Volume 14, Number 3, November 2011
Defining Responsibilites For Tactical Miltary Cyber Deception Operations
- * School of Engineering and Information Technology, University of New South Wales, Australian Defence Force Academy, Northcott Drive, CANBERRA ACT 2600.
Abstract
An adversary land force that invades sovereign territory should be shaped and delayed using coordinated and synchronised deceptions, working in concert with other obstacles as part of a defence-in-depth strategy. There should be no difference in this approach to the conduct of defensive operations in cyberspace. While there is academic literature on the benefits of employing cyber deception, there is no clear policy or process for how this capability could be leveraged at the tactical level within the Australian or US military. This paper describes a set of responsibilities for each of the information operations, intelligence, and communications planners within a tactical headquarters in order to deliver a coordinated cyber deception capability.
Miltary deception
“It is well to hurt the enemy by deceit, by raids or by hunger and never be enticed into a pitched battle, which is a demonstration more of luck than of bravery” [1].
The word deception originates from the Latin ‘deceptus’, “to deceive”, or “to ensnare and capture” [2]. Humans are susceptible to deception because our sensors can only collect, and our brain can only process, part of the spectra of available information [3]. A person’s prior knowledge and emotions influence the events that are noted and how they are interpreted [4] which can create the conditions for deception [5]. Humans are vulnerable to misperceive random events and misinterpret incomplete or unrepresentative data [6]. People can be prone to deception because it is a rare occurrence [7]. Moreover, natural human reasoning mechanisms naturally draw the erroneous conclusion that effects resemble their causes [8].
The US military defines deception as “those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission” [9]. The implication is that, in order to achieve success, a deception needs to not only be able to convince the adversary, but make them act. Moreover, the deception activity should be linked to the accomplishment of the overall mission.
Deception can make the enemy concentrate forces in the wrong place [10]. In World War II, Operation Fortitude successfully delayed the reinforcement of German military forces at Normandy, by inducing the belief that the Allied forces would land at Pas de Calais, through the use of physical dummies, German agents, and controlled leaks [11].
Deception operations could cause the adversary to misallocate personnel, fiscal, and material resources by over-committing to unimportant activities or non-existent targets [10]. For example, during World War II the British tricked the German Air Force into attacking non-existent airfields and factories by setting up phoney targets and interfering with the German electronic navigational aids. [12]
Deception creates an opportunity for surprise and can catch the opponent off-guard and unprepared for action when it occurs [10]. Having been heavily defeated by the Israelis in 1956 and 1967, the main obstacle impeding another attack by Egypt on the occupied Sinai was the Suez Canal, kept under constant surveillance by the Israelis. Prior to the conflict, the Egyptians conducted approximately forty major exercises involving crossing water. By constant repetition the Egyptians succeeded in persuading the Israelis that these were harmless training exercises. The Egyptian attack across the Suez Canal in October 1973 was a complete surprise [13].
Defending computer networks using deception
“By now it is widely accepted that, among other denizens of the Internet, lurk crackers. For whatever reason, these folk enjoy breaking into various computer systems… Our approach to this is two fold. First, most machines are not directly connected to the Internet, we employ an application level gateways and proxy servers. Second, we employ a variety of monitors and phony daemons. Instead of providing services useful to both legitimate users and crackers, these log the request and initiate counter-intelligence strategies to learn something about the source of the attack” [14].
The use of deception in the defence of computer networks was first described in [14]. Examples of deception-based information system defences include concealed services, feeding false information, isolated sub-file-system areas, noise injection, path diversity, perception management, re-routing attacks, retaining confidentiality of security status information, spread spectrum, and traps (such as Honeypots) [24].
Honeypots are systems designed to appear as fully functioning elements of the infrastructure, placed at an appropriate location on the network where all inbound and outbound traffic is captured and monitored [16]. The honeypot provides a secure and controlled environment to allow attackers to access them which, if employed correctly in a computer network, can lead to the discovery of an attacker’s movements and allow the network to be secured against the attacker’s next offensive move and strategies [17].
Gerwehr, Rothenberg, and Anderson [18] examined possible cyber deception mission objectives including: (1) shielding assets from attackers, (2) diverting attention away from critical assets, (3) the induction of noise or uncertainty, and (4) profiling identity, capabilities, and intent by creation of opportunity and observation of action. Gerwehr, Weissler, Medby, Anderson, and Rothenberg [19] extended these results with a set of experiments of effectiveness of deception against sample forces. They concluded that deception is effective in protecting against cyber attack and to help gather data about enemy reconnaissance.
Responsibilities for tactical computer deception operations
“All warfare is based on deception. Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near” [20]
Recent technological advances have led to an increased dependence upon information systems to conduct military operations. At the strategic level, the 2006 Quadrennial Defense Review recommended that the US Department of Defense develop a capability to shape and defend cyberspace, in response the development of offensive computer network capability by other nations [21]. This led to the creation of a Cyber Command (USCYBERCOM). In 2009, The Australian Government also released a Cyber Security Strategy highlighting the importance of protecting national information and communications technologies [22]. In the same year the Defence White Paper outlined the government’s intent to establish a Cyber Security Operations Centre within the Defence Signals Directorate [23].
At the tactical level, personnel within the US and Australian military headquarters manage conflict in cyberspace. Three primary functional areas within the headquarters are responsible for cyber deception: (1) the Intelligence Cell, (2) the Information Operations (IO) Cell, and (3) the Communications Cell (see Figure 1). The challenges of delivering a successful cyber deception operation that are experienced by this division of responsibilities are discussed in turn.

