مدلی برای‌ قدرت سایبری؛ بعد پنجم قدرت ملّی

سپهرزاده, حامد

doi:10.48301/kssa.2022.339869.2083

مدلی برای‌ قدرت سایبری؛ بعد پنجم قدرت ملّی

نوع مقاله : مقاله پژوهشی (نظری)

نویسنده

حامد سپهرزاده

استادیار، استادیار، گروه مهندسی کامپیوتر، دانشگاه فنی و حرفه‌ای، تهران، ایران.

10.48301/kssa.2022.339869.2083

چکیده

استفاده از فضای سایبری در میان جوامع بسیار فراگیر شده است. با افزایش ضریب نفوذ اینترنت در ایران و جهان در حوزه‌های اجتماعی، صنعتی و بانکی و غیره، نگرانی از صدمات احتمالی نیز افزایش زیادی یافته است. تاکنون قدرت در چهار حوزه زمین، دریا، هوا و فضا مطرح می‌شد اما امروزه فضای سایبری به یکی از حوزه‌های مهم قدرت تبدیل شده است که از جهاتی بسیار با سایر حوزه‌ها متفاوت است. امروزه قدرت سایبری به یکی از مهم‌ترین دغدغه‌های تمام کشورها و یکی از مهم‌ترین موضوعات پژوهشی در حوزه مهندسی و علوم تبدیل شده است. قدرت سایبری، به‌صورت توانایی استفاده از فضای سایبری، برای اخذ نتایج و تأثیر گذاشتن در سایر محیط‌های عملیاتی تعریف میشود. در این مقاله قصد داریم به ارائه مدل مفهومی برای قدرت سایبری بپردازیم. به همین منظور، به شناسایی ابعاد کلان و مؤلفه‌های قدرت سایبری خواهیم پرداخت. در راستای این هدف، مؤلفه‌های اصلی این ابعاد شناسایی شده و در مورد مسائل و موانع موجود برای برقراری قدرت سایبری و راه‌حل آنها بحث شده است. همچنین به جنبه‌های متمایز قدرت سایبری با مفهوم قدرت در حوزه‌های مختلف پرداخته شده است. هدف اصلی در این پژوهش، بررسی ابعاد و مؤلفه‌های قدرت سایبری به‌منظور دستیابی به مدل مفهومی برای قدرت سایبری است.

کلیدواژه‌ها

فضای سایبری

نهاد سایبری

قدرت سایبری

ابعاد قدرت سایبری

مؤلفه‌های قدرت سایبری

20.1001.1.23829796.1401.19.3.23.3

موضوعات

مهندسی کامپیوتر

عنوان مقاله English

A Model for Cyber Power, the Fifth Dimension of National Power

نویسنده English

Hamed Sepehrzadeh

Assistant Professor, Department of Computer Engineering, Technical and Vocational University (TVU), Tehran, Iran.

چکیده English

The use of cyberspace has become very widespread among communities. With the increase of internet usage in Iran and worldwide in the social, industrial and banking fields, there has been an increase in fear of possible resulting harm. Until now, power was presented in four areas of land, sea, air and space, but today, cyberspace has become one of the main areas of power very distinct from other areas. Cyber power has become one of the foremost concerns in the world and one of the most researched topics in the fields of engineering and science. Cyber power is defined as the ability to use cyberspace to obtain results and make an impact in other operating environments. In this article, a conceptual model for cyber power is presented. To this end, the macro dimensions and components of cyber power were identified. In line with this goal, the main components of these dimensions were identified and the existing challenges and obstacles to establishing cyber power and their solutions were discussed. Distinctive aspects of cyber power with the concept of power in different areas were also discussed. The main purpose of this study was to investigate the dimensions and components of cyber power in order to achieve a conceptual model for cyber power.

