Copyright (c) 2013 Edith Cowan University All rights reserved. http://ro.ecu.edu.au/asi Recent documents in Australian Security and Intelligence Conference en-us Tue, 16 Apr 2013 11:04:16 PDT 3600 http://ro.ecu.edu.au/asi/26 http://ro.ecu.edu.au/asi/26 Fri, 22 Feb 2013 00:03:49 PST In 2010, the US Intelligence Advanced Research Projects Activity (IARPA) announced a 4-year forecasting “tournament”. Five collaborative research teams are attempting to outperform a baseline opinion pool in predicting hundreds of geopolitical, economic and military events. We are contributing to one of these teams by eliciting forecasts from Delphi-style groups in the US and Australia. We elicit probabilities of outcomes for 3-5 monthly questions, such as: Will Australia formally transfer uranium to India by 1 June 2012? Participants submit probabilities in a 3-step interval format, view those of others in their group, share, rate and discuss information, and then make a second private judgement. Performance is assessed using Brier scores. After Year 1, we ranked second of five teams in the competition. The Brier scores from the US Delphi groups improved on the baseline scores by 10%, the prediction market operated by our team in the US beat the baseline by 47%, and the Australian Delphi groups outperformed the baseline by 51% (answering different, matched questions to the US groups). The Australian groups were more socially and demographically diverse than the US groups. Group diversity may be an important factor determining the forecasting performance of the aggregated predictions.

]]> Bonnie Wintle et al. http://ro.ecu.edu.au/asi/25 http://ro.ecu.edu.au/asi/25 Fri, 22 Feb 2013 00:03:48 PST Modern surveillance devices are increasingly being taken off private networks and placed onto networks connected via gateway to the Internet or into Wi-Fi based local area wireless networks (LAWN). The devices are also increasingly using IPv4 and IPv6 network stacks and some form of embedded processing or compute built in. Additionally, some specialist devices are using assistive technologies such as GPS or A-GPS. This paper explored the issues with use of the technologies in a networked environment, both wireless and internetworked. Analysis of these systems shows that the use of IP based CCTV systems carries greater risk than traditional CCTV systems, primarily due to the exposure to IP based vulnerabilities. Furthermore, Wi-Fi based IP CCTV systems are additionally susceptible to remote, physical denial of service attacks due to the broadcast nature of wireless communication systems. Interception of traffic is possible with IP based systems, and again, Wi-Fi IP based CCTV systems are more susceptible due to protocol vulnerabilities and lack of processing power. The paper concludes that more research is needed in this area to identify and classify generic vulnerabilities that these systems are vulnerable to, and to present a framework which can be used to mitigate the risk of adopting these systems.

]]> Michael Coole et al. http://ro.ecu.edu.au/asi/23 http://ro.ecu.edu.au/asi/23 Fri, 22 Feb 2013 00:03:47 PST The development of a counter-insurgency doctrine is an evolutionary process: no two insurgencies are the same. However, certain fundamental principals remain consistent and these can be applied to meet the required circumstances. The creation of an overarching plan encompassing a combination of military, political and social actions under the strong control of a single authority is central. Therefore, understanding the basics allows for the development of a tactical strategy based upon a structured plan. Compiling the ‘Plan’ should be based upon the lessons learnt from the past. To this end, the methodology used is supported by a literature review and interviews from participants in a limited assessment of the two historical conflicts: Malaya and Kenya. Based upon the findings, a condensed table is presented to aid analysis, using a French doctrinal approach as a tool for interpretation. In addition, this is supported by quotes from the respondents involved in the research process. These findings are the preliminary results of a research study looking at what was effective during the prosecution of the selected insurgencies. Outcomes indicate that the fundamental principals are pertinent today and are therefore generally applicable.

]]> W. J. Bailey http://ro.ecu.edu.au/asi/24 http://ro.ecu.edu.au/asi/24 Fri, 22 Feb 2013 00:03:47 PST A common language with consistency of meaning is a critical step in the evolution of a profession. Whilst the debate as to whether or not security should be considered a profession is ongoing there is no doubt that the wider community of professionals operating in the security domain are working towards achieving recognition of security as a profession. The concepts of defence in depth, protection in depth and security in depth have been used synonymously by different groups across the domain. These concepts represent the very foundation of effective security architecture are hierarchical in nature and have specific meaning. This paper through comparative analysis clearly defines the difference between and establishes the hierarchy such that a common understanding can be achieved.

