{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T20:41:01Z","timestamp":1654116061243},"reference-count":25,"publisher":"IGI Global","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,7,1]]},"abstract":"<p>Since 2008, several countries have published new national cyber security strategies that allow for the possibility of offensive cyber operations. Typically, national strategies call for the establishment of a cyber operations unit capable of computer network defence, exploitation, and, in some nations, attack. The cyber operations unit will be manned by professionals and operate under government authority compliant with national and international law. Our research focuses on offensive cyber operations (i.e. computer network exploitation and attack). The cyber unit must be provided with the right resources, in the form of accommodation, computing and networking infrastructure, tools and technologies, doctrine, and training. We contend that the open literature gives an unbalanced view of what tools and technologies a professional group needs because it emphasizes malware and, to a lesser extent, the delivery media used by cyber criminals. Hence, the purpose of this paper is to identify systematically the tools and technologies needed for professional, offensive cyber operations. A canonical model of the cyber attack process was obtained by rationally reconstructing a set of existing attack process models found in the literature. This canonical model was formalized using Structured Analysis and Design Technique (SADT) notation, in which processes are logically linked by inputs, outputs, controls, and mechanisms. A set of tools and technologies was extracted from the mechanisms. The canonical model and set of tools and technologies have been checked by subject matter experts.<\/p>","DOI":"10.4018\/ijcwt.2013070104","type":"journal-article","created":{"date-parts":[[2014,3,31]],"date-time":"2014-03-31T18:09:19Z","timestamp":1396289359000},"page":"49-71","source":"Crossref","is-referenced-by-count":1,"title":["Tools and Technologies for Professional Offensive Cyber Operations"],"prefix":"10.4018","volume":"3","author":[{"given":"T. J.","family":"Grant","sequence":"first","affiliation":[{"name":"Retired But Active Researcher (R-BAR), Benschop, Netherlands"}]}],"member":"2432","reference":[{"key":"ijcwt.2013070104-0","doi-asserted-by":"crossref","unstructured":"Colarik, A., & Janczowski, L. (2008). Introduction to cyber warfare and cyber terrorism. In Janczewski & Colarik (Eds.), Cyber warfare and cyber terrorism. Hershey, PA: Information Science Reference.","DOI":"10.4018\/978-1-59140-991-5"},{"issue":"4","key":"ijcwt.2013070104-1","first-page":"52","article-title":"The cyber kill chain: A foundation for a new cyber security strategy.","volume":"6","author":"C.Croom","year":"2010","journal-title":"High Frontier"},{"key":"ijcwt.2013070104-2","unstructured":"Damballa. (2008). Anatomy of a targeted attack. White paper, Damballa, Inc."},{"key":"ijcwt.2013070104-3","doi-asserted-by":"publisher","DOI":"10.1145\/1810891.1810904"},{"key":"ijcwt.2013070104-4","unstructured":"Dreijer, D. (2011). Offensieve Cyberoperaties: Een onderzoek naar de fasering en uitvoering van offensieve cyberoperaties die plaatsvinden in de context van een internationaal conflict. Unpublished bachelor dissertation, Netherlands Defence Academy, Breda, The Netherlands."},{"key":"ijcwt.2013070104-5","unstructured":"Grant, T. J., Burke, I., & Van Heerden, R. (2012). Comparing models of offensive cyber operations. In Lysenko, V. (Ed.), Proceedings of 7th International Conference on Information Warfare & Security (ICIW 2012), Seattle, WA (pp 108-121)."},{"key":"ijcwt.2013070104-6","unstructured":"Grant, T. J., & Prins, R. (2013). Identifying tools and technologies for professional offensive cyber operations. In Hart, D. (Ed.), Proceedings of 8th International Conference on Information Warfare & Security (ICIW 2013), Denver, CO (pp. 80-89)."