The intelligence cell
The Intelligence Cell provides the commander and staff with constant assessments on the adversary’s capabilities and intentions. The Intelligence Cell relies on information from reports such as the interception of adversary communications.
The Intelligence Cell supports conventional (physical rather than cyber) deception operations by: (1) assisting the commander and staff in gaining insights into the adversary, and the adversary’s capability to process, filter, and evaluate the situation, (2) providing assessments on the adversary’s vulnerabilities to the deception, (3) providing assessments on the adversary’s probable acceptance of the deception story, and (4) monitoring information and reports about the adversary’s actions [24].
While the Intelligence Cell is capable of supporting conventional deception operations, there are a number of challenges with providing similar support to cyber deceptions: (1) the total absence of cyber intelligence doctrine, (2) the requirement to analyse threat actors that reside outside of the geographic region monitored in order to support the current physical military operation, due to the connectivity of cyberspace, (3) the large number of actors in cyberspace that require monitoring, due to the proliferation of effective hacking techniques and tools, (4) the requirement to monitor internal threats, in addition to external threats, and (5) the lack of a dedicated computer security intelligence employment category within the US and Australian military and the difficulty of developing networking and programming skills in traditional intelligence analysts.
The information operations cell
The IO Cell is responsible for the conduct of psychological operations, Electronic Warfare (EW), military deception, Computer Network Operations (CNO) and operational security to influence, disrupt, corrupt, or usurp adversarial human and automated decision making while protecting friendly decision making [25]. A simplified description of each capability is provided in Figure 2.

Joint Publication 3-13-4 [9] provides the US doctrine for the planning and execution of military deception at the tactical level. As illustrated in Figure 2, the IO Cell is responsible for planning all conventional deception operations. These responsibilities include implementation, supervision and closure of each deception activity.
US doctrine [27] requires that all operational plans make “full use of ambiguity and deception”, however, the concept and conduct of cyber deception is absent from US and Australian military doctrine. While military deception techniques have transitioned to the commercial computer security field [28], there is no evidence of the adoption of traditional deception techniques from the conventional physical military domains (land, air and sea) to the new cyber battlespace.
Joint Publication 3-13 [25] assigns the IO Cell responsibility for Computer Network Operations (CNO). CNO is divided into three principal categories: (1) Computer Network Attack (CNA), (2) Computer Network Exploitation (CNE), and (3) Computer Network Defence (CND). An illustration of the three elements of CNO is provided in Figure 3.

