Subversion as a Threat in Information Warfare

Abstract : As adversaries develop Information Warfare capabilities, the threat of information system subversion presents a significant risk. System subversion will be defined and characterized as a warfare tool. Through recent security incidents, it is shown that means, motive, and opportunity exist for subversion, that this threat is real, and that it represents a significant vulnerability. Mitigation of the subversion threat touches the most fundamental aspect of the security problem: proving the absence of a malicious artifice. A constructive system engineering technique to mitigate the subversion threat is identified.

[1]  G. K. Smelser The structure of the eye , 1961 .

[2]  C. Weissman BLACKER: security for the DDN examples of A1 security engineering trades , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Diomidis Spinellis,et al.  Reliable identification of bounded-length viruses is NP-complete , 2003, IEEE Trans. Inf. Theory.

[4]  Cynthia E. Irvine Teaching Constructive Security , 2003, IEEE Secur. Priv..

[5]  Jim Goldman,et al.  Metrics based security assessment (MBSA): combining the ISO 17799 standard with the systems security engineering capability maturity model (SSE-CMM) , 2004 .

[6]  Lindsey A. Lack Using the bootstrap concept to build an adaptable and compact subversion artifice , 2003 .

[7]  D. L. Parnas,et al.  On the criteria to be used in decomposing systems into modules , 1972, Software Pioneers.

[8]  Ken Thompson,et al.  Reflections on trusting trust , 1984, CACM.

[9]  Toshi Yoshihara Chinese Information Warfare: A Phantom Menace or Emerging Threat? , 2004 .

[10]  Garrel Pottinger,et al.  Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military , 1997, IEEE Ann. Hist. Comput..

[11]  Philip Alan Myers Subversion : the neglected aspect of computer security. , 1980 .

[12]  Jessica L. Murray An exfiltration subversion demonstration , 2003 .

[13]  Roger R. Schell,et al.  Designing the GEMSOS security kernel for security and performance , 1985 .

[14]  Terry V. Benzel Analysis of a Kernel Verification , 1984, IEEE Symposium on Security and Privacy.

[15]  Newsbytes , 2004, The Case Manager.

[16]  Mary Ellen Zurko,et al.  A VMM security kernel for the VAX architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  Gus W Weiss,et al.  The Farewell Dossier , 1996 .

[18]  David T. Rogers,et al.  A framework for dynamic subversion , 2003 .

[19]  Paul A. Karger,et al.  Thirty years later: lessons from the Multics security evaluation , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[20]  Richard J. Lipton,et al.  Social processes and proofs of theorems and programs , 1977, POPL.

[21]  E. Anderson,et al.  A Demonstration of the subversion threat : facing a critical responsibility in the defense of cyberspace , 2002 .

[22]  Edsger W. Dijkstra,et al.  The structure of the “THE”-multiprogramming system , 1968, CACM.