Advanced Science and Technology Letters
Vol.129 (Mechanical Engineering 2016), pp.75-78
http://dx.doi.org/10.14257/astl.2016.129.15
An Empirical Study on the Security
Priorities in the Future Battlefield
Environment in Internet of Things
Seunghoon Jung1, Jaechoon An2, Jin Young Park3, DongKyun Kim4 and Jong-Bae
Kim5*
1,2,4
156-743 Department of IT Policy and Management, Soongsil Univ., Seoul, Korea
3
Graduate School of Software, Soongsil University, Seoul 156-743, Korea
5*
Graduate School of Software, Soongsil University, Seoul 156-743, Korea
[[email protected]]
Abstract. Recently, our military has adopted Cloud, Big Data, IoT, etc. to
effectively complete missions. We can thus expect to nurture combat oriented
elite forces and build favorable future battle environment based on soldiers
equipped with various technology including IoT. Similar to original internet
environment, IoT confronts various kinds of security threats on network, data,
privacy as well as identification management for each of its characterized
protocol. Thus, in order to strengthen security environment in the future IoT
based battlespace, a research on security priority is required. Recent survey on
military IT experts shows communication/network security is the most
important field. Furthermore, the survey also distinguished security fields that
could be considered fragile. By referring to the result of this research where
study on future IoT based battlespace is reflected on security specialized
military structure, we should be effectively prepared for the expected threats
within the given amount of budget.
Keywords: Future battlefield, security priority, management, Internet of Things
1
Introduction
Recently our military forces are striving to execute missions effectively by
synchronizing Cloud, Bigdata, IoT, etc. into their military while referring to cases like
the FCS. We may well assume that there will be a decrease in number of the
military’s manpower due to recent issues describing the significant decrease of the
population. Thus, it is absolutely necessary to nurture a minority of soldiers to
become combat oriented elite forces. In this manner, the military’s operational
environment will become synthesized with IoT equipment suitable for complex and
5*
Correspondent Author, Tel. : +82-10-9027-3148
Email address: [email protected](Jong-Bae Kim)
ISSN: 2287-1233 ASTL
Copyright © 2016 SERSC
Advanced Science and Technology Letters
Vol.129 (Mechanical Engineering 2016)
structured situations rather than becoming an environment composed of simple
sensors. Moreover, cyber threats will occur more frequently.
IoT has not only experienced security problems of existing internet environments
such as normal security threat. IoT additionally had to face various security threats,
designed for the characteristics of the IoT environment, such as protocol, network,
data, privacy, as well as identification management threats, etc[1].
2
Related work
According to development of military and civilian technologies, changes in the
warring concepts and the recent case of war. Battlefield environment of the future is
changing in aspect to achieve the goal by securing geographical objectives as before,
or to exercise physical force identified the enemy important core nodes and hit the
center rather than to choose a way to end the war in advance[2].
To this end, the United States established a modernization strategy, the so-called
‘The Army Modernization Plan 2012 (ModPlan12)’ around the Army in 2012 and are
going to develop through continuous modification supplement, the more detail in
conjunction with the US army’s Brigade Combat Team (BCT) Modernization Plan
established its modernization strategy of Army equipment It is under[3][4][5].
The device may be authenticated by his ID store and manage his or her own ID,
and to communicate with the authentication center of the service provider, collected
mimic the information about these devices, or own the ID device It is exposed to the
environment which may be vulnerable to attacks on the service block[6][7].
3
IoT security vulnerabilities priorities in military
This study focused on how to find the relative influence of each factor demonstrate,
rather than how to analyze the cause and effect of each variable was used on the
conventional survey analysis methods was studied. And the validity of the problem is
expected if inter complexity of the IT sector is very diverse and each factor by
applying the AMOS structural equation. In this study, the statistical processing
performed through the selection of the priority by using the SPSS version 23 and
frequency analysis.
Table 1. Military IoT communication /network vulnerability analysis
IoT target areas
Average
Worm/Virus
DoS/DDoS
Inappropriate firewall
Protocol vulnerabilities
Confidentiality/Integrity attack
Unexpected vulnerabilities
5.13
6.44
5.32
5.60
5.41
6.26
76
Standard
Deviation
1.575
.498
1.357
.866
1.065
.871
Minimum Maximum Median
2
6
2
4
4
5
7
7
7
7
7
7
5
6
6
6
5
7
Copyright © 2016 SERSC
Advanced Science and Technology Letters
Vol.129 (Mechanical Engineering 2016)
For the military environment IoT communication / network security vulnerabilities
and the results are shown in Table 1. Considering the median ‘DoS/DDoS
vulnerability, vulnerability attack improper use of firewalls, security vulnerabilities
protocol’ this was considered more important. In addition to well-known vulnerability
they were thinking it would be an additional part to the unexpected vulnerability.
