Upload File

effects of adversarial interaction on the adoption and...

  • Home
  • Documents
  • Effects of Adversarial Interaction on the Adoption and ...csel.eng.ohio-state.edu/productions/intelligence/3... · Seth Lewis, Terry Studer, Martin Voshell OVERVIEW Mitigating the
1
C/S/E/L :2008 innovations at the intersection of people, technology, and work Effects of Adversarial Interaction on the Adoption and Adaptation of Disruptive Communication Technologies Seth Lewis, Terry Studer, Martin Voshell OVERVIEW Mitigating the effects of disruptive communications technologies is quite challenging given how intelligent adversaries with dynamic organizational structures constantly adopt and adapt. This is further complicated by the rapid evolution of modern communication such as the world wide web. The current work proposes a descriptive model of adversarial interaction in order to support analysts and decision makers in anticipatory and adaptive collection to help avoid strategic and adversarial surprise. As defined by Trent (2006), adversarial interaction "entails a wide range of adaptive behaviors including deception, mutual confusion, and doctrinal adaptation." Traditional models of technology adaptation and adoption, as well, often ignore two main issues when they focus on disruptive technologies. 1.) Varying organizational structures - Some groups are organized according to a highly compartmentalized, dynamic, and cellular structure, whereas other groups operate in a traditional, hierarchical manner. 2.) Effects of an intelligent adversary on the technology adoption and adaptation cycle - In highly technical societies, technology will benefit the attacker, at least initially. The enemy rarely innovates for innovation’s sake; most often they are forced to adopt or adapt to pressures put on them by their adversary. This adversarial relationship compounds the risk factors that groups must consider when adopting or adapting a new technology use. Adversarial groups use both indirect and direct communications, depending on their goals, stance, capabilities, and doctrine, This manifests in how they share information and plan operations through: Indirect Communication– Groups knowingly distribute information to a mass audience but retain limited control as to who reads or listens (e.g. blogs, websites, message boards) Direct Communication– Groups communicate with a specific intended recipient (e.g. cell phones, e-mail draft correspondence, instant messaging). A CURRENT PERSPECTIVE The figure below, developed by the RAND Corporation, illustrates one view of how terrorist groups conduct operations. In the operational planning and execution phase of their activities, there is more reliance on direct communication, whereas throughout the recruitment, indoctrination, training, and propaganda phases reliance shifts to indirect forms of communication. To accomplish their objectives in this phase terrorists must disseminate information to a mass audience. If they cannot reach an adequately large audience then the use of that particular technology is insufficient. What the model below fails to describe are the complex communicative interactions that take place at different phases of the terrorists’ activities. Adversaries will only adopt a new usage technique if their enemy forces them through developments of a counter- measure. For example, reports suggest al- Qaeda uses e-mail to correspond and aid in operational planning. Upon realizing that transmitting e-mail is vulnerable to interception, they may change their usage. By adopting a new usage technique allows them to accomplish their goals as dictated by usage criteria. For example, there is evidence al-Qaeda transitioned to using drafts of e-mails as a type of “electronic dead drop." This adoption enables multiple cell members to send and receive direct communications retaining anonymity account while being less vulnerable to electronic interception. TOWARD DEVELOPING A NEW MODEL The cycle below serves as a model based on adversarial interaction to describe the adoption and adaptation of disruptive communications technologies by enemy groups. The speed of the cycle varies depending on whether the communications usage method in question is direct or indirect. The cycle revolves around a set of core communications procedures that constantly supplement technical communications. A cycle dealing with direct communications moves more quickly. Information transmitted using this method would be actionable for an adversary and also presents the greatest risk of interception for the group. A group that adopts blogging as a technology, for example, will maintain its use as long as it fits into a set of criteria that dictates its effectiveness. If the situation changes or is perceived to have changed due to an enemy's actions, then the group will be forced to innovate or adopt a new communications usage technique or risk being exposed. IMPLICATIONS AND PAYOFF FOR FUTURE SYSTEMS Adapted from The New York Times "Consumption Spreads Faster" Telephon e Radio Television VCR Computer Cell Phone Internet 1900 1915 1930 1945 1960 1975 1990 2005 Percent of U.S. Households 0 10 20 30 40 50 60 70 80 90 100 A critical component often ignored when conducting research in information analysis is the dynamic interaction of an intelligent and adaptive adversary. The uncertainty created by these interactions produces the classic fog and friction of war between opponents. The modern 'open source' enemy can be well funded, can be quite risk tolerant, and can utilize technology as a force multiplier to carry out their goals. In the model we argue that the fundamental patterns of collaborative work are the same, however the changing nature of technology can drastically impact and facilitate defensive and offensive activities. "Technology creates security imbalances."- Shcneier, 2007. Disruptive Technology and Innovation can be defined as an unanticipated use of a current technology by an adversary in order to more effectively accomplish their objective(s). As attack tools become more plentiful, powerful, and easier to use, adversaries are quick to adopt and make use of technology that lets them accomplish their goals with less effort. With recent IT advances, technology plays a major role in the mediation of operations, it amplifies capabilities and vulnerabilities in a one:many fashion, technological skill is separated from ability, and actions can be carried out at a distance. 1980 Afghan Mujahideen used messengers and hand signals to communicate on the battlefield, but this was not efficient. They captured Soviet radios from ambushed convoys. 1980 Soviet Army in Afghanistan used encrypted radios to communicate on the battlefield. 1981 Afghan Mujahideen used the captured radios to better coordinate their attacks on Soviet and DRA forces. 1981 Soviet Army continued to rely heavily on radio communications to control operations in Afghanistan. 1981 Afghan Mujahideen attacked C2 vehicle in Soviet Army convoys to disrupt their radio net and they intercepted Soviet radio traffic for intelligence purposes. 1981 Soviet Army used direction finding equipment to locate Mujahideen guerrillas when they used radios. 1982 Soviet Army realized that their ambush sites were being avoided by Afghan guerrillas because they were intercepting Soviet radio communications. 1982 Afghan Mujahideen had several operations fail due to poor radio security practices. 1984 Some Mujahideen groups stopped using the radios for voice communications and instead broke squelch to signal each other. They also used Soviet radios to broadcast disinformation. 1984 Soviet Army continued to use the radios, even though they knew that it was not secure. This was due to a very centralized structure. All technology is dual-use. The dual-use transfer of technology and innovation is tighter than ever before and the lines between military and civilian use are blurred. Dual-use technologies used to be rare, but today information technology transfer and consumption is rapid and we constantly see applications and adaptations of technology in unanticipated uses. Forms of attack and defense are the same across military and civilian sectors- from routers, switches, and servers to protocols, and applications. This creates new and emerging gaps for malicious adversaries to leverage and exploit. Discovers Comm Method Compromised Newer, More Secure Comm Usage Technique Established Employs New Comm Usage Technique Counter Measure Breakthrough Adversary Works on Counter-Meaasure Believes Comm Secure Innovation & Adaptation Process Low-Tech Procedures Constantly Supplemented by Tech Comm Methods

