Advanced search Help
Searching for terms: EXACT: "Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management" in: publisher
Clear all search criteria
Only 2/3! You are seeing results from the Public Collection, not the complete Full Collection. Sign in to search everything (see eligibility).
-
Evaluating Security and Quality of Service Considerations in Critical Infrastructure Communication Networks
"This thesis demonstrates the benefits of utility communication based on Internet technology, some dangers in using Internet technology in establishing a utility intranet connecting protection and control systems, and compares three different approaches to making reservations for routing traffic in the utility intranet based on different levels of background traffic. A model of expected background traffic on a national utility intranet is presented. The Utility Communication Architecture 2.0 and the International Electrotechnical Commission (IEC) 61850 began laying the groundwork in 2002 in establishing an infrastructure allowing power substations, program logic controllers, remote terminal units, intelligent electronic devices, and other devices to effectively and efficiently communicate over a utility intranet that is based on Internet standards using commercial of the shelf (COTS) components. This intranet will almost certainly be based on Internet standards due to their widespread use, low cost, and easy migration path over time. Even though it's based on Internet technology the utility intranet will allow utilities to connect to one another without exposing them to threats from the Internet. This will provide utilities with the needed insight into other areas of the power grid enabling them to better manage its operation. The Electrical Power Communication Synchronization Simulator (EPOCHS) is used in this thesis to run simulations that models network traffic over a power infrastructure in order to show the effects of using different protocols, bandwidth reservations, and varying levels of background traffic will have on the quality of service of intranet traffic, with the end result of improving the insight the different regions of the utility intranet will have with each other. EPOCHS provides the required simulation environment needed to integrate a network simulator with an electromechanical power simulator to run the simulations."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Roberts, Gregory R.
2008-03-01
-
Efficient and Effective Implementation of the Trust System for Power Grid Compartmentalization
"The goal of this research is to show in a simulated environment that security of the network can be strengthened by first fielding the trust system and second, by dividing a network into smaller clusters, called domains, in order to isolate anomalies or intrusions detected. In order to show this, a mathematical model of the problem will be built and translated into a software tool that at the end will receive real-life-network data as input. This program uses real world power grid representative data, outputs a network configuration that has used the concepts described above of network compartmentalization and strategic placing of trust nodes. As a result, this new network configuration ensures safe day-to-day operations by minimizing the effects in case of an attack or equipment malfunction of the system by subdividing the network into domains. Each domain protected by a trust node(s) without violating timing constraints."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Gonzalez, Juan Carlos M.
2009-06
-
Development of IT Suspicion as a Construct and Subsequent Measure
"Suspicion has not been studied in great depth; however, a conceptual understanding of suspicion is no less important than many of the other highly studied constructs related to healthy working relationships. Information technology (IT) is one area where suspicion study is lacking, and this research effort was a study into the specific domain of IT suspicion. An extensive study of the suspicion literature and the suspicion nomological net as well as informal surveys of the general populous and subject matter experts were used to create an IT suspicion conceptual definition and measure. In order to test IT suspicion's relationships with other more established constructs a survey was created. The final pilot study consisted of two measures from suspicions nomological net, locus of control and disposition to trust, a trait IT suspicion measure, a manipulation exercise on a laptop computer intended to induce suspicion, and finally a state suspicion measure. Analysis indicated IT suspicion is a multi-dimensional construct, with independent state and trait properties. It also has separate dimensions within the state and trait components. Comparisons between the components of the IT suspicion construct and related measures indicated a negative correlation between state suspicion and locus of control."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Olson, Matthew T.
2009-03
-
Codifying Information Assurance Controls for Department of Defense (DoD) Supervisory Control and Data Acquisition (SCADA) Systems
"Protecting DoD [Department of Defense] critical infrastructure resources and Supervisory Control and Data Acquisition (SCADA) systems from cyber attacks is becoming an increasingly challenging task. DoD Information Assurance controls provide a sound framework to achieve an appropriate level of confidentiality, integrity, and availability. However, these controls have not been updated since 2003 and currently do not adequately address the security of DoD SCADA systems. This research sampled U.S. Air Force Civil Engineering subject matter experts representing eight Major Commands that manage and operate SCADA systems. They ranked 30 IA controls in three categories, and evaluated eight SCADA specific IA controls for inclusion into the DoD IA control framework. Spearman's Rho ranking results (ρ = .972414) indicate a high preference for encryption, and system and information integrity as key IA Controls to mitigate cyber risk. Equally interesting was the strong agreement among raters on ranking certification and accreditation dead last as an effective IA control. The respondents strongly favored including four new IA controls of the eight considered."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Mendezllovet, Eddie A.
