This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.
Revised: September 16, 2014 |
Published: June 6, 2013
Citation
Greitzer F.L., T.E. Carroll, and A.D. Roberts. 2013.Cyber Friendly Fire: Research Challenges for Security Informatics. In IEEE International Conference on Intelligence and Security Informatics (ISI), June 4-7, 2013, Seattle, Washington, 94-99. Piscataway, New Jersey:IEEE.PNNL-SA-94547.doi:10.1109/ISI.2013.6578794