Upload: others

Post on 11-Sep-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Effects of Adversarial Interaction on the Adoption and ...csel.eng.ohio-state.edu/productions/intelligence/3... · Seth Lewis, Terry Studer, Martin Voshell OVERVIEW Mitigating the

C/S/

E/L

:20

08in

nova

tion

s at

the

in

ters

ecti

on o

f pe

ople

, te

chno

logy

, and

wor

k

Effects of Adversarial Interaction on the Adoption and Adaptation of Disruptive Communication TechnologiesSeth Lewis, Terry Studer, Martin Voshell

OVERVIEW

Mitigating the effects of disruptive communications technologies is quite challenging given how intelligent adversaries with dynamic organizational structures constantly adopt and adapt. This is further complicated by the rapid evolution of modern communication such as the world wide web. The current work proposes a descriptive model of adversarial interaction in order to support analysts and decision makers in anticipatory and adaptive collection to help avoid strategic and adversarial surprise.

As defined by Trent (2006), adversarial interaction "entails a wide range of adaptive behaviors including deception, mutual confusion, and doctrinal adaptation."

Traditional models of technology adaptation and adoption, as well, often ignore two main issues when they focus on disruptive technologies.

1.) Varying organizational structures - Some groups are organized according to a highly compartmentalized, dynamic, and cellular structure, whereas other groups operate in a traditional, hierarchical manner.

2.) Effects of an intelligent adversary on the technology adoption and adaptation cycle - In highly technical societies, technology will benefit the attacker, at least initially. The enemy rarely innovates for innovation’s sake; most often they are forced to adopt or adapt to pressures put on them by their adversary. This adversarial relationship compounds the risk factors that groups must consider when adopting or adapting a new technology use.

Adversarial groups use both indirect and direct communications, depending on their goals, stance, capabilities, and doctrine, This manifests in how they share information and plan operations through:

Indirect Communication– Groups knowingly distribute information to a mass audience but retain limited control as to who reads or listens (e.g. blogs, websites, message boards)

Direct Communication– Groups communicate with a specific intended recipient (e.g. cell phones, e-mail draft correspondence, instant messaging).