]]> Michael Coole et al. http://ro.ecu.edu.au/asi/22 http://ro.ecu.edu.au/asi/22 Fri, 22 Feb 2013 00:03:46 PST Assessing the credibility of an evidential source is an important part of intelligence analysis, particularly where human intelligence is concerned. Furthermore, it is frequently necessary to combine multiple items of evidence with varying source credibilities. Bayesian networks provide a powerful probabilistic approach to the fusion of information and are increasingly being applied in a wide variety of settings. In this paper we explore their application to intelligence analysis and provide a simple example concerning a potential attack on an infrastructure target. Our main focus is on the representation of source credibility. While we do not advocate the routine use of quantitative Bayesian networks for intelligence analysis, we do believe that their qualitative structure offers a useful framework for evidence marshalling. Furthermore, we believe that quantified Bayesian networks can also play a part in providing auxiliary models to explore particular situations within a coherent probabilistic framework. This process can generate fresh insights and help to stimulate new hypotheses and avenues of enquiry.

]]> Ken McNaught et al. http://ro.ecu.edu.au/asi/21 http://ro.ecu.edu.au/asi/21 Thu, 14 Jun 2012 00:57:26 PDT A central focus of intelligence is the identification, analysis and assessment of threat. However, as acknowledged by intelligence practitioners, threat assessment lags behind the related field of risk assessment. This paper highlights how definitions of threat currently favoured by intelligence agencies are primarily based on threatening entities alone. Consequently, assessments of threat are almost singularly concerned with understanding an identified enemy’s intentions and capabilities. This ‘enemy-centric’ approach to intelligence analysis has recently come in for criticism. In particular, the shortcomings of the current approach become apparent where the focus of intelligence analysis is on threats from difficult-to-identify sub-state or non-state actors. This paper argues that a model of threat singularly focussed on threatening entities overly simplifies what is an inherently complex, inter-related phenomenon between multiple entities. A more comprehensive taxonomy of threat is proposed which identifies various entities covered by the concept of threat. This taxonomy provides a starting point for developing a more rigorous approach to threat assessment which better reflects the complexity of the phenomenon of threat.

]]> Charles Vandepeer http://ro.ecu.edu.au/asi/20 http://ro.ecu.edu.au/asi/20 Thu, 14 Jun 2012 00:57:25 PDT Source and information evaluation is identified as being a critical element of the analytical process and production of intelligence products. However there is concern that in reality evaluation is being carried out in a cursory fashion involving limited intellectual rigour. Poor evaluation is also thought to be a causal factor in the failure of intelligence. This study examined the process of information and source evaluation as understood and practiced by, six West Australian Police Force, (WAPOL) intelligence analysts. Data was gathered by use of a focus group with that data being compared against the current literature. It was discovered that formal training in evaluation methods was limited. The significance of evaluation was however clearly understood and the lack of sufficient training was recognised as a limitation to analysis. The study however identified that this group of analysts did practice evaluation through a process of ongoing information contextualisation.

]]> John Joseph et al. http://ro.ecu.edu.au/asi/18 http://ro.ecu.edu.au/asi/18 Thu, 14 Jun 2012 00:57:24 PDT Highly entitative sub-groups with strong ideologies ensure members are committed to the groups cause making disengagement a significant life event. This paper provides an insight into the current study of the psychological and social factors influencing the experience of personal disengagement from HESGIs. Semi-structured interviews were held with former members of one percent motorcycle clubs, fundamental religious groups, a pseudopsychotherapeutic cult, political activist groups, and military Special Forces. Using purposive sampling, participants were recruited through informal networks, internet requests and snowballing methods. Data analysis is at the preliminary stages, but through the coding and analysis methods of Strauss and Corbin’s (1990) grounded theory, interesting points have been noted in terms of causes for disillusionment, social distancing, and the self-identity.

]]> Kira J. Harris http://ro.ecu.edu.au/asi/19 http://ro.ecu.edu.au/asi/19 Thu, 14 Jun 2012 00:57:24 PDT Since the IEEE ratification of the 802.11 standard in 1999, continuous exploits have been discovered compromising the confidentiality, integrity and availability of 802.11 networks. This paper describes the justification for a project to assess the security status of wireless network usage in society. It reviews the status of both commercial and residential approaches to wireless network security in three major Victorian cities, Melbourne, Geelong and Mornington, in Australia. By War Driving these suburbs, actual data was gathered to indicate the security status of wireless networks and give a representation of modern attitudes towards wireless security for the sample population. Preliminary results are presented to demonstrate the extent to which commercial or residential suburbs address wireless security. At this stage in the research further work is required to completely analyse the results. It is anticipated that the results will be useful for providing input into a defence and attack methodology for improving the security of both residential and commercial use of wireless networks.

