List of Abbreviations
Chapter 1. Introduction
1.4 Objectives and Methodologies
The main aim of the thesis will be to provide a vulnerability assessment of a generic mobile infrastructure in a South African setting. To accomplish this, the thesis has four primary objectives:
To further develop a framework that may be used in the vulnerability assessment of critical infrastructure from an IW perspective;
To gather data relating to attacks and other security incidents on infrastructure;
Establish the criticality of the mobile infrastructure in South Africa; and,
Apply the proposed framework to the mobile infrastructure to conduct the vulnerability assessment.
Secondary objectives of the thesis are to apply the framework to a second infrastructure, and identify or propose solutions to mitigate the vulnerabilities considered in the study. The methodologies to be employed in this research are as follows:
Desk-based research (incident and trend analysis through document analysis);
Interviews;
A research workshop;
A survey;
Computer simulations; and, Mathematical simulations.
Sections 1.4.1 to 1.4.5 will discuss the objectives in more detail, and relate them to the relevant research methodologies.
1.4.1 Develop a Vulnerability Assessment Framework
As mentioned in Section 1.3, the existing vulnerability assessment frameworks do not provide a single metric for rating the vulnerability or risk of an entire infrastructure; most also do not consider
5
the specific case of IW. The objective is to propose a vulnerability assessment framework that is scalable to different infrastructure sizes and types, and is adaptable to allow for different methodologies as required by the infrastructure being assessed. The assessment framework will provide a single metric that can be used to monitor changes in the vulnerability and risk ratings, or compare different aspects of the existing vulnerability environment.
This objective is sub-divided into two sub-objectives:
The various IW models that will be discussed in Chapter 2 need to be consolidated into one model relating the various aspects of IW; and
The vulnerability assessment framework needs to be generated from the various existing vulnerability and risk frameworks and methodologies that will be discussed in Chapter 2. This needs to be related to the IW model above.
The model and framework will be generated by deskwork, where the existing models and frameworks will be analysed and discussed; from this common or significant areas will be identified to propose an IW model and vulnerability assessment framework.
1.4.2 Data Gathering on Incidents and Attack Trends
As mentioned earlier, a coherent big picture is required of incidents and trends relating to information warfare and security; there is a particular shortage of information pertaining to South Africa (Scheepers, 2009). The objective is to collate information regarding incidents and trends from various sources to indicate what vulnerabilities and threats are prominent, what attack types have been successful, and what the concerns are regarding threats and vulnerabilities.
The trends and incidents will be analysed for the following categories:
General trends in conflict and the roles of technology, and the resulting impact on IW;
General IW and information security trends and incidents globally;
Trends and incidents related to mobile technology;
Trends and incidents related to social media;
Trends and incidents relevant to Africa and South Africa.
These trends and incidents will be drawn from deskwork, where both physical and online documents and secondary data will be referred to for information to illustrate and investigate the trends. The proposed IW model will be used to analyse incidents; common factors amongst the considered incidents will indicate trends. Expert interviews will illustrate concerns and perceptions
6
related to the general vulnerabilities and threats, and those related to the mobile infrastructure. The respondents will be both South African and international, thus providing both local and international contexts. The research workshop will indicate the trends and incident types that South African information security practitioners and researchers are noticing in the country. Computer simulations and mathematical calculations will be used test the feasibility and potential impacts of proposed attacks on the mobile infrastructure in a South African setting.
1.4.3 Establish the Mobile Infrastructure as Critical
As the primary focus of the vulnerability assessment will be the mobile infrastructure and it is to be treated as part of the critical information infrastructure, the criticality of the mobile infrastructure needs to be determined. The expert interviews will provide insight into their perceptions of the relevance of the mobile infrastructure to the critical information infrastructure. A pilot questionnaire-based survey of informal traders in the eThekwini (Durban) area will provide indications of the reliance of the informal sector on mobile communications. Secondary data and incidents from the trend and incident analysis will also provide insights into the criticality of the mobile infrastructure.
1.4.4 Application of the Framework to the Mobile Infrastructure
This objective employs the framework to organise the information gathered to assess the threats, vulnerabilities, potential impacts of incidents, and associated risks to the mobile infrastructure. This comprises primarily of deskwork and some mathematical calculation as the data from the trend and incident analysis, interviews, workshop, and simulations and calculations are triangulated.
A generic mobile infrastructure will be assessed using open source information only; this is to protect sensitive information relating to the specific mobile networks in the country. The mobile infrastructure was chosen as the infrastructure and devices dependent upon this infrastructure exhibit most, if not all, of the modern information and communication technologies, such as social media, wireless networking, mass storage, messaging, and both voice and data communications.
This provides the opportunity to investigate the vulnerabilities and threats related to a wider range of technologies.
1.4.5 Secondary Objectives
There are two secondary objectives in this study: applying the framework to a second infrastructure;
and providing solutions to mitigate the identified threats and vulnerabilities. Applying the
7
framework to a second infrastructure will not do so at the level as described in Section 1.4.4;
instead, it will be a smaller case to initially provide some validation of the framework. This is done in Section 4.3.2. Some solutions will arise from the interviews, workshop, and incident or trend analysis; the candidate also proposes some methods of mitigating attacks or vulnerabilities in publications or in this thesis.