Developing a reliable methodology for assessing the computer network operations threat of Iran

Smith, Matthew N.

09 1900

This thesis is part of a project at the Naval Postgraduate School to assess the Computer Network Operations (CNO) threat of foreign countries. CNO consists of Computer Network Attack (CNA), Computer Network Exploitation (CNE), and Computer Network Defense (CND). Threats to the nation's critical infrastructures come from an adversary using CNA and CNE to degrade, deny or destroy access to the information systems they depend upon. Defensive capabilities are also addressed since exploitation, attack, and defense are inherently related. The result of a successful cyber-attack upon these critical infrastructures has the potential to cripple a country's communications and other vital services, economic well-being, and defensive capabilities. The goal of this thesis is to develop a methodology for assessing the CNO threat of Iran. The methodology is based on open sources that can supplement classified information acquired by the intelligence community.

Methodology

Information technology

Management

Cooperative research development agreements (CRADA) with industry as a value enhancing asset in the academic/research environment a case study at the Naval Postgraduate School (NPS)

Ferraris, Guillermo L.

09 1900

Cooperative Research and Development Agreements (CRADAs) are used by federal laboratories to participate in collaborative efforts and partnerships with industry. Although not technically a research laboratory, the Naval Postgraduate School (NPS) is a federally funded research university that has developed an extensive sponsored program of Technology Transfer (T2) with the private sector. Cooperative research and development is often a two-way instrument, where knowledgegenerated value can flow in both directions. This thesis research will assess that value, from the perspective of the federal partner, based on the NPS case as a specialized academic and research institution. The research and analysis performed within the context of this thesis contributes to goals established in the NPS "Technology Transfer Business Plan", focusing on the measurement of outcomes and benefits resulting from CRADAs, one of the preferred and most widely used mechanisms in technology transfer within the domain of DoD and particularly at the NPS. The perspective chosen, in the direction from the non-federal entity--generally industry--towards the federal partner, has not been researched and reported in the specialized literature as extensively as in the opposite direction.

Information technology

Management

Extending the tactical wireless internet in support of USMC Distributed Operations

Swick, Justin R.

09 1900

"This thesis will research, examine, and propose a Tactical Wireless Network infrastructure Concept of Operations in Support of Distributed Operations. Research and analysis will include the capabilities and performance characteristics of the 802.16 equipment currently implemented as part of the Marine Corps Tactical Command and Control Architecture in support of Operation Iraqi Freedom. Current Distributed Operations doctrinal capabilities will be compared to a proposed Concept of Operations that incorporates the most current state of the art wireless technologies to maximize both capability and interoperability. The method for evaluation will incorporate COTS products and Marine Corps tactical communications devices installed and operated in both a laboratory setting as well as a tactical field environment. Key performance metrics captured include equipment throughput capacity, communications bandwidth, range and distance limitations, power consumption, communications security, and transmission security. Additional metrics evaluated include level of equipment operational complexity and degree of interoperability with current USMC command and control architecture."-- p. i.

Internet

Information technology

Management

Web-enabled database application for Marine Aviation Logistics Squadrons an operations and sustainment prototype

Davis, Robert M.

09 1900

This thesis analyzed the principles and concepts of Marine Aviation Logistics doctrine at the tactical level and the current Information Management Systems used to execute mission requirements. A web-enabled prototype for Marine Aviation Logistics Squadrons (MALS) was developed to optimize management and decision support for deliberate, time sensitive and crisis action planning of aviation support operations. The first iteration of the prototype was tested by two Operations (S-3) Officers formerly assigned to active-duty Marine Aviation Logistics Squadrons (MALS). The application was also subjected to a usability experiment at the Database and Web Technologies Lab at the Naval Postgraduate School. The results of this research revealed potential benefits for tactical-level aviation logistics planners and sustainers; the prototype is a viable concept, worthy of future development.

Databases

Information technology

Management

Assessing the potential value of FORCEnet technologies within the JFMCC planning process using the knowledge value added methodology

Kovats, Keith E.

06 1900

In the FORCEnet Functional Concept document published by the Chief of Naval Operations and the Commandant of the Marine Corps, the leaders of the US Naval Forces called for the development of "adaptive, distributed networks of commanders, staffs, operating units, supporting organizations, sensors, weapons and other equipment interacting with one another on an underlying infrastructure, as well as the associated command and control policies, concepts, organizations... to allow them to interact." Posed to invest in the development of the FORCEnet architecture, the Navy and Marine Corps require a means of analysis to determine the value of information technologies prior to development and acquisition. The Knowledge Value Added (KVA) methodology can provide the decision makers with quantitative tools to make informed and accurate decisions in the acquisitions process of information technologies within the FORCEnet Functional Concept framework. Historically, these decisions were based on costs, schedule, and capabilities, with the emphasis on cost. A Proof of Concept analyzing the Joint Forces Maritime Component Command Planning Process was developed to demonstrate the utility of the KVA method. This analysis demonstrates the current inefficiencies within the process and the potential value of notional information technologies that could be developed to support the planning process. / US Marine Corps (USMC) author.

Knowledge management

Information technology

A Saudi Female Perspective on the Adoption of Online Banking with Saudi Arabian Banks

Alabdan, Rana I.