A CURRENT PERSPECTIVE

The figure below, developed by the RAND Corporation, illustrates one view of how terrorist groups conduct operations. In the operational planning and execution phase of their activities, there is more reliance on direct communication, whereas throughout the recruitment, indoctrination, training, and propaganda phases reliance shifts to indirect forms of communication. To accomplish their objectives in this phase terrorists must disseminate information to a mass audience. If they cannot reach an adequately large audience then the use of that particular technology is insufficient.

What the model below fails to describe are the complex communicative interactions that take place at different phases of the terrorists’ activities.

Adversaries will only adopt a new usage technique if their enemy forces them through developments of a counter-measure. For example, reports suggest al-Qaeda uses e-mail to correspond and aid in operational planning. Upon realizing that transmitting e-mail is vulnerable to interception, they may change their usage.

By adopting a new usage technique allows them to accomplish their goals as dictated by usage criteria. For example, there is evidence al-Qaeda transitioned to using drafts of e-mails as a type of “electronic dead drop." This adoption enables multiple cell members to send and receive direct communications retaining anonymity account while being less vulnerable to electronic interception.

TOWARD DEVELOPING A NEW MODEL

The cycle below serves as a model based on adversarial interaction to describe the adoption and adaptation of disruptive communications technologies by enemy groups. The speed of the cycle varies depending on whether the communications usage method in question is direct or indirect. The cycle revolves around a set of core communications procedures that constantly supplement technical communications. A cycle dealing with direct communications moves more quickly. Information transmitted using this method would be actionable for an adversary and also presents the greatest risk of interception for the group. A group that adopts blogging as a technology, for example, will maintain its use as long as it fits into a set of criteria that dictates its effectiveness. If the situation changes or is perceived to have changed due to an enemy's actions, then the group will be forced to innovate or adopt a new communications usage technique or risk being exposed.

IMPLICATIONS AND PAYOFF FOR FUTURE SYSTEMS

Adapted from The New York Times "Consumption Spreads Faster"

Telephone

Radio

Television

VCR

Computer

Cell Phone

Internet

1900 1915 1930 1945 1960 1975 1990 2005

Percent of U.S. Households

0

10

20

30

40

50

60

70

80

90

100

A critical component often ignored when conducting research in information analysis is the dynamic interaction of an intelligent and adaptive adversary. The uncertainty created by these interactions produces the classic fog and friction of war between opponents.

The modern 'open source' enemy can be well funded, can be quite risk tolerant, and can utilize technology as a force multiplier to carry out their goals. In the model we argue that the fundamental patterns of collaborative work are the same, however the changing nature of technology can drastically impact and facilitate defensive and offensive activities.

"Technology creates security imbalances."- Shcneier, 2007. Disruptive Technology and Innovation can be defined as an unanticipated use of a current technology by an adversary in order to more effectively accomplish their objective(s). As attack tools become more plentiful, powerful, and easier to use, adversaries are quick to adopt and make use of technology that lets them accomplish their goals with less effort.

With recent IT advances, technology plays a major role in the mediation of operations, it amplifies capabilities and vulnerabilities in a one:many fashion, technological skill is separated from ability, and actions can be carried out at a distance.

1980Afghan Mujahideen used messengers and hand signals to communicate on the battlefield, but this was not efficient. They captured Soviet radios from ambushed convoys.

1980Soviet Army in Afghanistan used encrypted radios to communicate on the battlefield.

1981Afghan Mujahideen used the captured radios to better coordinate their attacks on Soviet and DRA forces.

1981Soviet Army continued to rely heavily on radio communications to control operations in Afghanistan.

1981Afghan Mujahideen attacked C2 vehicle in Soviet Army convoys to disrupt their radio net and they intercepted Soviet radio traffic for intelligence purposes.

1981Soviet Army used direction finding equipment to locate Mujahideen guerrillas when they used radios.

1982Soviet Army realized that their ambush sites were being avoided by Afghan guerrillas because they were intercepting Soviet radio communications.

1982Afghan Mujahideen had several operations fail due to poor radio security practices.

1984Some Mujahideen groups stopped using the radios for voice communications and instead broke squelch to signal each other. They also used Soviet radios to broadcast disinformation.

1984Soviet Army continued to use the radios, even though they knew that it was not secure. This was due to a very centralized structure.

All technology is dual-use. The dual-use transfer of technology and innovation is tighter than ever before and the lines between military and civilian use are blurred. Dual-use technologies used to be rare, but today information technology transfer and consumption is rapid and we constantly see applications and adaptations of technology in unanticipated uses.

Forms of attack and defense are the same across military and civilian sectors- from routers, switches, and servers to protocols, and applications. This creates new and emerging gaps for malicious adversaries to leverage and exploit.