2010-03
-
Cyberspace as a Theater of Conflict: Federal Law, National Strategy and the Departments of Defense and Homeland Security
"The research is divided into three distinct parts, each linked and dependent upon one another. First is a review and an evaluation of the legal relationships between the Combatant Commanders, the Services, and DoD Agencies with respect to cyberspace. What roles are tasked to each and what limitations are in place based upon those assigned roles. And are any of these current relationships at odds with federal law? Second, linked National Strategy to a Service's targeting strategy via the Effects Based Planning process. This demonstrates the ability to link target selection to the elements of national power as well as identify possible desired effects based upon adversary target selection. Last, is an evaluation of military cyberspace activities and responsibilities based upon the conclusions and observations of the first two sections. Included in this evaluation is a brief look at cyberspace activities not yet addressed by the DoD but soon to be a responsibility of the Department."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Arwood, Sam
2007-06
-
Distinguishing Internet-Facing ICS Devices Using PLC Programming Information
From the Abstract: "The Shodan search engine reveals Industrial Control System (ICS) devices around the globe are directly connected to the Internet. After Shodan's inception in 2009, multiple news reports have focused on the increased threat to infrastructure posed by Shodan. While no attacks to date have been directly attributed to Shodan searches, its existence provides an anonymous reconnaissance platform that facilitates ICS targeting for those actors with both a desire and capability to carry out attacks. Recent research has demonstrated that simple search queries return thousands of ICS devices indexed by Shodan, and the number of newly indexed ICS devices is growing. This research discusses the method used to distinguish the Internet-facing ICS devices indexed by the Shodan search engine. PLC [Programmable Logic Controllers] code is obtained by sending specifically crafted CIP [Common Industry Protocol] request messages to the devices, capitalizing on the fact that authentication is not built in to the CIP application layer protocol. This data allows categorization of Internet-facing devices by comparing PLC code attributes. The results of this research show PLC code can be collected from Internet-facing ICS devices with no significant impact to task execution times. Also, this research demonstrates a method to distinguish Internet-facing ICS devices by function and by Critical Infrastructure sector. This capability develops an understanding of the function and purpose of ICS devices that are being connected to the Internet."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Williams, Paul M.
2014-06
-
C-Bag Consolidation: An Inventory and Safety Stock Analysis
From the abstract: "The Air Force finds itself at the end of over two decades of warfare with a shrinking budget and is searching for ways to save money. An area worth exploring is the consolidation of standard Chemical bags (C-1 bags) to one location to save the Air Force money. Currently, there are 215 stateside locations that are storing and maintaining C-1 bags. Consolidation of these assets to one location will provide the Air Force pooling effects which could result in C-1 bag inventory reduction. This research will also explore C-1 bag safety stocks. If C-1 bag consolidation is undertaken, can the Air Force reduce the level of safety stock currently being maintained in order to save additional money. This paper will investigate current C-1 bag inventory calculations and will compare it to the current National Security Strategy. The paper will determine how much C-1 inventory is required to meet these stated goals and will then compare this number to the current inventory to determine if the Air Force has too much or too little inventory. Based upon the two most demanding planning scenarios, it would appear that the Air Force has $249 million dollars in excess C-1 bag items being stored in the lower forty eight states. Consolidating these items in one location would allow the Air Force to rid itself of $249 million dollars in inventory. Additionally, reducing safety stock from 10 percent down to 5 percent could save the Air Force an additional $13 million dollars. Inventory and safety stock are two items to consider when discussing consolidation. Other factors such as infrastructure, manpower requirements and just in time transportation delivery should be analyzed before a final decision is made."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Abercrombie II, Peter B.
2014-06
-
Characterization of Construction Material Properties Through Gamma Spectroscopy, X-Ray Fluorescence, and Hyper-Spectral Imagery for Background Correction Applications in Nuclear Detection
"Material identification through hyper-spectral imagery provides a potentially useful data input for background radiation prediction models for gamma spectrum correction in mobile nuclear detection applications. Traditional background correction methods which rely on prior information are often impractical in mobile detection. Prediction models could combine material information with spatial data to develop a suitable substitute to actual background radiation measurements. […] This research investigates the relationship hyper-spectral properties and natural radioactivity of construction materials. A selection of construction materials are analyzed using three instrumentation methods: 1) gamma-spectroscopy, 2) X-ray fluorescence (XRF), and 3) hyper-spectral imagery. Gamma-spectroscopy focuses on the presence of potassium as well as uranium and thorium series progeny through analysis of 212Pb, 214Pb, 214Bi, and 228Ac signature peaks. XRF analysis provides the chemical composition of each material. Each materials hyper-spectral characteristics are compared to chemical composition and radioactive properties to determine if any identifying features relate to natural radioactivity."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Casebolt, Jared D.
