AbstractElectromagnetic (EM) threats are a specialised subset of offensive threats to the confidentiality, integrity, and availability of information and to information security (INFOSEC) in general. Two broad classifications of threat types; EM interceptors (interception of compromising Radio Frequency (RF) emissions) and EM disrupters (The use of high power RF to disrupt electronics) have been considered and the technical aspects of these threats have been assessed. The technical complexity amongst other factors required to mount an EM interceptor based attack has been shown by analysis to be significant.
The hypothesis of this thesis has therefore been focussed on the development of detection and diagnostic concepts analogous to those used to defend against conventional cyber or Computer Network Attack (CNA) threats for EM disruptive attacks. EM Disrupters which have been the focus of this study are likely to have a large impact on the availability of information systems but it has been shown that the effectiveness of the threat and therefore the risk posed to INFOSEC is extremely difficult to quantify. Nonetheless, it has also been shown through analysis and discussion that the 'Low Tech' perpetrator (well funded amateur) would be likely to be capable of building an effective EM disruption system.
Whilst effective countermeasures for EM disrupters exist it is suggested that it is difficult for INFOSEC professionals to recommend their installation for risk mitigation because the risk is poorly quantified.
A series of rigorous EM susceptibility experiments were conducted on computer systems to identify susceptibility trends and to assist with understanding the risk. A prototype Electromagnetic Disruption Detection System (EMDDS) has also been designed and developed. This detector uses similar principles to cyber type Intrusion Detection Systems (IDS) and should therefore be understandable to non EM specialists. It has been shown that the EMDDS system can be used for responding to incidents and as part of a forensic evidence gathering process.
The results of this thesis have supported the hypothesis.
|Date of Award
- Computer security