Affiliation:
1. CREST - The Centre for Research on Engineering Software Technologies, The University of Adelaide, CSCRC - Cyber Security Cooperative Research Centre, Australia
2. CREST - The Centre for Research on Engineering Software Technologies, The University of Adelaide, Australia
Abstract
Command, Control, Communication, and Intelligence (C3I) systems are increasingly used in critical civil and military domains for achieving information superiority, operational efficacy, and greater situational awareness. The critical civil and military domains include, but are not limited to, battlefield, healthcare, transportation, and rescue missions. Given the sensitive nature and modernization of tactical domains, the security of C3I systems has recently become a critical concern. This is because cyber-attacks on C3I systems have catastrophic consequences including loss of human lives. Despite the increasing number of cyber-attacks on C3I systems and growing concerns about C3I systems’ security, there is a paucity of a comprehensive review to systematize the body of knowledge on the security of C3I systems. Therefore, in this article, we have gathered, analyzed, and synthesized the body of knowledge on the security of C3I systems. We have identified and reported security vulnerabilities, attack vectors, and countermeasures/defenses for C3I systems. In particular, this article has enabled us to (i) propose a taxonomy for security vulnerabilities, attack vectors, and countermeasures; (ii) interrelate attack vectors with security vulnerabilities and countermeasures; and (iii) propose future research directions for advancing the state-of-the-art on the security of C3I systems. We believe that our findings will serve as a guideline for practitioners and researchers to advance the state-of-the-practice and state-of-the-art on the security of C3I systems.
Funder
Cyber Security Research Centre Limited
Australian Government’s Cooperative Research Centres Programme
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference185 articles.
1. 2016. M2: Insecure Data Storage \(\vert\) OWASP. Open Web Application Security Project (OWASP). Retrieved from https://bit.ly/3p4eCi4.
2. 2016. OWASP TOP 10 2013: Unvalidated Redirects and Forwards - Detectify Blog. Detectify. Retrieved from https://bit.ly/3wOY3vi.
3. 2017. DATA BREACH UNDER GDPR | How threat intelligence can reduce your liabilities. Outpost24. Retrieved from https://bit.ly/3rcOB0d.
4. 2017. Top 10 2013-A7-Missing Function Level Access Control - OWASP. Open Web Application Security Project (OWASP). Retrieved from https://bit.ly/38VCWgC.
5. 2019. The $30.5B Command & Control Technologies Market in Defense Law Enforcement & Public Safety - Forecast to 2025. GlobeNewswire Inc. Retrieved from https://bit.ly/3qFovn1.
Cited by
8 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献