]]> Lucas Jacob et al. http://ro.ecu.edu.au/asi/16 http://ro.ecu.edu.au/asi/16 Thu, 14 Jun 2012 00:57:23 PDT This research examines the technological challenges posed by security imaging technologies for human visual analysis of images. Imaging technologies are increasing becoming part of an overall security strategy that incorporates a range of camera technologies, x-ray technologies, and other electromagnetic imaging such as millimetre wave and terahertz based systems. Still and video image types are increasingly becoming presented to viewers or screeners in forms that are only representative in nature and highly abstract, and the use of filters is increasing the complexity of interpretation. Despite a range of factors that are being looked at to enhance visual analysis, the contribution of individualised image processing skills is poorly understood and recognised. The paper explores examples of how an assessment exercise which examines visual analysis, ScanX, correlates against performance in four major studies set in different environments and using both x-ray and CCTV technologies. Correlations show strong relationships to performance despite the difference in image technology and environmental settings, as well as detection targets and criteria. Support for a set of core image analysis skills that can be used across a range of technologies by a common operator group is shown by the research. These skills appear to relate more to the nature of processing applicable to various forms of image rather than the image content itself.

]]> Craig HM Donald http://ro.ecu.edu.au/asi/17 http://ro.ecu.edu.au/asi/17 Thu, 14 Jun 2012 00:57:23 PDT This research uses a task disengagement framework to examine how CCTV surveillance operators and novices respond to the vigilance demands of the detection process. Vigilance tasks are acknowledged as being high in mental workload, yet little is known about how operators deal with these demands in jobs where successful performance is reliant upon sustaining attention on a daily basis. Much vigilance research makes an implicit assumption that people perform tasks that require sustained attention in a passive manner. By contrast, this study examines how operators manage their levels of task engagement and attention resources. The sample consisted of 73 participants (42 CCTV operators and 31 novices) who performed a 90-minute CCTV video surveillance task. Individualised responses to vigilance demands were identified. Alternating fluctuations in task engagement were found for the majority of participants, indicating efforts to manage attention resources and cope with vigilance demands. Differences in subjective responses to the vigilance task were identified. Implications for the management of vigilance performance are discussed.

]]> Fiona M. Donald et al. http://ro.ecu.edu.au/asi/15 http://ro.ecu.edu.au/asi/15 Thu, 14 Jun 2012 00:57:22 PDT Security is applied in the built environment and this requires a close relationship with facility managers. Therefore, this study puts forward an approach to establish the facility management knowledge categories within the built environment. In part, the significance of the study stemmed from research undertaken into the compliance to Australian fire door maintenance within nursing homes, which demonstrated 87 percent noncompliance. This high level of non-compliance appeared to identify a lack of facility management knowledge, among other issues (Doleman & Brooks, 2011). The article uses a method to test the supposition of facility management knowledge construct in a three-phase Grounded Theory analysis. Phase-one examines international tertiary Facility Management courses, where course content is critiqued through linguistic analysis to extract the knowledge categories. Phase-two of the study further analyses these findings through the use of multidimensional scaling to present underlying conceptual knowledge interrelationships. The final third-phase uses experts in order to validate the findings of the previous two phases. A pilot study identified 18 common knowledge concepts, for example project management, space planning, budgeting and principles of facility management. The study outcomes will improve the understanding of building knowledge requirements within the built environment, resulting in a framework of facility management knowledge categories. Such an outcome will support the consensual development of a facility management body of knowledge. The specific outcomes put forward for this research includes establishing the primary knowledge categories found within the Facility Management Industry. In addition, the outcomes will support the consensual development of a facility management body of knowledge, support policy, education and the relationship with security.