2014-03
-
Risk Based Approach to Node Insertion Within Social Networks
"Social Network Analysis (SNA) is a primary tool for counter-terrorism operations,ranging from resiliency and influence to interdiction on threats stemming from illicit overt and clandestine network operations. In an ideal world, SNA would provide a perfect course of action to eliminate dangerous situations that terrorist organizations bring. Unfortunately, the covert nature of terrorist networks makes the effects of these techniques unknown and possibly detrimental. To avoid potentially harmful changes to enemy networks, tactical involvement must evolve, beginning with the intelligent use of network infiltration through the application of the node insertion problem. The framework for the node insertion problem includes a risk-benefit model to assess the utility of various node insertion scenarios. This model incorporates local, intermediate and global SNA measures, such as Laplacian centrality and assortative mixing, to account for the benefit and risk. Application of the model to the Zachary Karate Club produces a set of recommended insertion scenarios. A designed experiment validates the robustness of the methodology against network structure and characteristics. Ultimately, the research provides an SNA method to identify optimal and near-optimal node insertion strategies and extend past node utility models into a general form with the inclusion of benefit, risk, and bias functions."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Johnstone, Chancellor A. J.
2015-03
-
Restoration and Humanitarian Aid Delivery on Interdependent Transportation and Communication Networks After an Extreme Event
"Among the devastating consequences of extreme events, whether natural or manmade, is the disruption of transportation, communication, and other critical infrastructure systems. The restoration of these systems can be especially challenging due to the fact that damaged infrastructures are often characterized by complex interdependencies. Given a region with interdependent transportation and communication networks, both of which have sustained some damage due to an extreme event, we seek to maximize the satisfaction of geographically distributed demands for relief items over time by scheduling work crews to selected restoration tasks and routing the delivery of resources. We develop a mixed-integer linear programming formulation that captures the interdependencies exhibited by the transportation and communication networks, accounts for policy constraints that limit the delivery of resources into the affected region, and ensures that machine movement is feasible given the transportation network status when scheduling machines to tasks. After conducting tests on a variety of model instances, we establish the importance of relief operations during the initial phase of the scheduling horizon, demonstrate how changes in selected network parameters affect optimal scheduling decisions, and identify several key facilities whose construction is vital to the fulfillment of demand for relief items."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Forbes, Jacob
2015-04
-
Analysis of the Treatment of a Biological Weapon Spread Through a Transportation Network
From the thesis abstract: "Biological weapons are one of the top five threats identified by the Department of Defense in the United States. While most people commonly associate weapons of mass destruction only with atomic bombs, biological agents still have the ability to inflict mass casualties and panic. By strategically placing bioweapon detection units, known as BioWatch, in various airports, a disease spread could be detected and mitigated before country wide dispersal of the disease occurs. Key cities to invest this program are investigated through network analysis of flight itineraries with large volumes of traffic. In addition to analyzing an airport network, there is also the possibility that an attack could still succeed and infect a city. Should this occur, the current Center for Disease Control policy is to trace sources of infections and vaccinate people suspected of harboring the disease. Kaplan et al., as well as others, have argued for mass vaccination rather than the trace policy. Kaplan et al.'s model is extended to consider policies to respond to potential outbreak scenarios."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
MacAndrew, Michael V.
2014-04-27
-
Artificial Neural Network-Based Decision-Support System for Integrated Network Security
"As large-scale Cyber attacks become more sophisticated, local network defenders should employ strength-in-numbers to achieve mission success. Group collaboration reduces individual efforts to analyze and assess network traffic. Network defenders must evolve from an isolated defense in sector policy and move toward a collaborative strength-in-numbers defense policy that rethinks traditional network boundaries. Such a policy incorporates a network watch ap-proach to global threat defense, where local defenders share the occurrence of local threats in real-time across network security boundaries, increases Cyber Situation Awareness (CSA) and provides localized decision-support. A single layer feed forward artificial neural network (ANN) is employed as a global threat event recommender system (GTERS) that learns expert-based threat mitigation decisions. The system combines the occurrence of local threat events into a unified global event situation, forming a global policy that allows the flexibility of various local policy interpretations of the global event. Such flexibility enables a Linux based network defender to ignore windows-specific threats while focusing on Linux threats in real-time. In this thesis, the GTERS is shown to effectively encode an arbitrary policy with 99.7% accuracy based on five threat-severity levels and achieves a generalization accuracy of 96.35% using four distinct participants and 9-fold cross-validation."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Lewis, Sr, Tyrone A.
