Partners: Anite Government Systems Ltd
Duration: 1997 – 2000
Staff: Dr Andrew Rathmell, Principal Investigator; Dr Richard Overill, Principal Investigator; Lorenzo Valeri, Researcher.
Paper: Dr Andrew Rathmell, Dr Richard Overill, and Lorenzo Valeri, Information Warfare Attack Assessment System (IWAAS). Paper presented at Information Warfare Seminar, 21-23 October 1997, London. [PDF or RTF]
AbstractPresentation: Information Warfare Attack Assessment System (PowerPoint97)
IWAAS is a concept that aims to provide threat assessment and Indicators & Warnings of an IW attack. It is the onceptual architecture of an open source decision support system with three purposes:
i) to evaluate the Information Warfare (IW) threat posed by a variety of actors
ii) to provide Indicators and Warnings (I&W) of an IW attack
iii) to predict enemy Courses of Action (COA)
This paper provides an overview of the issues involved in conceptualising and designing this system. The paper outlines the aim of adapting a country risk analysis approach to quantifying the capabilities and intentions of potential IW threats.
As the 1998 UK Strategic Defence Review noted, the Ministry of Defence is committed to “improve our ability to … provide an immediate warning of attack [on our] defence information networks.” However, the key problem in Information Assurance (Defensive Information Operations) is the collapse of warning time. Networked organisations no longer enjoy the warning of attack that they have had in the past against military attack. IW attacks, especially cyber-attacks, remove this warning time and therefore pose a challenge to existing approaches to Early Warning and Attack Assessment as well as to traditional Information Security approaches.
Information Warfare Attack Assessment System (IWAAS) is a conceptual architecture and research framework for addressing this problem. The IWAAS research programme aims to develop systematic methodologies for addressing the problem of providing Early Warning and Attack Assessment of offensive IW.
The IWAAS conceptual architecture and research programme was first proposed in 1997 (NB to KoB insert http link to October 97 IWAAS paper and PPT presentation). In response to the immediate demands of the Ministry of Defence for enhanced IA, since 1997 ICSA has worked with DERA and Anite Government Systems Ltd in a programme that has concentrated on the development of the Intrusion Detection component of IWAAS. The aim is to develop a system able to reliably detect logical intrusions into a computer network.
The medium term aim of this project is to produce an operational Intrusion Detection System based around machine learning techniques that will be commercially exploitable and deployable in widely networked infrastructures across the MoD, UK government and UK national infrastructures.
Last modified Friday, 04-Aug-2000 17:39:52 BST by ICSA