کلیدواژه‌ها English

Cyberspace

Cyber Entity

Cyber Power

Dimensions of Cyber Power

Components of Cyber Power

[1] Kramer, F. D., Starr, S. H., & Wentz, L. K. (2009). Cyberpower and national security. Potomac Books. https://www.amazon.com/Cyberpower-National-Security-Franklin-Kramer/ dp/1597974234

[2] Movahedi Sefat, M. R. (2007). National Security in Cyberspace, Opportunities and Threats, Strategic Defense Studies. Strategic Defense Studies, 8(30), 245-276. http://ensani.ir/file /download/article/20101228093126-44.pdf

[3] Rowland, J., Rice, M., & Shenoi, S. (2014). The anatomy of a cyber power. International Journal of Critical Infrastructure Protection, 7(1), 3-11. https://doi.org/10.1016/j.ij cip.2014.01.001

[4] Rowland, J., Rice, M., & Shenoi, S. (2014). Whither cyberpower? International Journal of Critical Infrastructure Protection, 7(2), 124-137. https://doi.org/10.1016/j.ijcip.2 014.04.001

[5] Zilincik, S., Myklin, M., & Kovanda, P. (2019). Cyber power and control: a perspective from strategic theory. Journal of Cyber Policy, 4(2), 290-301. https://doi.org/10.1080/237388 71.2019.1635177

[6] Mehrabi, A. (2009). The Role of Religious Valorism in the National Security of the Islamic Republic of Iran. Hassoun, 19(1), 5-22. https://www.noormags.ir/view/en/articlepage/4 9477/5

[7] Orojloo, H., & Azgomi, M. A. (2017). A method for evaluating the consequence propagation of security attacks in cyber–physical systems. Future Generation Computer Systems, 67, 57-71. https://doi.org/10.1016/j.future.2016.07.016

[8] Colwill, C. (2009). Human factors in information security: The insider threat – Who can you trust these days? Information Security Technical Report, 14(4), 186-196. https:// doi.org/10.1016/j.istr.2010.04.004

[9] Fathianpour, F., Hendesi, F., & Ayat, S.S., . (2013, February 14). Comparison of methods for identifying the behavior of internal employees in the process of attacking computer systems. 1st payame noor university national conference on information technology & networking, Tabas Branch Payam Noor University, Iran. https://civilica.com/doc/195859/

[10] Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 973-993. https://doi.org/10.1016/j.jcss.2014.0 2.005

[11] Tourani, P., Hadavi, M. A., & Jalili, R. (2011, July 4-8). Access control enforcement on outsourced data ensuring privacy of access control policies. 2011 International Conference on High Performance Computing & Simulation, Istanbul, Turkey. https://doi.org/10 .1109/HPCSim.2011.5999865

[12] Samimi R., P., B. (2017, March 5). Examining the legal aspects of soft war in cyber space. National Conference of passive defense in the realm of cyberspace, Maragheh, Iran. http s://civilica.com/doc/649521/

[13] Huang, X., Lu, Y., Li, D., & Ma, M. (2018). A Novel Mechanism for Fast Detection of Transformed Data Leakage. IEEE Access, 6, 35926-35936. https://doi.org/10.1109/ ACCESS.2018.2851228

[14] Krombholz, K., Hobel, H., Huber, M., & Weippl, E. (2015). Advanced social engineering attacks. Journal of Information Security and Applications, 22, 113-122. https://doi.org/1 0.1016/j.jisa.2014.09.005

[15] Tounsi, W., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & Security, 72, 212-233. https://doi.org/10.1 016/j.cose.2017.09.001

[16] Dor, D., & Elovici, Y. (2016). A model of the information security investment decision-making process. Computers & Security, 63, 1-13. https://doi.org/10.1016/j.cose.201 6.09.006

[17] Nosratabadi, J., Lashkarian, H., Mardani, M., & Movahhedi, M. (2019). Presenting a Critical Assessment Model for the Armed Forces of the Islamic Republic of Iran. National Security, 9(31), 173-198. https://ns.sndu.ac.ir/article_480.html?lang=en

[18] Prier, J. (2017). Commanding the trend: Social media as information warfare. Strategic Studies Quarterly, 11(4), 50-85. https://www.proquest.com/docview/1972152688

[19] Bowman, C. (2021). What Are the Predictors of Cyber Power [Bachelor, James Madison]. Harrisonburg, Virginia. https://commons.lib.jmu.edu/cgi/viewcontent.cgi?article=1135 &context=honors202029