2014-09
-
Optimizing the Domestic Chemical, Biological, Radiological, and Nuclear Response Enterprise
From the thesis abstract: "The Chemical Biological Radiological Nuclear (CBRN) Response Enterprise (CRE) exists to rapidly respond to a domestic CBRN attack in order to minimize the overall impact of an incident. Over the past 16 years, the CRE has grown incrementally, and it is unclear if the current locations of units optimizes the coverage of the US population within a rapid response window. In this paper we develop a multi-objective multi-service extension of the maximal covering location problem (MCLP) to analyze the current coverage provided by the CRE and recommend efficient modifications to better protect the American population. While public sector facility location problems are well studied, the significant damage created by a CBRN attack requires unique modeling considerations. Most notably, we model the impact to coverage when CRE units within a minimum stand-off distance are rendered non-functional by a CRBN attack using an adaptation of the conditional covering problem (CCP). This minimum stand-off distance is not currently a consideration in existing Department of Defense (DoD) doctrine or planning guidance, but through a comparison to the current DoD definition of coverage we demonstrate the value of incorporating this concept into future planning considerations. Finally, we account for the multi-objective nature of this problem by developing a set of non-inferior solutions that allow a decision maker to apply their judgment to balance the trade-off between coverage and cost."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Paul, Nicholas R.
2015-03
-
Receiver Operating Characteristic Analysis for Detecting Explosives-related Threats
"The Department of Homeland Security (DHS) and the Transportation Security Administration (TSA) are interested in developing a standardized testing procedure for determining the performance of candidate detection systems. This document outlines a potential method for judging detection system performance as well as determining if combining the information from a legacy system with a new system can significantly improve performance. In this document, performance corresponds to the Neyman- Pearson criterion applied to the Receiver Operating Characteristic (ROC) curves of the detection systems in question. A simulation was developed to investigate how the amount of data provided by the vendor in the form of the ROC curve effects the performance of the combined detection system. Furthermore, the simulation also takes into account the potential effects of correlation and how this information can also impact the performance of the combined system."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Venzin, Alexander
2012-11-06
-
Analysis of Cost Premiums and Losses Associated with USAF Military Construction (MILCON)
From the thesis abstract: "Military construction (MILCON) represents 40% of the federal government's $30 billion construction budget. The federal budget is fixed; therefore, any cost overages likely affect project scope or requirements. This study investigated if MILCON procurement costs more than private industry construction and if so, what causes the cost premiums. A combination of in-depth literature review, expert interviews, a unique case study, expert surveys, and geospatial statistical analysis answered the research question. The case study evaluated two nearly identical projects to determine how internal factors affect MILCON cost premiums. This study confirmed the existence of MILCON cost premiums. Additionally, 11 major cost premium themes emerged: overly restrictive statements of requirements, failing to balance risk, stifling or not applying innovation, unique MILCON requirements, parameterization of the execution process, selection of construction specifications, schedule and submittal policies, perception of MILCON construction agents, anti-terrorism/force protection requirements, Federal Acquisition Regulations, and socioeconomic laws and policies. Additionally, in spite of contract requirement similarities, the studied projects differed by over a year of construction time and $7 million. Research frequently cites federal laws and policies as the primary cost premium driver; however, this research demonstrated internal construction policies, which the military can control, also cause increased cost premiums."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Blomberg, Daniel L.
2013-03
-
External Verification of SCADA System Embedded Controller Firmware
From the thesis abstract: "Critical infrastructures such as oil and gas pipelines, the electric power grid, and railways, rely on the proper operation of supervisory control and data acquisition (SCADA) systems. Current SCADA systems, however, do not have sufficient tailored electronic security solutions. Solutions available are developed primarily for information technology (IT) systems. Indeed, the toolkit for SCADA incident prevention and response is unavailing as the operating parameters associated with SCADA systems are different from IT systems. The unique environment necessitates tailored solutions. Consider the programmable logic controllers (PLCs) that directly connect to end physical systems for control and monitoring of operating parameters -- the compromise of a PLC could result in devastating physical consequences. Yet PLCs remain particularly vulnerable due to a lack of firmware auditing capabilities. This research presents a tool we developed specifically for the SCADA environment to verify PLC firmware. The tool does not require any modifications to the SCADA system and can be implemented on a variety of systems and platforms. The tool captures serial data during firmware uploads and then verifies them against a known good firmware baseline. Attempts to inject modified and/or malicious firmware are identified by the tool. Additionally, the tool can replay and analyze captured data by emulating a PLC during firmware upload. The emulation capability enables verification of the firmware upload from an interface computer without requiring modifications to or interactions with the operational SCADA system. The ability to isolate the tool from production systems and verify the validity of firmware makes the tool a viable application for SCADA incident response teams and security engineers."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
McMinn, Lucille R.
