Cyber Security Architecture for Military Networks Using a Cognitive Network Approach
Total Page:16
File Type:pdf, Size:1020Kb
NATIONAL DEFENCE UNIVERSITY A CYBER SECURITY ARCHITECTURE FOR MILITARY NETWORKS USING A COGNITIVE NETWORK APPROACH Thesis Captain (Eng.) Anssi Kärkkäinen General Staff Officer Course 56 Army July 2013 NATIONAL DEFENCE UNIVERSITY Course Branch General Staff Officer Course 56 Army Author Captain (Eng.) Anssi Kärkkäinen Title A CYBER SECURITY ARCHITECTURE FOR MILITARY NETWORKS USING A COGNITIVE NETWORK APPROACH Area of study Repository Military Technology NDU Course Library Date July 2013 Text pages 116 Appendixes - ABSTRACT Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work. KEY WORDS Cyber security, cyber threat, cognitive networks, security architecture, architecture evaluation, military networks, communication networks A CYBER SECURITY ARCHITECTURE FOR MILITARY NETWORKS USING A COGNITIVE NETWORK APPROACH Table of Content 1. INTRODUCTION ........................................................................................................... 1 1.1. Related Research .............................................................................................................. 3 1.2. Research Objective, Methodology and Structure............................................................. 5 1.3. Perspective and Scope ...................................................................................................... 7 1.4. Definitions ........................................................................................................................ 7 2. NETWORKING IN A MILITARY ENVIRONMENT ................................................. 10 2.1. Network Centric Warfare ............................................................................................... 10 2.2. Military Networking Environment ................................................................................. 13 2.3. Requirements for Military Networks and Information Systems .................................... 15 2.4. Design Goals and Security Dimensions ......................................................................... 20 2.5. Conclusions .................................................................................................................... 24 3. CYBER SECURITY THREATS TO MILITARY NETWORKING ............................ 26 3.1. Cyberspace ..................................................................................................................... 26 3.2. Cyber Warfare ................................................................................................................ 29 3.3. Cyber Threats and Exploits ............................................................................................ 31 3.4. Threat Scenarios for Military Networks ........................................................................ 35 3.5. Security Challenges with Legacy Military Networks .................................................... 39 3.6. Conclusions .................................................................................................................... 43 4. COGNITIVE NETWORKS ........................................................................................... 47 4.1. Cognitive Networks Overview ....................................................................................... 47 4.2. Cognitive Process ........................................................................................................... 48 4.3. Cognitive System Framework ........................................................................................ 49 4.4. Characteristics of Cognitive Networks .......................................................................... 50 4.5. Security Threats to Cognitive Networks ........................................................................ 53 4.6. Conclusions .................................................................................................................... 54 5. CYBER SECURITY ARCHITECTURE ...................................................................... 56 5.1. Security Architecture Frameworks and Models ............................................................. 56 5.2. Overview of Cyber Security Architecture...................................................................... 67 5.3. Infrastructure Security Layer ......................................................................................... 71 5.4. Services Security Layer.................................................................................................. 75 5.5. Application Security Layer ............................................................................................ 78 5.6. Cognitive Layer .............................................................................................................. 80 5.7. Security Policy and Management Layer ........................................................................ 81 5.8. Defense in Depth ............................................................................................................ 83 5.9. Conclusions .................................................................................................................... 84 6. EVALUATION .............................................................................................................. 87 6.1. Evaluating Security Architectures - Methods and Criteria ............................................ 87 6.2. SABSA Based Evaluation .............................................................................................. 89 6.3. Scenario Based Evaluation ............................................................................................. 91 6.4. Evaluation Results .......................................................................................................... 98 6.5. Conclusions .................................................................................................................. 106 7. CONCLUSIONS .......................................................................................................... 109 7.1. Research Results .......................................................................................................... 109 7.2. Discussion .................................................................................................................... 112 7.3. Future Work ................................................................................................................. 115 REFERENCES ............................................................................................................. 117 ACRONYMS AACE Application Access Control Element AET Advanced Evasion Technique API Application Programming Interface C2 Command and Control CC Common Criteria CE Cryptography Element CIA Confidentiality, Integrity and Availability CN Cognitive Network CSF Cisco Security Framework CyberSA Cyber Situational Awareness CyberSpt Cyber Support CyberWar Cyber Warfare CyNetOps Cyber Network Operations DDoS Distributed Denial-of-Service DHCP Dynamic Host Configuration Protocol DNS Domain Name System DoD Department of Defense DoDAF Department of Defense Architecture Framework DoS Denial-of-Service EMP Electromagnetic Pulse FST Full Scenario Table HPM High Power Microwave IA Information Assurance