[20] Sepehrzadeh, H. (2022). A Method for Assessing the Security Risk in Cyber-Physical Systems with Incomplete Information Using Bayesian Game Theory. Karafan Quarterly Scientific Journal, 19(1), 495-521. https://doi.org/10.48301/kssa.2022.320681.1909

[21] Starr, S. H. (2009). Towards an evolving theory of cyberpower. In C. Czosseck & K. Geers (Eds.), The Virtual Battlefield: Perspectives on Cyber Warfare. IOS Press. https://doi.org/1 0.3233/978-1-60750-060-5-18

[22] Ghoodsi, A. (2014). The Impact of Cyberspace on the National Security of I.R. of Iran and Providing an Approach. Quarterly Defens Strategy, 11(44), 149-186. https://ww w.magiran.com/paper/1242759

[23] Solani, R., & Das, M.L. (2021). iCOPS: insider attack detection in distributed file systems. International Journal of Social Computing and Cyber-Physical Systems, 2(3), 244-255. https://doi.org/10.1504/ijsccps.2021.117972

[24] Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers & Security, 66, 40-51. https://doi.org/10.1016/ j.cose.2017.01.004

[25] Hadlington, L. (2021). The “Human Factor” in Cybersecurity: Exploring the Accidental Insider. In Research Anthology on Artificial Intelligence Applications in Security. IGI Global. https://doi.org/10.4018/978-1-7998-7705-9.ch087

[26] Salahdine, F., & Kaabouch, N. (2019). Social Engineering Attacks: A Survey. Future Internet, 11(4), 1-17. https://doi.org/10.3390/fi11040089

[27] Hu, F., Lu, Y., Vasilakos, A. V., Hao, Q., Ma, R., Patil, Y., Zhang, T., Lu, J., Li, X., & Xiong, N. N. (2016). Robust Cyber–Physical Systems: Concept, models, and implementation. Future Generation Computer Systems, 56(1), 449-475. https://doi.org/10.1016/j.future.2 015.06.006

[28] Jordan, T. (1999). Cyberpower: The culture and politics of cyberspace and the Internet. Routledge. https://www.amazon.com/Cyberpower-culture-politics-cyberspace-Inte rnet/dp/0415170788

[29] Tsigkanos, C., Pasquale, L., Ghezzi, C., & Nuseibeh, B. (2018). On the Interplay Between Cyber and Physical Spaces for Adaptive Security. IEEE Transactions on Dependable and Secure Computing, 15(3), 466-480. https://doi.org/10.1109/TDSC.2016.2599880

[30] Krotofil, M., Cárdenas, A., Larsen, J., & Gollmann, D. (2014). Vulnerabilities of cyber-physical systems to stale data—Determining the optimal time to launch attacks. International Journal of Critical Infrastructure Protection, 7(4), 213-232. https://do i.org/10.1016/j.ijcip.2014.10.003

[31] Krotofil, M., & Cárdenas, A. A. (2013). Resilience of Process Control Systems to Cyber-Physical Attacks. In Secure IT Systems. Springer Berlin Heidelberg. https://doi.org/ 10.1007/978-3-642-41488-6_12

[32] Schellekens, M. (2016). Car hacking: Navigating the regulatory landscape. Computer Law & Security Review, 32(2), 307-315. https://doi.org/10.1016/j.clsr.2015.12.019

[33] Ashibani, Y., & Mahmoud, Q. H. (2017). Cyber physical systems security: Analysis, challenges and solutions. Computers & Security, 68, 81-97. https://doi.org/10.1016/j.cose.2017.04.00 5

[34] Hoehn, A., & Zhang, P. (2016, July 6-8). Detection of covert attacks and zero dynamics attacks in cyber-physical systems. 2016 American Control Conference, Boston, Massachusetts, USA. https://doi.org/10.1109/ACC.2016.7524932

[35] Rajamanickam, S., Ramasubramanian, N., & Vollala, S. (2022). Insider Attack Prevention using Multifactor Authentication Protocols - A Survey. In Applied Information Processing Systems. Springer Singapore. https://doi.org/10.1007/978-981-16-2008-9_32