2012-03
-
Managing Airborne Relief During International Disasters
From the thesis abstract: "Major rapid onset disasters such as earthquakes, hurricanes, and terrorist acts have the ability to overwhelm even the most prepared and robust of countries. In such cases, the value of agile airborne relief from global donors cannot be overstated. Despite its usefulness however, airborne relief can create other logistical issues such as surpassing airport capacity to park and offload aircraft. Airflow management, or the ability to coordinate aircraft arrival slot times to optimize use of airport ramp space and offload capacity, is an invaluable remedy to this malady. Though local civil aviation authorities in an affected country retain responsibility for airspace/airflow management, no self-exporting civilian entity currently exists with the ability to coordinate airflow if host nation entities are unable to do so and request assistance. This paper highlights this airflow management capability gap and sets forth several alternatives for resolving this gap based on criteria obtained through the use of a case study methodology. Without an entity to assist an affected nation with airflow management (if needed and requested), smooth logistical flow of relief goods to those in need can be catastrophically impeded."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Morales, Michael
2013-06
-
Extending Differential Fault Analysis to Dynamic S-Box Advanced Encryption Standard Implementations
"Advanced Encryption Standard (AES) is a worldwide cryptographic standard for symmetric key cryptography. Many attacks try to exploit inherent weaknesses in the algorithm or use side channels to reduce entropy. At the same time, researchers strive to enhance AES and mitigate these growing threats. This paper researches the extension of existing Differential Fault Analysis (DFA) attacks, a family of side channel attacks, on standard AES to Dynamic S-box [substitution-box] AES research implementations. Theoretical analysis reveals an expected average keyspace reduction of 2^-88.9323 after one faulty ciphertext using DFA on the State of Rotational S-box AES-128 implementations. Experimental results revealed an average 2^-88.8307 keyspace reduction and confirmed full key recovery is possible."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Flamm, Bradley M.
2014-09
-
Method of Measuring the Economic Impact of a Radiological Dispersal Event within an Urban Environment
From the thesis abstract: "A Radiological Dispersal Event (RDE) is the result of a Radiological Dispersal Device (RDD), or a dirty bomb. An RDD is a low-yield conventional bomb surrounded by radiological material, such as Cesium-137 or Cobalt-60. Upon detonation, the blast of the conventional explosive is designed to spread the radiological material over a wide area. The radiological material will then be inhaled or ingested by people, or otherwise absorbed into the environment. An RDD is an affordable, feasible, and economically devastating option for terrorist groups. Radiological material can be stolen or acquired cheaply from the millions of radioactive sources used worldwide in industry, medicine, and academia. The purpose of this research is to develop a methodology to assess the economic impacts resulting from an RDE in an urban center. Specifically, the author used an Input-Output model to evaluate the economic impacts of an RDE in three districts of an urban center modeled after Dayton, Ohio: the industrial district, the retail district, and the central business district. The study showed that the direct, indirect, and induced costs of the RDE remained consistent independent of the district at approximately 60%, 15%, and 25%, respectively. Previous attempts to quantify the impact of an RDE only measured the direct costs, thus failing to capture approximately 40% of the total costs of such an event. The 1-year costs of an RDE in a central business district would be approximately $1.4, and it would affect approximately 860 firms in 270 distinct industries. Approximately 18,000 workers would be unemployed immediately following the attack, and an additional 113,000 people would be affected by the shift in the local economy as a result of indirect and induced costs. The methodology can be generalized to other regions or cities."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Munfakh, Antoine N.
2010-03
-
Automated Knowledge Generation with Persistent Video Surveillance
From the thesis abstract: "The Air Force has increasingly invested in persistent surveillance platforms gathering a large amount of surveillance video. Ordinarily, intelligence analysts watch the video to determine if suspicious activities are occurring. This approach to video analysis can be a very time and manpower intensive process. Instead, this thesis proposes that by using tracks generated from persistent video, we can build a model to detect events for an intelligence analyst. The event that we chose to detect was a suspicious surveillance activity known as a casing event. To test our model we used Global Positioning System (GPS) tracks generated from vehicles driving in an urban area. The results show that over 400 vehicles can be monitored simultaneously in real-time and casing events are detected with high probability (43 of 43 events detected with only 4 false positives). Casing event detections are augmented by determining which buildings are being targeted. In addition, persistent surveillance video is used to construct a social network from vehicle tracks based on the interactions of those tracks. Social networks that are constructed give us further information about the suspicious actors flagged by the casing event detector by telling us who the suspicious actor has interacted with and what buildings they have visited. The end result is a process that automatically generates information from persistent surveillance video providing additional knowledge and understanding to intelligence analysts about terrorist activities."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Schmitt, Daniel T.
2009-03-21
-
Utilizing Social Network Analysis in Support of Nation Building
From the thesis abstract: "Social network analysis is a powerful set of techniques used by social scientists to study the formal and informal interrelations in a community. Since 9/11 these techniques have been increasingly utilized by the defense and intelligence communities to analyze terrorist networks to aid in thwarting foes. This study investigates the use of social networks and structural hole theory to facilitate nation building in failed and failing states. Through the investigation of the underlying social structure of a community, identifying structural holes and gaps within the government or society, Security Stabilization Transition and Reconstruction Operations (SSTRO) efforts can be focused to strengthen the host nation government to provide security and unity for its citizens. This investigation focused on exploring techniques that link individuals in the professional and governmental community. It was found that Burt's technique of structural holes can be applied to a national level in order to identify structural gaps within an ethnically fractured failing state. This technique can highlight national, regional, or local holes that can be filled to facilitate nation building."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Bernardoni, Brandon J.
2011-03-24
-
Evaluation of Traditional Security Solutions in the SCADA Environment
From the thesis abstract: "Supervisory Control and Data Acquisition (SCADA) systems control and monitor the electric power grid, water treatment facilities, oil and gas pipelines, railways, and other Critical Infrastructure (CI). In recent years, organizations that own and operate these systems have increasingly interconnected them with their enterprise network to take advantage of cost savings and operational benefits. This trend, however, has introduced myriad vulnerabilities associated with the networking environment. As a result, the once isolated systems are now susceptible to a wide range of threats that previously did not exist. To help address the associated risks, security professionals seek to incorporate mitigation solutions designed for traditional networking and Information Technology (IT) systems. Unfortunately, the operating parameters and security principles associated with traditional IT systems do not readily translate to the SCADA environment. Security solutions for IT systems focus primarily on protecting the confidentiality of system and user data. Alternatively, SCADA systems must adhere to strict safety and reliability requirements and rely extensively on system availability. Mitigation strategies designed for traditional IT systems must first be evaluated prior to deployment on a SCADA system or risk adverse operational impacts such as a catastrophic oil spill, poisoning a water supply, or the shutdown of an electrical grid. This research evaluates the suitability of deploying a Host-Based Intrusion Detection System (IDS) to the Department of Defense SCADA fuels system. The impacts of the Host Intrusion Prevention System (HIPS) installed on the SCADA network's Human Machine Interface (HMI) is evaluated. Testing revealed that the HIPS agent interferes with the HMI's system services during startup. Once corrected, the HMI and connected SCADA network inherit the protections of the HIPS security agent and defenses associated with the Host-Based Security System."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Larkin, Robert D.
2012-03
-
Assessing GPS Constellation Resiliency in an Urban Canyon Environment
"Satellite constellation resiliency is an important consideration gaining momentum at the top levels of the Air Force and at Air Force Space Command (AFSPC). The increased availability of threats to satellite systems is challenging the capabilities provided by space assets. More specifically, the global positioning system (GPS) satellite constellation is utilized for a variety of missions, to include providing precise geolocation information for navigation. Any degrade in GPS capabilities as observed in an urban canyon environment or due to the loss of a GPS satellite may hinder the overall mission. We use the System Effectiveness Analysis Simulation (SEAS) to model the GPS constellation in an urban canyon environment which provides information to a special operation force (SOF) in their effort to recover a weapon of mass destruction (WMD). By varying the type of operations and the number of satellites lost in the simulation, insight is gained into the impact of degradation through the selected top level mission metrics. A series of statistical difference tests and a designed experiment reveal a resiliency threshold on the number of satellites removed from the constellation. As a result, we conclude that the GPS constellation is resilient even after the loss of several satellites."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Burns, Aaron J.
2015-03
-
Strategic Deterrence in Cyberspace: Practical Application
From the thesis abstract: "This research outlines practical steps that the United States can take to improve strategic deterrence in cyberspace. The unique character of cyberspace requires tailoring of traditional deterrence strategies to fit the domain. This research uses the Deterrence Operations Joint Operating Concept (DO JOC) and the New Triad as models for organizing deterrence operations. The DO JOC focuses on tailoring deterrence operations based on the actor; but deterrence operations must be also be tailored to the uniqueness of cyberspace. The effective tailoring of deterrence operations for cyberspace will require both the application of new ways and means and the tailoring of traditional deterrence concepts to fit this new domain. Practical application of cyber strategic deterrence involves: issuance of US declaratory cyber deterrence policy; removing sanctuaries for cyber adversaries; changing US and adversary mindsets and expectations for what is permitted in cyberspace; changes to military planning in order to conduct operations in consideration of adversary cyber capability; and appreciation of the key policy tradeoffs with respect to cyber deterrence implementation. Cyberspace deterrence should include all three ways of implementing a deterrence strategy: imposing costs, denying benefits, and inducing adversary restraint. Influencing the 'Consequences of Restraint' fulcrum through attribution, identity management, and incentivizing trust holds great promise for cyberspace deterrence."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Beeker, Kevin R.
2009-06
-
Large-Scale Distributed Coalition Formation
From the thesis abstract: "The CyberCraft project is an effort to construct a large scale Distributed MultiAgent System (DMAS) to provide autonomous Cyberspace defense and mission assurance for the United States Department of Defense (DoD). It employs a small but flexible agent structure that is dynamically reconfigurable to accommodate new tasks and policies. This document describes research into developing protocols and algorithms to ensure continued mission execution in a system of one million or more agents, focusing on protocols for coalition formation and Command and Control (C2). It begins by building large-scale routing algorithms for a Hierarchical Peer-to-Peer (HP2P) structured overlay network, called Resource Clustered Chord (RC-Chord). RC-Chord introduces the ability to efficiently locate agents by resources that agents possess. Combined with a task model defined for CyberCraft, this technology feeds into an algorithm that constructs task coalitions in a large-scale DMAS. Experiments reveal the flexibility and effectiveness of these concepts for achieving maximum work throughput in a simulated CyberCraft environment."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Karrels, Daniel R.
2009-09
-
Secure Group Communication Architecture for a Swarm of Autonomous Unmanned Aerial Vehicles
From the thesis abstract: "This thesis investigates the application of a secure group communication architecture to a swarm of autonomous unmanned aerial vehicles (UAVs). A multicast secure group communication architecture for the low earth orbit (LEO) satellite environment is evaluated to determine if it can be effectively adapted to a swarm of UAVs and provide secure, scalable, and efficient communications. The performance of the proposed security architecture is evaluated with two other commonly used architectures using a discrete event computer simulation developed using MatLab. Performance is evaluated in terms of the scalability and efficiency of the group key distribution and management scheme when the swarm size, swarm mobility, multicast group join and departure rates are varied. The metrics include the total keys distributed over the simulation period, the average number of times an individual UAV must rekey, the average bandwidth used to rekey the swarm, and the average percentage of battery consumed by a UAV to rekey over the simulation period. The proposed security architecture can successfully be applied to a swarm of autonomous UAVs using current technology. The proposed architecture is more efficient and scalable than the other tested and commonly-used architectures. Over all the tested configurations, the proposed architecture distributes 55.2 - 94.8% fewer keys, rekeys 59.0 - 94.9% less often per UAV, uses 55.2 - 87.9% less bandwidth to rekey, and reduces the battery consumption by 16.9 - 85.4%."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Phillips, Adrian N.