]]> Robert Doleman et al. http://ro.ecu.edu.au/asi/13 http://ro.ecu.edu.au/asi/13 Thu, 14 Jun 2012 00:57:21 PDT The end-of-year post exam celebrations for Year 12 secondary school students presents a unique crime prevention proposition in Australia each year. Students of approximately 17 years of age congregate in a variety of locations in large groups known as ‘Leavers’. Traditionally a number of 'rite of passage' activities, fuelled by additional factors such as alcohol, drugs and peer pressure, have resulted in an increased risk of crime and anti-social behaviour. This paper examines mitigation strategies aligned with Crime Prevention Through Environmental Design (CPTED) when placed at an event. Using the annual Leavers cohort at Rottnest Island, W.A., a number of 1st and 2nd generation CPTED instruments are discussed and evaluated. The additional isolation factor of the island highlights the value of 2nd generation social cohesion and its likely impact in reducing a number of crime-related social issues. The paper concludes that increased 2nd generation CPTED treatments significantly improve crime reduction and fear of crime in temporary locations when used for mass gatherings at events.

]]> John Letch et al. http://ro.ecu.edu.au/asi/14 http://ro.ecu.edu.au/asi/14 Thu, 14 Jun 2012 00:57:21 PDT Security Science education at university levels is still in its infancy, with little agreement towards knowledge, curriculum and competency. Therefore, it is essential that educators draw on relevant literature highlighting means of efficient and effective knowledge transfer for tertiary students within the Security Science domain. Such knowledge transfer will reduce the gap between academic knowledge (explicit) and professional competency (tacit knowledge). This paper presents phase one of a multiphase study. A qualitative “systems based knowledge structure” of security domain categories has been conceptually mapped as a domain heuristic. The heuristic drew on research highlighting that experts have both richer depths of domain knowledge and superior cross referenced organizational structure. The conceptual map takes a topdown approach bounded by routine activity, rational choice, situational crime prevention, defence in depth, security decay and management theories within the elements of prevention, preparedness, response and recovery. Results indicate that within a systems approach, core security professional competencies relate to the ability to skilfully apply the theories and best practice principles represented within the preliminary heuristic that brings together academic theory with practising security strategies.

]]> Richard Coole et al. http://ro.ecu.edu.au/asi/12 http://ro.ecu.edu.au/asi/12 Thu, 14 Jun 2012 00:57:20 PDT The Asia Pacific (APAC) region encompasses a heterogeneous group of nation-states. Like the APAC region, the security industry operates within a diverse and multi-disciplined knowledge base, with risk management being a fundamental knowledge domain within security. Nevertheless, there has been limited understanding of what security professionals use when applying security risk management. The study was designed to gain a better understanding of risk management practice in place throughout APAC. Questions were generated to gauge an understanding of current practice and levels of implementation of standards and frameworks. Participants were drawn from many industries, using non-probabilistic sampling methods in a “snowball” response to an online survey. Results were collected and analysed to provide interpretations and findings, and where appropriate, weighted factor analysis were conducted. Findings indicated that the majority of APAC nation-states do not have a defined risk management standard, but security practitioners use their own internal framework. Following this approach, security practitioners use ISO 31000 and AS/NZS 4360 standards in parity, even considering their differing age. ISO 28000 Supply Chain Security Management was a popular standard, driven from Singapore. Nevertheless, the use of these standards should still raise concern due to a lack of a directed security risks management frameworks that incorporates threat, vulnerability and criticality. Further study needs to better understand what risk management techniques and frameworks security practitioners are using.

]]> David J. Brooks et al. http://ro.ecu.edu.au/asi/10 http://ro.ecu.edu.au/asi/10 Thu, 14 Jun 2012 00:57:19 PDT As a relatively new discipline Security Science is searching for academic acceptance very often combining established hard science approaches with those of Social Science and Humanities. Methodologies need to be developed to equip the discipline to conduct more varied research. One such method is the use of the case study approach, as it allows multiple inputs from a variety of sources to build up the research into a central review, allowing conclusions and recommendations to be drawn from the data. Though relatively common in the business world for conducting reports, this has not hitherto been the position in academia. The objective of this speculative paper develops a process used for research and seeks to open a debate as to the importance of case studies in the security field; the paper argues that it is an underutilised research paradigm. The merits of using the case study structure will be discussed, including the debate over positivism and constructivism, which will then lead on to a potential analytical method called Interpretative Phenomological Analysis (IPA); used predominately in ethnographical studies. The importance of using a pilot study before proceeding to the full study is also suggested to avoid costly mistakes later in the research.

