/Introduction to the Cyber Domain

Table of Contents

Learning Outcomes [Top]

After completing these activities you should be able to:

Discussion [Top]

This course provides an introduction to the technical foundations of the cyber domain, focusing on cyber security. It is technical, hands-on, academic, and (intended to be) fun and interesting.

Why we are Studying Cyber Security

On the first day of class your instructor will define the cyber domain and discuss why cyber security (security in the cyber domain) is important. So here we will briefly address the hows and whys of studying cyber security here at USNA. The Navy recognizes the need to have employees (Officers, Enlisted Sailors, and civilians) who are familiar with the fundamentals of cyber security. To this end, the Naval Academy formulated a plan to add cyber security content to the curriculum. This course is the first step, but your exposure to cyber security will not end with your plebe year (or with your time at USNA)!

Throughout the course notes, you'll see "In the Fleet" boxes like this that describe applications of the topic at hand in the Fleet. Some of them are about big picture Fleet issues (not just 10th Fleet issues), and some of them are about things that you, as a Junior Officer, may very well have to deal with directly.
Throughout the course notes, you'll see "In the Corps" boxes like this that describe applications of the topic at hand in the Marine Corps. Some of them are about big picture Marine Corps issues (not just MARFORCYBER issues), and some of them are about things that you, as a Junior Officer, may very well have to deal with directly.
Throughout the course notes, you'll see "In the News" boxes like this that describe (and usually link to) recent stories in the news that talk directly about the topic at hand, or that start to dig a little deeper into the topic at hand.
Throughout the course notes, you'll see annotation boxes like this that give extra little bits of information about the subject covered in the notes.

What we are Studying in this Course

The cyber domain is a big field that overlaps many disciplines. The August 2009 initial report of the Dean's Cyber Warfare Ad Hoc Committee included the following:

Cyber Warfare is a somewhat unusual topic in that it involves a technical academic core of tightly inter-related subject matter, as well as a wide range of important topics that, while dependent on the technical core for fullest appreciation, are not dependent on each other. Stated another way, cyber warfare is comprised of, first, a foundational component, dealing with a set of interconnected fundamental technical concepts, and, second, a wide range of interdisciplinary topics, touching upon the areas of law, political science, strategy and tactics, policy, ethics, and the study of foreign languages and culture.

SI110 is an introduction to the technical core described in the excerpt. The material we cover is organized into three sections:

  1. Cyber Battlefield

    This portion of the course will teach you about the basic components that constitute what is generally called cyberspace. Starting with digital data, the physical computer, operating systems, and programs; and continuing with the Web, the Internet, and both wired and wireless networks.

  2. Cyber Security Tools

    There are some theoretical underpinnings to what it is we are protecting (or attacking) in the cyber domain, and how we make rational decisions about security in the cyber domain (cyber security). Additionally, there are a few broad categories of tools — firewalls, encryption, hashing, policies and procedures — that we combine in different ways to meet different security goals.

  3. Cyber Operations

    In this portion of the course we study digital forensics, cyber reconnaissance, cyber attack, and cyber defense. The last three labs actually have you and your classmates conducting cyber operations in a controlled environment — i.e. actually mapping out an opponent's network, actually performing and defending against cyber attacks.

How to Succeed In This Course

You are responsible for the material on this website. You should consult the course calendar for every class meeting. There you will find lecture notes, homework assignments, and resources.

In class you need to: bring your laptop sufficiently charged or your laptop battery charger, participate fully in discussions and activities, and pay attention during lecture. Expect that you will be able to understand the material, and when you don't, stop the instructor and ask questions. This course was designed without the need for any prior computing knowledge, beyond having used a computer before; you are capable of succeeding in this course.

Outside of class you need to:

If you are able to complete a question on an assignment on your own (without having to discuss with others, or referring to the course notes), then you have sufficient knowledge to succeed in this course.

The Cyber Domain

Aspects of the Cyber Domain

Based on your current understanding what do you think comprises the cyber domain? Based on you being here you probably agree that your laptop is a part of the cyber domain, and you are correct. But are there other aspects of the cyber domain beyond computers? The answer is yes. The cyber domain is comprised of much more than just computers connected to a network. The cyber domain also consists of physical systems connected to computers. The location of the those systems is a part of the cyber domain — is the system of interest on the USNA grounds, is the system in the U.S., is the system in Australia , is the system in Turkey, is the system in China.

There is a human factor to the cyber domain, and it is not just the geopolitical aspect of the cyber domain. We continually see that the human is the weakest link in the cyber domain. Human nature has driven many technological advances, but human nature has also been the initial attack vector in many cyber security incidents.

The cyber domain is comprised of the users (generally humans at this point) [persona], devices and software that users interact with [interface], logic used by devices and software systems [logic], circuits that provide paths for logic to flow [circuit], and location of the circuits, physical systems, and users [geographic].

The cyber domain is founded in technical principles. The cyber domain is a part of our world. We must be able to operate in cyber domain as individuals, as organizations, and as defenders of nations. As we become more interconnected we become more dependent on the cyber domain.

Persona Aspects

Persona Layer

Persona Aspects represent users that have a role (persona) in the cyber domain. At different times a single person may have multiple personas in the cyber domain. By the nature of you reading and interacting with this website you are a part of the cyber domain.

Interface Aspects

Interface Layer

Interface Aspects represent the hardware devices and software that users interact with to provide input into other components in the cyber domain. Historical interface devices included keyboards and mice, today touch screens, microphones, and even cameras are common place. In the future the interface may be long term implants inside our bodies.

Logic Aspects

Logic Layer

Logic Aspects represent the information that is stored within the information systems; i.e. the meaning of the raw data that are flowing between or stored in systems in the cyber domain.

Circuit Aspects

Circuit Layer

Circuit Aspects represent the paths that data flow across between systems or systems that store data; i.e. the raw data.

Geographic Aspects

Geographic Layer

Geographic Aspects represent the physical location of the user, system, or data paths. Geographic aspects include natural boundaries and geopolitical boundaries (borders separating human defined regions).

Interaction of Cyber Domain Aspects

Cyber Domain Aspect Interaction

In a standard layer model there are clearly defined interactions between adjacent layers, and typically a layer only interacts with the layer directly above or below it. The cyber domain is more complex than a simple layer model. In the cyber domain entities associated with one aspect can have many simultaneous interactions with adjacent aspects. Additionally, interactions can skip traditional layers and interact with non-adjacent aspects.

Furthermore the interactions between the aspects are continually changing in number of interactions, and how the interactions are occurring. The same interaction that was safe yesterday might not be safe today. None the less, we must operate in the cyber domain.

For example:

  • A user can be connected to the cyber domain via more than one interface. Society (persona aspect) defines the geopolitical boundaries that comprise geographic aspects.
  • A mode of operation may be safe today, but a vulnerability may be discovered overnight that makes the same mode of operation unsafe tomorrow.
In Jan 2015 Mr. Chris Inglis, former Deputy Director of the National Security Agency, gave a guest lecture discussing the cyber domain and its importance to military operations.

The cyber domain is too complex and large to cover all of the areas in a single course, much less all of the areas in great detail. In this course we will focus on the technical foundations from a cyber security view point. Primarily Persona Aspects, Interface Aspects, and Logic Aspects. There will be times when we discuss Circuit Aspects and Geographic Aspects, but future courses in your time at the Naval Academy will cover those aspects in greater detail.