Considering the average and median were ranked as DoS/DDoS > Protocol
vulnerabilities > Inappropriate firewall > Confidentiality/integrity > Worm/Virus.
Table 2. Military IoT platform vulnerability analysis
IoT target areas
Average
Worm/Virus
Unauthorized access
OS vulnerabilities attack
Improper use of anti-virus software
Unauthorized I/O
Inappropriate recorded in the system log
Set mistake & error
Confidentiality/Integrity attack
Invasion of privacy
Unexpected vulnerabilities
5.21
5.51
5.68
4.94
4.83
5.02
5.43
4.94
5.11
6.17
Standard
Deviation
1.035
.625
.736
1.097
1.054
.967
1.309
.799
1.006
1.037
Minimum
4
5
5
3
3
4
3
4
4
4
Maximum
7
7
7
7
7
7
7
7
7
7
Median
5
5
6
5
5
5
6
5
5
7
Military IoT platform results for security vulnerabilities are given in Table 2.
Considering the median 'OS vulnerabilities, configuration errors and mistakes
vulnerability, it can be seen that thought is more important. In addition to well-known
vulnerability they were thinking it would be an additional part to the unexpected
vulnerability. Rank considering the average and median was OS vulnerabilities attack
> Set mistake & error > Unauthorized access attacks > Worm/Virus > Invasion of
privacy > Inappropriate recorded in the system log > Confidentiality/integrity >
Improper use of anti-virus software > Unauthorized I/O.
Table 3. IoT military applications service vulnerability analysis
IoT target areas
Average
Worm/Virus
Unauthorized access
OS vulnerabilities attack
Improper use of anti-virus software
Unauthorized service
Unauthorized user
Unauthorized I/O
Inappropriate recorded in the system log
Set mistake & error
Unsafe password attack
Confidentiality/Integrity attack
Invasion of privacy
Unexpected vulnerabilities
5.70
5.41
5.49
5.31
5.13
5.13
4.65
4.74
5.79
5.21
6.07
5.39
6.26
Copyright © 2016 SERSC
Standard
Deviation
1.045
.968
.978
1.215
1.089
1.250
1.320
1.235
.941
.830
1.100
1.068
.972
Minimum
3
3
4
3
3
3
3
3
4
4
4
4
4
Maximum
7
7
7
7
7
7
7
7
7
7
7
7
7
Median
6
6
6
6
5
6
5
5
6
5
6
6
7
77
Advanced Science and Technology Letters
Vol.129 (Mechanical Engineering 2016)
Results for Military IoT application service security vulnerabilities are given in Table
3. Considering the median exclude ‘unauthorized access to services vulnerabilities,
unauthorized I/O access vulnerabilities, and system logs vulnerability to attack,
confidentiality/integrity vulnerability’, and was generally considered important. Also,
they were thinking it would be well to add this vulnerability to unexpected addition to
the part not known vulnerabilities. Average and ranking Considering the median is
Unsafe password attack > Setting errors and mistakes > Worm/Virus > OS
vulnerabilities > Unauthorized access attacks > Invasion of privacy > Improper use of
anti-virus software > Unauthorized user access > Confidentiality/integrity >
Unauthorized access to services > Inappropriate recorded in the system log >
Unauthorized I/O.
4
Conclusion
In this study, summarized the IoT security threats, conduct a survey of military
personnel about IT security threats and were statistically proven for the first specific
security vulnerability ranking. Looking at the priority organized in front there is a
setting error and mistake an important part in many areas. However, as shown in the
present study, it is necessary to recognize that the administrative system of threats
corresponding large side and contemplating the response to it.
It is actually to determine the exact vulnerability targeted only at the time of the
survey results apply to military IoT is not enabled, it is not easy. And the like, if the
next actual data value is expected to be a more accurate assessment through the
complementary element.
References
1.
2.
3.
4.
5.
6.
7.
78
Roman, R., Pablo N., and Javier L.: Securing the internet of things. In: Computer 44.9, pp.
51--58 (2011)
O'Hanlon, M.: Technological change and the future of warfare. In: Brookings Institution,
Washington, DC (2000)
Feickert, A.: The Army's Ground Combat Vehicle (GCV) Program: Background and
Issues for Congress. In: LIBRARY OF CONGRESS WASHINGTON DC
CONGRESSIONAL RESEARCH SERVICE (2013)
U.S. Army.: Army Modernization Plan 2012. In: U.S. Army (2011)
U.S. Army.: Army Equipment Modernization Strategy - Equipping the Total Force to Win
in a Complex World. In: U.S. Army (2015)
Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M.: Internet of Things (IoT): A vision,
architectural elements, and future directions. In: Future Generation Computer Systems,
29(7), pp. 1645--1660 (2013)
Li, L.: Study on security architecture in the Internet of Things. In: Measurement,
Information and Control (MIC), 2012 International Conference on (Vol. 1), IEEE, pp.
374--377 (2012)
Copyright © 2016 SERSC