizations understand the threat from state-sponsored actors is currently unknown. This research seeks to provide new a better understanding of OCO and their impact on civilian organizations. To highlight this domain, the case of the threat actor Advanced Persistent Threat 1 (APT1) is presented, and its impact on three civilian organizations discussed. Semi-structured interviews were used to research how the threats from OCO and state-sponsored actors are perceived by civilian organizations. First, a computational literature review was used to get an overview of related work and establish question themes. Next, the question themes were used to develop questions for the interview guide, followed by separate interviews with five security professionals working in civilian organizations. The interviews were analysed using thematic coding and the identified themes summarized as the result of this research. The results show that all respondents are aware of the threat from OCO, but they perceive it in different ways. While all respondents acknowledge state-sponsored actors at a threat agentexecuting OCO, some respondent’s argue that state-sponsored actors are actively seeking footholds in systems for future use while others state that the main goal of state-sponsored actors is to steal information. This suggests that the understanding of the threat imposed by OCO is limited, or at least inconsistent, among civilian security experts. As an interview study, the generalisability of this research is limited. However, it does demonstrate that the civilian society does not share a common view of the threat from state-sponsored actors and OCO. As such, it demonstrates a need for future research in this domain and can serve as a starting point for such projects.

  • 19.
    Larsson, Emil
    et al.
    Schibsted Media Group.
    Sigholm, Johan
    Swedish Defence University, Department of Military Studies, Military-Technology Division.
    Papering Over the Cracks: The Effects of Introducing Best Practices on the Web Security Ecosystem2016In: The 30th International Conference on Information Networking: ICOIN 2016, IEEE, 2016, p. 1-6, article id 15837791Conference paper (Refereed)
    Abstract [en]

    Hypertext Transfer Protocol Secure (HTTPS) is the de facto standard for secure end-to-end web communication. However, numerous flaws discovered during recent years, such as Apple’s “goto fail” bug, and cryptographic weaknesses as illustrated by the Poodlebleed vulnerability, have brought the efficiency of the mostly self-regulated web security market into question. In this cross-disciplinary paper, the authors survey some 160.000 HTTPS-enabled servers among popular web sites over a time period of three years. The research question is what effect the introduction of best practices and vulnerability publication have on web server security in the form of protocol support. Main findings include that (i) insecure configurations, although well known, can remain widespread for over a decade, (ii) the introduction of best practices affect the decline of insecure configurations only moderately, whereas highly publicized security flaws have a significant impact, and (iii) economic incentives for website owners to provide secure services are weak, motivating such other levers of influence as legislation or blocking of noncompliant sites.

  • 20.
    Perring, Charles
    Swedish Defence University.
    Wargaming elections interference: A serious influence game for teaching elements of cognitive warfare2022Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
    Abstract [en]

    Will-to-defend (försvarsvilja) is central to the Swedish concept of ’total defence’ (totalförsvar). It represents an individual and collective inclination to think or act in support of the defence of the nation. Psychological defence (psykologiskt försvar) shields will-to-defend from foreign influence campaigns that attempt to degrade it. This thesis sets out to create a serious game to teach elements of will-to-defend and concludes that such a game is possible but serious challenges remain with regards to the inclusion of psychological defence and in adjudicating the outcomes of influence operations in serious games. 

    Current research into will-to-defend and psychological defence are limited to the Swedish context and have not been tested in warfare. This thesis proposes that cognitive warfare is a relevant proxy concept for modern-day attempts to degrade will-to-defend and proposes that elections interference is a relevant proxy context for a serious influence game that aims to teach core concepts involved in attempts to degrade will-to-defend. A systems integrated model for elections interference is composed from existing scholarly research and its core elements are decomposed into essential learning blocks. Finally, a serious influence game is developed and venues for effective in-game adjudication are explored. 

    Download full text (pdf)
    fulltext
  • 21.
    Prevezianou, Maria Foteini
    Swedish Defence University, Department of Security, Strategy and Leadership (ISSL), Political Science Section, Sektionen för krishantering och internationell samverkan.
    WannaCry as a Creeping Crisis2021In: Understanding the Creeping Crisis / [ed] Boin, Arjen; Ekengren, Magnus; Rhinard, Mark, Cham: Palgrave Macmillan, 2021, p. 37-50Chapter in book (Refereed)
    Abstract [en]

    This chapter deepens our understanding of cyber crises with the help of the creeping crisis concept. The chapter shows that although emerging technologies make malicious activities in cyberspace more sophisticated, vulnerabilities enabling such threats have been inherent in cyber assets for a very long time in the form of creeping crises. The question is: was WannaCry the acute crisis or just a precursor event to a bigger explosion? It is argued that the WannaCry ransomware attack in 2017 should be considered a wake-up call. The chapter demonstrates how the cyber threat was lurking in the background, gradually evolving in time and space in a non-linear fashion and receiving varying levels of attention.

  • 22.
    Sigholm, Johan
    Swedish Defence University, Department of Military Studies, Military-Technology Division. School of Informatics, University of Skövde.
    Secure Tactical Communications for Inter-Organizational Collaboration: The Role of Emerging Information and Communications Technology, Privacy Issues, and Cyber Threats on the Digital Battlefield2016Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    The development within the area of information and communications technology (ICT) has been rapid during the last couple of decades. Advancements in mobile technology, such as smartphones and other portable devices with embedded sensors, rapid expansion of communications infrastructure, and increased spectrum utilization, has had a major impact on civilian society, but increasingly also on professional organizations such as the Swedish Armed Forces. While this technology allows for enhanced capabilities in the areas of command and control, situational awareness, and information management, it also leads to new challenges in such areas as cyber security and privacy. For armed forces in many parts of the world, being able to deploy in new types of missions, such as humanitarian assistance and response operations due to natural or man-made disasters, is an increasingly sought-after capability. Such operations commonly require collaboration amongst several heterogeneous organizations, which in turn requires technical as well as organizational interoperability. While the actors must be able to share certain information efficiently, with regards to integrity and availability, sensitive or classified information must be safeguarded in terms of confidentiality.