07 June 2017

<p> The adoption of online banking in Saudi Arabia is still emerging. The purpose of this study was to identify the factors that influenced Saudi females to adopt online banking with Saudi banks. This study answered the following research question: What are the factors that influence Saudi female users in Saudi Arabia to adopt online banking through Saudi Arabian banks? This study contributes to a gap in the literature regarding the limited studies of online banking from a Saudi female perspective. A qualitative method was used to conduct the study. A semi-structured interview was conducted to collect data from the participants. The sample consisted of 13 Saudi females who live in Riyadh, Saudi Arabia. The themes of this study developed by coding the transcripts via NVivo, then categorizing the responses into themes. These themes were identified according to the multiple responses from the participants repeatedly on each theme. The results provided seven main themes which influenced females to adopt online banking. Easiness and convenience were the preeminent influential themes according to the females followed by security, trust, user-friendly comfortable, and availability. The sub-themes were: (1) save time, (2) effortless, (3) easy to navigate, (4) easy to use, (5) clear options, and (6) clear to navigate. In addition, this study found that education, professional background, computer competency, and age had a significant impact on online banking adoption from Saudi females.</p>

Women's studies|Information technology

Cyber War in a Small War Environment

Hermann, Rory Michael, Jr.

29 April 2017

<p> This paper discusses applying cyber warfare techniques to small war environments. Small wars do not carry the prestige of larger, more traditional campaigns; additionally, most small wars involve non-state actors whose technological means are limited, thus reducing the impact of cyber operations against them. Yet, small wars are very common throughout the history of the United States, and the traditionally-postured military struggled with them in the high-profile examples of Vietnam, Iraq, and Afghanistan. Furthermore, the ease of entry into modern computing allows irregular forces equipped with an off-the-shelf laptop to perform cyberspace operations of one form or another. Not examining cyber war in the context of small wars needlessly blinds friendly forces to the threat posed by technologically inferior opponents and restricts what could otherwise be a potent tool. This paper covers several commonalities between small wars and cyber war; after they are established, it recommends methods to push cyber warfare to the tactical level and enhance the understanding of cyber operations in focused environments.</p>

Information technology|Military studies

Cyber Mobs| A Model for Improving Protections for Internet Users

Lazarus, Seth A.

29 April 2017

<p> Cyber mobs have grown to have a significant impact on individuals in real space and cyber space. Law enforcement and legislators have been confronted with challenges in mitigating the intangible harms inflicted by individuals of cyber mobs. Law enforcement, in most cases, is focused on solving cybercrimes associated with tangible harms. Thus, legislators seek to better protect cyber mob victims by increasing law enforcement training and focus on cyber mob incidents, as well as to create new legislation to better cope with the harms caused by cyber mobs. Much of the current research available focuses on the social aspects of cyber mobs, and before creating changes to statutes and law enforcement training, research is necessary to craft those changes better to counter cyber mob activities. The study reviewed several different types of cyber mobs, legislative measures, and cyber policing methods to provide recommendations. The research found that cyber mobs seem to overlap in their techniques, tactics, and procedures, though the harms they cause to accomplish their goals vary. In order to protect against their actions, research suggested, overall, that the examination of current legislation to create new methods of enforcement is necessary before creating additional statutes. In parallel with using current legislation, online communities already employ methods to police themselves, and these methods offer new avenues for law enforcement to work with these communities to better assist them when issues arise. These results demonstrated that much of what is necessary to protect against cyber mobs is already available, but it must be utilized differently to improve effectiveness.</p>

Law|Information technology

Investigating the business value of information technology in South Africa.

24 April 2008

The ever increasing expenditure and investment in information technology (IT) has been accompanied by an increasing demand to measure the business value of IT. The impact of IT on improving the productivity and performance of organisations has been varied. While some organisations have realised gains, other organisations have found the business value of IT to be elusive. In most organisations a large portion of senior management’s time is being spent on finding methods to measure the contribution of the organisations’ IT investments to business performance. IT investments in organisations are huge and increasing rapidly year on year and yet there is a lack of understanding of the impact of proper IT investment evaluation processes and practices in these organisations. This is applicable to South Africa and thus one can argue that a detailed program of research into the current practice and process of the business value of IT in South Africa is warranted. This masters dissertation which, has evolved from IT evaluation literature, is to highlight the differences between IT literature and what occurs in practice. The research objective utilised an existing questionnaire which was sent to large South African organisations to assess the understanding and activities performed by these organisations regarding the business value of IT. The aim was to investigate the business value of IT and benefits management and realisation in South African organisations so as to highlight the current practices and norms in this area and to serve as a basis for understanding and communicating findings and implications for South African organisations in general. / Mrs. D. Groenewald

information technology in South Africa

The evolving role of information technology in internal auditing

28 September 2015

M.Com. (Computer Auditing) / Modern organizations are increasingly dependent on information technology (IT) for various reasons: to enhance their operational efficiency, reduce costs or even attain a competitive advantage. The role of information technology in the organization continues to evolve and this has an impact for the internal audit functions that serve these organizations. The study investigated whether the King III report, ISACA standards and IIA standards assist the internal audit function in addressing the impact of information technology on the organization and, as a result, the internal audit function itself. This was performed by way of a comprehensive literature study on the internal audit function and the selected standards and corporate governance framework, the role of information technology in both the organization and the internal audit function, as well as an empirical study detailing a comparative analysis of the King III report, ISACA standards and IIA standards, utilizing key success factors. The study identified an alignment of the key principles and elements identified in the King III report, ISACA standards and IIA standards. There was direct support for ITrelated reviews in the King III report, ISACA Standards and IIA Standards. The comparative analysis performed between the King III report and IIA standards, as well as the ISACA standards and the IIA standards resulted in the formulation of key internal audit success factors. These key success factors compared favourably to those identified in the literature review. The study indicated that the King III report, ISACA Standards and IIA Standards assisted the internal audit function by addressing IT related risks, controls and governance elements.

Auditing, Internal

Information technology