Robert F. Mills

A comparison of various radiometer detection models

Several detectability models for the wideband radiometer have been published which allow easy calculation of the required input signal-to-noise ratio (SNR) for a given performance level. These models were developed because the exact solutions are intractable and must be evaluated using detection curves or numerical methods. The derivations of six common radiometer models are examined and comparisons for a variety of scenarios are provided. When possible, exact solutions are also compared. Results indicate that these models agree to within 0.5 dB for most cases of interest involving large time-bandwidth signals.

Security analysis of the ADS-B implementation in the next generation air transportation system

Abstract The US Federal Aviation Administration’s Next Generation (NextGen) upgrade proposes a fundamental transformation that is intended to increase the capacity and safety of the air transportation system. A key component of the upgrade is the Automatic Dependent Surveillance Broadcast (ADS-B) system. ADS-B provides continual broadcast of aircraft position, identity, velocity and other information over unencrypted data links to generate a precise air picture for air traffic management. The Federal Aviation Administration claims that operational requirements necessitate the use of unencrypted data links and maintains that there is a low likelihood of malicious exploitation. This paper analyzes the security vulnerabilities associated with the ADS-B implementation. It describes a taxonomy of attacks and examines the potential impact that the attacks may have on air transportation operations. The taxonomy helps provide a comprehensive understanding of the threats associated with the ADS-B implementation, thereby supporting risk analysis and risk management efforts. The paper also provides recommendations that could enhance security if integrated into the ADS-B implementation plan.

Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security

Attacks against computer networks are a serious threat and occur quite often. Currently there are methods using attack trees that can be used to model how these attacks may occur. We have extended this concept to a new tree structure called a protection tree as a tool for decision makers to allocate limited resources towards the appropriate defenses against a specified attack. Protection trees ensure these limited resources are used in a manner to achieve the highest probability of success in stopping an attack. Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and then developing a corresponding protection tree with similar metrics. Eventually, libraries of attacks and available protections can be used to automate the process of developing the trees. An example attack and protection tree is used to notionally show how an organization such as the department of homeland security can allocate resources to protect their computer networks from being compromised. Decision makers in the organization can use the resultant protection tree to determine where to allocate limited resources for the best protection of their network

Evolution of the air interface of cellular communications systems toward 4G realization

Early cellular networks used analog frequency modulation for voice communication and frequency division multiple access to accommodate multiple users. Despite their utility, these networks were often unstable and provided poor quality. Over the past 25 years, robust coding, modulation, and multiple access schemes have contributed greatly to improved, ubiquitous cellular service. This survey chronicles the coding, modulation, and multiple access developments within the evolutional framework of cellular communication systems which spans early first generation (1G) to future fourth generation (4G) systems. EVOLUTION OF THE AIR INTERFACE OF CELLULAR COMMUNICATIONS SYSTEMS TOWARD 4G REALIZATION 1ST QUARTER 2006, VOLUME 8, NO. 1 www.comsoc.org/pubs/surveys 1553-877X The views expressed in this article are those of the authors and do not reflect the official policy or position of the United States Air Force, Department of Defense, or the U.S. Government.

Towards insider threat detection using web server logs

Malicious insiders represent one of the most difficult categories of threats an organization must consider when mitigating operational risk. Insiders by definition possess elevated privileges; have knowledge about control measures; and may be able to bypass security measures designed to prevent, detect, or react to unauthorized access. In this paper, we discuss our initial research efforts focused on the detection of malicious insiders who exploit internal organizational web servers. The objective of the research is to apply lessons learned in network monitoring domains and enterprise log management to investigate various approaches for detecting insider threat activities using standardized tools and a common event expression framework.

Communication Waveform Design Using an Adaptive Spectrally Modulated, Spectrally Encoded (SMSE) Framework

Fourth-generation (4G) communication systems will likely support multiple capabilities while providing universal, high-speed access. One potential enabler for these capabilities is software-defined radio (SDR). When controlled by cognitive radio (CR) principles, the required waveform diversity is achieved through a synergistic union called CR-based SDR. This paper introduces a general framework for analyzing, characterizing, and implementing spectrally modulated, spectrally encoded (SMSE) signals within CR-based SDR architectures. Given orthogonal frequency division multiplexing (OFDM) is one 4G candidate signal, OFDM-based signals are collectively classified as SMSE since data modulation and encoding are applied in the spectral domain. The proposed framework provides analytic commonality and unification of multiple SMSE signals. Framework applicability and flexibility is demonstrated for candidate 4G signals by: 1) showing that resultant analytic expressions are consistent with published results and 2) presenting representative modeling and simulation results to reinforce practical utility

How the Cyber Defense Exercise Shaped an Information-Assurance Curriculum

In this article, we provide a brief history of the Cyber Defense Exercise (CDX), describe Air Force Institute of Technology (AFITs) participation in it, and explain how the experience shaped the information-assurance curriculum and course format at AFIT. The CDX is an annual competition designed to give students the opportunity to learn and demonstrate best practices in defensive information assurance. The CDXs fundamental objective is to design and implement a network that provides specified IT services and defend it against an onslaught of cyberattacks and natural events. CDX participants included blue forces (students), red forces (attacker) and a white cell.

Waveform design and analysis of frequency hopping LPI networks

The concept of a multiple access low-probability-of-intercept (LPI) network has generated considerable interest in the past few years, due to increased demands for highly connected, yet covert, communications in the tactical battlefield. Detectability studies of LPI networks have traditionally emphasized the interception of a single transmitter. We consider the interception of the network at large, in which the interceptor forms its detection decisions based on the energy received from multiple emitters. The detectability of the network, using a frequency hop multiple access (CDMA) scheme, is evaluated for the wideband and channelized radiometers, LPI network quality factors are used to compare the performance of the two intercept receivers as a function of the LPI signal parameters. Waveform design strategies for maximizing LPI performance are proposed based on these comparisons.

Enhancing the security of aircraft surveillance in the next generation air traffic control system

Abstract The U.S. air traffic control system is reliant on legacy systems that artificially limit air traffic capacity. With the demand for air transportation increasing each year, the U.S. Federal Aviation Administration has introduced the Next Generation (NextGen) upgrade to modernize the air traffic control system. Automatic Dependent Surveillance-Broadcast (ADS-B), a key component of the NextGen upgrade, enables an aircraft to generate and broadcast digital messages that contain the GPS coordinates of aircraft. The incorporation of ADS-B is intended to provide enhanced accuracy and efficiency of surveillance as well as aircraft safety. The open design of the system, however, introduces some security concerns. This paper evaluates the limitations of the legacy systems currently used in air traffic control and explores the feasibility of employing format-preserving encryption, specifically the FFX algorithm, in the ADS-B environment. The ability of the algorithm to confuse and diffuse predictable message input is examined using message entropy as a metric. Based on the analysis, recommendations are provided that highlight areas which should be examined for inclusion in the ADS-B upgrade plan.

Improving the cyber incident mission impact assessment (CIMIA) process

Despite our best efforts to secure our cyberspace; we inevitably experience incidents in the cyber domain which result in the loss of the confidentiality, integrity, or availability of a cyber resource. When a cyber incident occurs, we must quickly and accurately estimate and report the resulting negative impact, not only in terms of the infrastructure damage, but also in terms of the mission impact experienced by all of the affected organizations. Unfortunately, existing methods for mission impact assessment are hindered by the lack of standardization in the way that we identify, value, track, document, and report critical cyber resources. In this presentation, we discuss the importance of accurate and timely damage assessment in military operations; distinguish between damage and mission impact assessment; motivate the need for a change in mission impact assessment; and propose that a paradigm shift is required in the way that view critical cyber resources. The proposed changes are necessary to provide commanders with dominate cyberspace battlespace knowledge and enable accurate predictive situational awareness.