    This thesis is concerned with studying emerging ICT for use on the battlefield of tomorrow, investigating how it can lead to more effective operations, and what preconditions that must be met in order for the technology to be of utility for inter-organizational collaboration. In particular, the thesis studies how an acceptable level of information security can be upheld in interconnected tactical communications networks. It is found that Mobile Ad-hoc Networks, Software-Defined Radio and Cognitive Radio are emerging technologies that, while still immature, can contribute to improved capabilities for communications, command and control, and information collection. Furthermore, Hastily Formed Networks is found to be an effective framework for collaboration between heterogeneous actors. However, in order for emerging ICTs to provide military utility, several non-technical requirements must be met. These include usability, trust, legality, cost, and verifying that the technology is in accordance with current military doctrine. Antagonistic as well as unintentional threats must also be mitigated, including information leaks caused by cyberattacks or insiders, and possible consequences of reduced user privacy.

    Besides to the Swedish Armed Forces, this thesis should be of interest to armed forces of comparable countries, and for professional organizations faced with similar challenges. Among the drawn conclusions, the thesis recommends continuously evaluating emerging ICT in support of new capabilities, through academic research as well as internal concept development. Adopting an incremental and modular process is also recommended when developing or procuring new ICT systems, instead of making long-term investments in proprietary technology. Furthermore, a focus should be put on promoting military requirements in future civilian ICT standards. In this way development costs can be reduced, while facilitating tactical use of commercial off-the-shelf products. Regarding information security in tactical networks for inter-organizational collaboration the thesis concludes that employing best-effort methods could allow for efficient information exchange between actors, while upholding acceptable risk levels regarding data leakage.

    Download full text (pdf)
    fulltext
  • 23.
    Sigholm, Johan
    et al.
    Swedish Defence University, Department of Military Studies, Science of Command and Control and Military Technology Division, Military Technology Systems Section.
    Larsson, Emil
    Assemblin, (SWE).
    Cyber Vulnerability Implantation Revisited2021In: 2021 IEEE Military Communications Conference (MILCOM), San Diego, November 29-December 2, 2021., Institute of Electrical and Electronics Engineers (IEEE), 2021, p. 464-469Conference paper (Refereed)
    Abstract [en]

    In this paper we revisit a study presented at MILCOM 2014. Our goal then was to determine the utility of implanting a vulnerability into a cybersecurity software protocol to an actor planning to execute an offensive cyber operation. Based on a case study describing the then recently discovered Heartbleed bug as an offensive cyber operation, a model was devised to estimate the adoption rate of an implanted flaw in OpenSSL. Using the adoption rate of the cryptographic protocol Transport Layer Security version 1.2 as a proxy, we predicted that the global adoption of the vulnerability of at least 50% would take approximately three years, while surpassing 75% adoption would take four years. Compared to subsequently collected real-world data, these forecasts turned out to be surprisingly accurate. An evaluation of our proposed model shows that it yields results with a root-mean-square error of only 1.2% over the forecasting period. Thus, it has a significant degree of predictive power. Although the model may not be generalizable to describe the adoption of any software protocol, the finding helps validate our previously drawn conclusion that exploiting implanted cyber vulnerabilities, in a scenario like the one presented, requires a planning horizon of multiple years. However, as society becomes further dependent on the cyber domain, the utility of intentional vulnerability implantation is likely an exercise in diminishing returns. For a defender, however, our model development process could be useful to forecast the time required for flawed protocols to be phased out.

  • 24.
    Trimintzios, Panagiotis
    et al.
    ENISA.
    Holfeldt, Roger
    Secana.
    Koraeus, Mats
    Swedish Defence University, Department of Security, Strategy and Leadership (ISSL), CRISMART (National Center for Crisis Management Research and Training).
    Uckan, Baris
    Secana.
    Gavrila, Razvan
    ENISA.
    Makrodimitris, Georgios
    ENISA.
    Report on Cyber Crisis Cooperation and Management: Comparative study on the cyber crisis management and the general crisis management2015Report (Other (popular science, discussion, etc.))
    Abstract [en]

    The goal of this study is to provide an analysis of cyber crisis management by identifying relations between this emerging field and the better established subject of general crisis management. This includes terminology and key concepts in these fields. This study further seeks to gain knowledge and understanding of the involved actors’ perspectives on the challenges for Cyber Crisis management within the European context.

    The purpose of the study is twofold: to compare concepts from the general crisis management systems with the corresponding systems related to cyber crisis management, and to conduct a conceptual analysis of the language and terminology within these two fields. The primary aim is to analyse the similarities and differences between general and cyber crisis management, employing examples from countries and organizations within the EU.

    Based on interviews with members of key national and EU institutions, and on an analysis of the differences between their practitioner perspectives and the theories of general crisis management, the study arrives at six key areas of recommendations for future activities in the cyber security realm.

  • 25.
    Waldenström, Christofer
    Swedish National Defence College, Department of Military Studies, Command & Control Studies Division.
    Using uncertainties as basis for evaluating plans2007In: Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part I / [ed] Bruno Apolloni, Robert J. Howlett, Lakhmi Jain, Heidelberg: Springer-Verlag Berlin , 2007, p. 254-261Conference paper (Refereed)
1 - 25 of 25
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf