Developing a Reliable Methodology for Assessing the Computer Network Operations Threat of Iran

Abstract : This thesis is part of a project at the Naval Postgraduate School to assess the Computer Network Operations (CNO) threat of foreign countries. CNO consists of Computer Network Attack (CNA), Computer Network Exploitation (CNE), and Computer Network Defense (CND). Threats to the nation's critical infrastructures come from an adversary using CNA and CNE to degrade, deny or destroy access to the information systems they depend upon. Defensive capabilities are also addressed since exploitation, attack, and defense are inherently related. The result of a successful cyber-attack upon these critical infrastructures has the potential to cripple a country's communications and other vital services, economic well-being, and defensive capabilities. The goal of this thesis is to develop a methodology for assessing the CNO threat of Iran. The methodology is based on open sources that can supplement classified information acquired by the intelligence community.