Discovers Comm Method Compromised

Newer, More Secure Comm Usage Technique

Established

Employs New Comm Usage Technique

Counter Measure Breakthrough

Adversary Works on Counter-Meaasure

Believes Comm

Secure

Innovation & Adaptation Process

Low-Tech Procedures Constantly

Supplemented by Tech Comm

Methods

Studer I/O Solutions & Specifications

STUDER A727

AC-COUPLING WITH AN XTENDER INVERTERsolar-academy.com/menuis/AC_coupling_with_Xtender231812.pdf · 2012. 9. 7. · STUDER Innotec Studer white paper – AC coupling with an Xtender

Slide 1 COPYRIGHT © STUDER GROUP COPYRIGHT © STUDER … · COPYRIGHT © STUDER GROUP Please do not quote or disseminate without Studer Group authorization Thank You! Bob Murphy,

The Water Cycle Slideshow By: Megan Studer editing By Megan Studer pictures found By Megan Studer paint on pictures by Megan Studer Hope you enjoy!

Studer D 950 M2

Studer Vista Remote Bay… · Studer Vista Remote Bay The well received and awarded Studer Vista 7 as well as the Studer Vista 6 and Studer Vista 8 are completed by the new Studer

Title of Presentation - Studer Group€¦ · – Studer Group is accredited by the Accreditation Council ... Safer Patient Care Through Hourly Rounding Kate Cronin, ... Cheshire Medical

Using HCAHPS Survey Custom Questions to Drive Staff …€¦ · ... without Studer Group authorization •Hourly Rounding ... Regional Medical Center 17 ... without Studer Group authorization

csel.eng.ohio-state.educsel.eng.ohio-state.edu/productions/intelligence/4...Woods, Justin Grossman, Martin Voshell Managing Multiple Perspectives Intelligence products are context

Studer 40w Power Amplifier Schematic

Amanda Studer

by Greg Paris, MHA May 3, 2016 - HCECMis a member of Studer Group’s Hall of Fame. Over the past 7 years, he has worked with Studer Over the past 7 years, he has worked with Studer

Annexe | Appendix | Anhang | Anexo2015.studer-innotec.com/media/document/0/x-connect... · Studer Innotec SA Xtender Appendix V2.1.0 5 INTRODUCTION Congratulations! You just purchased

Studer Group Toolkit - Hcahps

Studer OnAir 3000 Brochure 1111 LR

BORIS C. KONDRATIEFF AND J. REESE VOSHELL, JR

Studer Revox 1948-1987 - Revoxsammlerrevoxsammler.ch/Verschiedenes/Studer-Revox 1948-1987 (E).pdf · of Studer Revox is in best hands, It all started rn l94B: a948 ... Regensdorl

Miracle-Gro. Adam Studer

Studer Web Portal How to use the Studer ... - Studer InnotecThe dashboard will display a system overview with live instant information through three screens as well as the system information

Yves Studer: Big Data in practice

Manual Inversor Studer 2400 24

Adam Studer Get Going

A STUDER solution for each situation! Solar Home Systems ... Studer Solution-e… · 1950 Sion - Switzerland Tel: +41 (0)27 205 60 80 Fax: +41 (0)27 205 60 88 [email protected]

MÄGERLE BLOHM JUNG STUDER SCHAUDT MIKROSA WALTER EWAG ... · MÄGERLE BLOHM JUNG STUDER SCHAUDT MIKROSA WALTER EWAG Motion ... MÄGERLE BLOHM JUNG STUDER SCHAUDT MIKROSA WALTER

Implementing the Studer Initiatives to Sustain Change: An

Discrepancy Analysis of State Sequences - UNIGEmephisto.unige.ch/pub/edm/doc/articles/Studer-et-al_SMR11-preprint… · Discrepancy Analysis of State Sequences Matthias Studer, Gilbert

What Right Looks Like - Studer Group

GREGORY S. VOSHELL · GREGORY S. VOSHELL [email protected] December 12, 2007 Ms. Nancy M. Morris Secretary U.S. Securities and Exchange Commission 100 F. Street, N.E. Washington

Studer i utlandet 2013/14!

Battelle 2015 Studer BiRD+ZVI Poster 501715

Hello from Quint Studer - hfmatexas.org

Studer Model S121 CNC Internal Grinder - Brochure

Slide 1 COPYRIGHT © STUDER GROUP COPYRIGHT … © STUDER GROUP Please ... Increase employee satisfaction ... COPYRIGHT © STUDER GROUP Please do not quote or disseminate without Studer

Copyright © 2015 Studer Group. Please do not quote or disseminate without Studer Group authorization Georgia Hospital Association Clay D. Linkous, MBA,