]]> Bill Bailey http://ro.ecu.edu.au/asi/11 http://ro.ecu.edu.au/asi/11 Thu, 14 Jun 2012 00:57:19 PDT Intelligent Buildings (IB) have become increasing popular during the past decade, driven through the need to reduce energy, have more reactive and safer buildings, and increase productivity. IB integrate many systems that were in the past isolated from each other, including fire and life safety, HVAC, lighting, security, etc. Facilities contain commercial-in-confidence material and other valued assets; however, IB are integrated through open and common data communication protocols and hardware, leaving facilities exposed to external and internal threats. The study presents an investigation into IB, based on a defeat evaluation methdology. IB vulnerabilities considered two areas, namely physical and software vulnerabilties. Physical hardware vulnerabilities included physical access to the automation devices or workstations, communication networks, wiretapping, remote connectivity, foreign devices and local field programming. Software vulnerabilities included common connectivity protocols, restricted encryption and limited security considerations. These vulnerabilities could result in such attacks as denial of service, covert facilty entry or espionage. IB risks are contextual, aligned with the facility’s threat exposure; nevertheless, there are generic mitigation strategies that can be taken to protect IB systems. Protection includes situational threat driven security risk management, understanding system criticalities, integration of departments, a degree of network isolation and greater awareness.

]]> David J. Brooks http://ro.ecu.edu.au/asi/9 http://ro.ecu.edu.au/asi/9 Thu, 14 Jun 2012 00:57:18 PDT In this paper we present an in-ground intrusion detection system for security applications. Here, an optical fibre pressure switch is directly connected to a standard digital input of a programmable logic controller (PLC). This is achieved using an intensiometric detection system, where a laser diode and Fibre Bragg Grating (FBG) are optically mismatched, resulting in a static dc offset from the transmitted and reflected optical power signals. Pressure applied to the FBG, as the intruder stepped on it, induced a wavelength shift in the FBG. The wavelength shift was then converted into an intensity change as the wavelength of the FBG matched the wavelength of the laser. The change in intensity, measured by the optical detectors, resulted in a significant change in the DC offset, behaving as on optical switch. When connected to the PLC the optical pressure switch was used to drive a digital output, sounding an alarm in addition to displaying the intrusion event on the human machine interface.

]]> Gary Allwood et al. http://ro.ecu.edu.au/asi/8 http://ro.ecu.edu.au/asi/8 Wed, 02 Feb 2011 18:20:13 PST The implementation of a developmental continuum for intelligence professionals, based on a traditional competency model may be ubiquitous across the breadth of intelligence. This paper argues that specialised contextual and cultural education and training and subsequent recognition of those skills, knowledge and attributes, is an essential element in achieving organisational and individual objectives for criminal intelligence professionals. The full integration of criminal intelligence operations into police and law enforcement decision making at the tactical, operational and strategic levels is an aspirational step in achieving a multidisciplinary operational environment. The delineation of intelligence practitioners based on employment status, facilitated by the absence of specialised law enforcement training, is an impediment to organisational and individual efficiency and effectiveness. The key issues are explored through a case study of a number of state and federal law enforcement organisations within Australia and internationally. A thematic analysis identified impediments to the full integration model. Those impediments including a lack of a sense of community, lack of a sense of inclusiveness and belonging, incomplete operational and strategic alignment, deficiencies and inadequacies of skills across the full operational context and the inability to fully contribute and influence due to the reinforcement of bias and stereotype. The issue of integration whilst maintaining specialist integrity is also explored.

]]> Wayne Snell http://ro.ecu.edu.au/asi/6 http://ro.ecu.edu.au/asi/6 Wed, 02 Feb 2011 18:20:11 PST A novel methodology for solving the chemical plume tracing problem that utilizes data from a network of stationary sensors has been developed in this study. During a toxic chemical release and dispersion incident, the imperative need of first responders is to determine the physical location of the source of chemical release in the shortest possible time. However, the chemical plume that develops from the source of release may evolve into a highly complex distribution over the entire contaminated region, making chemical plume tracing one of the most challenging problems known to date. In this study, the discrete Fourier series method was applied for re-construction of the contour map representing the concentration distribution of chemical over the contaminated region based on point measurements by sensors in a pre-installed network. Particle Swarm Optimization was then applied to the re-constructed contour map to locate the position of maximal concentration. Such a methodology was found to be highly successful in solving the chemical plume tracing problem via the sensor network approach and thus closes a long-standing gap in the literature. Furthermore, the nature of the methodology is such that a visual of the entire chemical dispersion process is made available during the solution process and this can be beneficial for warning purposes and evacuation planning. In the context of such chemical release scenarios, the algorithm developed in this study is believed to be able to play an instrumental role towards national defense for any country in the world that is subjected to such threats.

]]> Eugene Jun Jie Neo et al.