2008-03
-
Development of an Experimental Platform for Testing Autonomous UAV Guidance and Control Algorithms
From the thesis abstract: "With the United States' push towards using unmanned aerial vehicles (UAVs) for more military missions, wide area search theory is being researched to determine the viability of multiple vehicle autonomous searches over the battle area. Previous work includes theoretical development of detection and attack probabilities while taking into account known enemy presence within the search environment. Simulations have been able to transform these theories into code to predict the UAV performance against known numbers of true and false targets. The next step to transitioning these autonomous search algorithms to an operational environment is the experimental testing of these theories through the use of surrogate vehicles, to determine if the guidance and control laws developed can guide the vehicles when operating in search areas with true and false targets. In addition to the challenge of experimental implementation, dynamic scaling must also be considered so that these smaller surrogate vehicles will scale to full size UAVs performing searches in real world scenarios. This research demonstrates the ability of a given sensor to use a basic ATR [automatic target recognition] algorithm to identify targets in a search area based on its size and color. With this ability, the system's target thresholds can also be altered to mimic real world UAV sensor performance. It also builds on previous dynamic scaling studies to show that the performance of a full size UAV can be imitated using a surrogate vehicle. Further investigation will show sensor orientation, field of view, vehicle geometry, and the known size of the target can be used to determine target pixel thresholds as well as the vehicle steering correction angle to navigate directly over the centroid of an identified target."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Rufa, Justin R.
2007-03
-
Airborne Network Data Availability Using Peer to Peer Database Replication on a Distributed Hash Table
From the thesis abstract: "The concept of distributing one complex task to several smaller, simpler Unmanned Aerial Vehicles (UAVs) as opposed to one complex UAV is the way of the future for a vast number of surveillance and data collection tasks. One objective for this type of application is to be able to maintain an operational picture of the overall environment. Due to high bandwidth costs, centralizing all data may not be possible, necessitating a distributed storage system such as mobile Distributed Hash Table (DHT). A difficulty with this maintenance is that for an Airborne Network (AN), nodes are vehicles and travel at high rates of speed. Since the nodes travel at high speeds they may be out of contact with other nodes and their data becomes unavailable. To address this the DHT must include a data replication strategy to ensure data availability. This research investigates the percentage of data available throughout the network by balancing data replication and network bandwidth. The DHT used is Pastry with data replication using Beehive, running over an 802.11 wireless environment, simulated in Network Simulator 3. Results show that high levels of replication perform well until nodes are too tightly packed inside a given area which results in too much contention for limited bandwidth."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Vranicar, Trevor J.
2013-03
-
Augmenting the Global Positioning System with Foreign Navigation Systems and Alternative Sensors
From the thesis abstract: "This thesis investigates combining the GPS [Global Positioning System] system with the Galileo, GLONASS [Global Navigation Satellite System], and Compass foreign navigation systems, a barometric altimeter, and inertial sensors. Data for the GPS and GLONASS systems were collected and the data for the Galileo and Compass systems were simulated. A model of downtown Dayton, OH was constructed and various combinations of the systems were tested throughout the model to measure the availability of a position solution. An algorithm was also created to investigate augmenting GPS with the minimum necessary number of foreign satellites. A simulation was then setup for an autonomous aerial vehicle flight through the model using a Kalman Filter to combine the various sensors with GPS. Augmenting GPS showed great improvements in availability throughout the model of downtown Dayton. Furthermore, augmenting the GPS system with foreign systems allowed the autonomous aerial vehicle to successfully navigate in the simulation whereas using only GPS, the vehicle was unable to navigate successfully. This opens up the urban environment to more robust navigation solutions for people on the ground as well as allows for unmanned aerial vehicles to expand their area of operation."
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Killion, Christopher B.
2012-03
-
Streamlining the Change-Over Protocol for the RPA Mission Intelligence Coordinator by Way of Situation Awareness Oriented Design and Discrete Event Simulation
From the thesis abstract: "Incredible loiter times coupled with the ability to make extremely detailed collections at significant stand-off distances with a relatively expendable platform has made demand for, and diversity of RPA [Remotely Piloted Aircraft] operations grow at voracious rates. Conversely, financial resources are becoming increasingly constrained. As such innovators are looking to maximize the effectiveness of existing personnel and assets by considering concepts such as simultaneous Multiple Aircraft Control (MAC) by a single aircrew. Research has identified procedural inefficiencies in current operations as well as substantial impediments to MAC implementation including dynamic task saturation and communication challenges. An identified inefficiency afflicting both current operations and the feasibility of MAC is the time required to transfer operational situation awareness at shift change - dubbed 'change-over'. The present research employed synergistic application of Cognitive Task Analyses, Situation Awareness Oriented Design and simulation to inform the development of a highly efficient user-centered process for the Mission Intelligence Coordinator - the RPA aircrew's situation awareness linchpin. Discrete-event simulations were performed on existing and proposed protocols. These analyses indicate that the proposed protocol could require as little as one-third the time required by the current method. It is proposed that such an improvement could significantly increase current RPA mission-readiness as well as diminish a known obstacle to MAC implementation"
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Machuca, John P.
2012-03