},{"key":"ijcwt.2013070104-7","doi-asserted-by":"crossref","unstructured":"Grant, T. J., Venter, H. S., & Eloff, J. H. P. (2007). Simulating adversarial interactions between intruders and system administrators using OODA-RR. In Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information Technologists (SAICSIT\u201907).","DOI":"10.1145\/1292491.1292497"},{"key":"ijcwt.2013070104-8","author":"J.Habermas","year":"1976","journal-title":"Communication and the evolution of society"},{"key":"ijcwt.2013070104-9","unstructured":"Honeynet. (2008). Know your enemy: Tracking Botnets. Appendix C: Chatlog \u2013 watching attackers at their work. The Honeynet Project. Retrieved December 29, 2011, from http:\/\/www.honeynet.org\/papers\/bots"},{"key":"ijcwt.2013070104-10","author":"J. A.Lewis","year":"2011","journal-title":"Cybersecurity and Cyberwarfare: Preliminary assessment of national doctrine and organization"},{"key":"ijcwt.2013070104-11","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.96"},{"key":"ijcwt.2013070104-12","unstructured":"MalwareInfo. (2012) Soorten malware. Malware information and prevention. Retrieved October 11, 2012, from http:\/\/malwareinfo.nl\/malware-2\/soorten-malware\/"},{"key":"ijcwt.2013070104-13","author":"D.Marca","year":"1988","journal-title":"SADT: Structured analysis and design technique"},{"key":"ijcwt.2013070104-14","year":"2011","journal-title":"2012 threats predictions"},{"key":"ijcwt.2013070104-15","unstructured":"MinDef. (2012). Brochure defensie cyber strategy. Ministry of Defence, The Hague, The Netherlands. Retrieved October 11, 2012, from http:\/\/www.rijksoverheid.nl\/documenten-en-publicaties\/brochures\/2012\/06\/27\/brochure-defensie-cyber-strategie.html"},{"key":"ijcwt.2013070104-16","unstructured":"MinJus. (2011). Dutch national cyber security strategy. Ministry of Security & Justice, The Hague, The Netherlands. Retrieved October 11, 2012, from http:\/\/www.govcert.nl\/english\/service-provision\/knowledge-and-publications\/factsheets\/national-cyber-security-strategy-launched.html"},{"key":"ijcwt.2013070104-17","unstructured":"NIST. (1993). Integration definition for function modeling (IDEF0). Federal Information Processing Standard Publication 183."},{"key":"ijcwt.2013070104-18","author":"W.Owens","year":"2009","journal-title":"Technology, policy, law, and ethics regarding U.S. acquisition and use of cyberattack capabilities"},{"key":"ijcwt.2013070104-19","unstructured":"SANS. (2012). Malware FAQ. SANS Institute. Retrieved October 11, 2012, from http:\/\/www.sans.org\/security-resources\/malwarefaq\/"},{"key":"ijcwt.2013070104-20","first-page":"17","article-title":"Cyber Ontwikkelingen bij Defensie.","volume":"2011-4","author":"S.Schnitger","year":"2011","journal-title":"Intercom"},{"key":"ijcwt.2013070104-21","unstructured":"Sorensen, C. B. L. (2010). Cyber OODA: Towards a conceptual cyberspace framework. Masters thesis, School of Advanced Air and Space Studies, Air University, Maxwell AFB, AL."},{"key":"ijcwt.2013070104-22","unstructured":"Van Heerden, R., Irwin, B., & Burke, I. (2012). Classifying network attack scenarios using an ontology. In Lysenko, V. (Ed.), Proceedings of 7th International Conference on Information Warfare & Security (ICIW 2012), Seattle, WA (pp. 311-324)."},{"key":"ijcwt.2013070104-23","unstructured":"Veerasamy, N. (2010). A high-level mapping of cyberterrorism to the OODA loop. In Proceedings of 5th International Conference on Information Warfare and Security (ICIW 2010), OH (pp. 352-360)."},{"key":"ijcwt.2013070104-24","unstructured":"Wikipedia. (2012) Malware template. Wikipedia. Retrieved October 11, 2012, from http:\/\/en.wikipedia.org\/wiki\/Template:Malware"}],"container-title":["International Journal of Cyber Warfare and Terrorism"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=104523","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T20:01:53Z","timestamp":1654113713000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/ijcwt.2013070104"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2013,7,1]]},"references-count":25,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,7]]}},"URL":"https:\/\/doi.org\/10.4018\/ijcwt.2013070104","relation":{},"ISSN":["1947-3435","1947-3443"],"issn-type":[{"value":"1947-3435","type":"print"},{"value":"1947-3443","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,7,1]]}}}