Seminariteade / Seminar announcement

"Situation Management and Cyber Security"

Organised by the Modeling and Simulation Group at the Institute of Cybernetics in cooperation with CCD COE

Place: Room B101, Cybernetica Bldg, Akadeemia tee 21, Tallinn, Estonia
Time: Thursday, May 21, 2009, 14:30

Keywords: situation awareness, decision support, intelligent sensing, cyber security, situation control etc.

30-40 min

Prof. Gabriel Jakobson, Altusys Corp. (TUT Honorary Doctor)
"Incorporation of Time and Spatio-Temporal Reasoning into Situation Management"

Introductory talk and news from IEEE TC.
10-15 min

Leo Mõtus (TUT)

Potential solution to some problems related to forming, updating, and personalized distribution of company’s level local operational picture (LOP) is suggested. Sensor networks, information collected by UAV-s and UGV-s, observations from reconnaissance parties, larger scale COP that sporadically become available are considered as sources of information. At the company’s level LOP has to be made available in a personalized form to any member (including autonomous devices) of the company.

The paper elaborates on the two incompletely resolved items:

  • Dynamic (semantic, temporal, and spatial) consistency check of information acquired from the multiple sources
  • Distribution of personalized situational information (LOP) - harmonized with individual access rights, processing power, interest points, available communication resource, etc. - to company’s members.

The ability for on-line consistency check of acquired information is dependent on tags for determining the position of sensors, time of the readings, and other situation-dependent validity constraints. This additional information is required to enable the use of underlying model of interaction-centered computation that applies the concept of mediated interactions. That concept is explained in the paper.

Questions of personalizing the company-level LOP and distributing the information to company’s members is assigned to the middleware. The role of universal communication interface (i.e. the middleware used for distribution of data) performs interactive multi-agent-based digital map system that implements a set of mediated interactions and stores the verified LOP information, processing capabilities, and positions of every platoon member.

Each member of the company or platoon subscribes to its own slice of that information; the multi-agent system prepares personalized copies and transmits periodically or on request. A prototype of such interfacing system has been implemented and tested in several projects already.

Index Terms — cooperative distributed systems, interactive computing, middleware (for subscription and distribution of situational information), situation awareness, validation and verification

slides: LeoMotus.ppt (1 396 kB)

10-15 min

Jürgo Preden (TUT)

Smart dust motes are building blocks of wireless sensor networks. Current architectures of wireless sensor networks are centralized, relying on one or more centralized entities to handle data collection and processing. Distributed applications formed dynamically at runtime from services offered by network agents present an alternative approach. Situation awareness is an approach that allows to create agents suitable for operation in such applications. Low-level situation parameter values computed by smart dust motes can be used by other agents to compute higher-level situation parameter values.

We apply these concepts both in case of mobile devices and smart dust motes.

slides: JurgoPreden.pdf (384 kB)

10-15 min

Andres Ojamaa (IoC)
Modeling and optimizing evolving security situations.

(Joint work with CCD COE)

In this talk a methodology for modeling security situations and selection of optimal security measures is presented. A prototype implementation in the form of a hybrid expert system is also described. This expert system is applicable in security management. It enables a user to select security measures in a rational way based on the Pareto-optimality computation. This helps one to select rational countermeasures taking into account the available resources instead of using only hard constraints prescribed by standards.

slides: AndresOjamaa.pdf (405 kB)

10-15 min

Karlis Podnis (CCD COE)

In this paper we explore the possibilities of cyber warfare activities connected to cell phone networks. We analyze known attacks that originate in and/or target cellular phone networks as weapons of cyber warfare. The historic high reliability of cellular networks has caused a significant reliance on them as the sole means of communication in many developed countries, making it a part of national critical infrastructures. The growing popularity of smartphones opens up cellular network both to the advantages and disadvantages currently associated with the internet.

The possibility that an attacker could deny cellular voice/SMS services to legitimate users is already widely discussed. Such attacks could begin by using internet services to send SMS messages or using a botnet consisting of smart cellular phones. Such attacks could be aimed at a core infrastructure to shut down or cripple a cellular network; even very small botnets could be used to launch attacks that disrupt or limit cellular services in targeted geographical areas.

We evaluate the possible usage of such techniques both by nation-states and by non-state-actors that could be used as effective digital cover for their actions. The advantage of such attacks is that virtually no hardware is needed to launch them and all activities can be developed, tested and controlled remotely from a safe location. This makes them a good choice for parties seeking asymmetric advantages. Another technique we discuss is the use of cellular botnets to launch a denial of service attack against emergency call services or other phone lines in critical infrastructure.

We note that the excellent record of cellular networks does not prove that cellular networks are reliable; we believe that there has simply been a lack of real-world attacks so far. An overview of current and possible countermeasures is provided to show the level of complexity of such a task.

We estimate that the importance of this threat will increase together with the rise in both the popularity and the complexity of smartphones.

Keywords: cellular networks, denial of service, cyber warfare, botnets

slides: KarlisPodnis.ppt (278 kB)

10-15 min

Kenneth Geers (CCD COE)

Everything that happens in the real world is now mirrored in cyberspace. For national security planners, this includes crime, espionage, and increasingly, international conflict, including warfare. All political and military battles now have a cyber dimension, whose size and impact are difficult to predict. Cyber attacks offer many advantages. Above all, the Internet is vulnerable to attack. Further, its amplifying power means that future victories in cyberspace could translate into victories on the ground. Both state and non-state actors enjoy a high return on investment in cyber attacks, which range from the placement of carefully crafted propaganda to the manipulation of an adversary's critical infrastructure. At times, cyber tools and tactics favor nations robust in information technology, but the Internet is a prodigious tool for a weaker party to attack a stronger conventional foe.

slides: KennethGeers.pdf (1 556 kB)


Valid CSS! Valid XHTML 1.0 Strict

© Institute of Cybernetics at TUT, Akadeemia tee 21, 12618 Tallinn, Estonia    Phone: +372 620 4150   Fax: +372 620 4151

25/05/2009 14:45 EEST webmaster ( at )