While it would seem the co-location of responsibilities of deception and CNO within the same operational cell (IO) should assure the successful delivery of cyber deception, there are several noted limitations to the IO Cell managing cyber deception activities: (1) lack of cyber deception doctrine, (2) lack of sufficient personnel with the technical skills to understand cyber operations, in particular essential networking and programming skills, (3) the difficulty of introducing new techniques in the absence of experience in cyber warfare, (4) lack of awareness of the benefits of employing deception in cyberspace, and (5) inability to monitor the dynamic, friendly networking environment [24].
Similar to the challenges faced in the Intelligence Cell, the IO Cell is not usually staffed with personnel with programming and networking experience, sufficient to develop and coordinate complex cyber deceptions, such as deploying honeypots, interpreting computer traffic and analysing computer software. Current skill shortages are unlikely to alleviate this limitation in the short term.
The latter limitation from the above list is also critical - most military forces have the capability to monitor physical force health and disposition, (due largely to the proliferation of Global Positioning System technologies), however many military forces do not have a simple situational awareness system that displays the location and state of computer network hosts and unauthorised activities to a non-technical person. Without knowledge of the friendly force dispositions in cyberspace it would be difficult to develop and monitor deception activities.
The communications cell
The Communications Cell is responsible for the delivery of radio communications and information technology to support the military operation. The Communications Cell typically contains the most experienced networking and computer specialists within the military force.
While the conduct of offensive cyber operations appears to be clearly the responsibility of the IO Cell, it is not as clear as to whom is responsible for the conduct of activities to defend computer networks. The IO Cell is doctrinally responsible for CND. CND is defined as those “actions taken via computer networks to protect, monitor, analyse, detect and respond to network attacks, intrusions, disruptions or other unauthorised actions that would compromise or cripple defence information systems and networks” [31]. The definition of CND clearly overlaps a key Communications Cell responsibility of delivering Information Assurance (IA) —“the practice of managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes” [32]. This duplication of roles can introduce confusion when the topic of cyber deception responsibilities is discussed and can result in limited cyber resources split between cells.
It is also surprising that while the military has detailed strategies, planning processes and principles for conventional defence, little of this knowledge appears to have translated across to IA. In particular, there is a total absence of guidance on the employment of deception to protect friendly cyber assets. Deception activities, in US communications doctrine, are only discussed in relationship to supporting conventional air, land and sea operations; references to deception operations in Australian doctrine for command, control, communications and computer systems support to joint operations [29 and 30] are limited to the development of false radio networks to support conventional IO campaigns and to analyse the physical terrain to take advantage of observable cover and concealment. There is no discussion of cyber deception, such as the employment of dummy computer networks, the concealment of critical servers, or the use of unexpected computer network traffic ports to confuse the attacker.
Defining a new set of responsibilites for defensive military cyber deception operations
Extant Australian and US military doctrine assigns the role of delivering offensive cyber operations, including deception to the IO Cell (see Figure 4). On-going research into the conduct of cyber deception in the tactical environment suggests that this assignment should remain unchanged. The IO Cell appears the only body within the headquarters that has the capability to conduct offensive actions and the potential to deliver a successful offensive cyber deception campaign; the Intelligence Cell does not have the ability to coordinate offensive actions and the Communications Cell is focused on the delivery and protection of friendly radio and computer networks.

In contrast, the Communications Cell appears most likely to undertake the coordination of cyber defence, in a tactical environment, due to: (1) an understanding of the technologies involved (2) an understanding of the threat (3) access to personnel with networking and programming experience, and (4) the ability to coordinate deception defences with other traditional IA activities, such as auditing, firewalls, and host and network based cyber sensors. The Communications Cell alone is unlikely to have the expertise to neither conduct deception operations, nor understand the adversary’s capabilities and intent and would require the support from the IO and Intelligence Cells (see Figure 5).

It is proposed that the Communications Cell should have the following defensive cyber deception responsibilities: (1) assess the CND mission and consider the use of deception to defend cyber assets—both internal and external threat actors should be considered, (2) task IA staff to evaluate the utility of deception against each evaluated threat actor—unlike conventional operations there may be multiple threat actors that could present a risk to the provision of secure and stable information services, (3) if deception appears feasible (it may be infeasible due to lack of time or resources), prioritise the targets and for each target state the tentative deception objective, (4) ensure the deception effort is coordinated through the IO cell with all other deception efforts, (5) allocate resources to ensure successful execution, (6) provide situational awareness of friendly activities within cyber space to the Intelligence and IO cells in order to allow accurate assessment of the adversary response, and (7) when required, seek higher approval for employment of cyber deception within those organisations responsible for strategic CNO.
The Intelligence Cell’s role in cyber deception should not vary greatly from the support provided to the conduct of conventional deception operations. Support may be limited by the technical capabilities of the intelligence personnel and identification of the source of the attack—given that most attacks will reveal only the last Internet Protocol address rather than the true origin or adversary. Regardless of the limitations, the Intelligence Cell provides the skills, experience and access to classified resources to assess the adversary. It is proposed that the Intelligence Cell responsibilities for defensive cyber deception should include: (1) assist the Communications Cell in gaining insights into the adversary, and the adversary’s capability to process, filter, and evaluate the friendly situation, (2) assist the Communications Cell in assessing the adversary’s vulnerabilities to cyber deception, (3) assist the Communications Cell to develop assessments on adversary targets, sensors, probable courses of action, acceptance of the deception story, and measurements of deception effectiveness, and (4) support the Communications Cell to develop assessments, and provide continual feedback of the deception based on the situational awareness provided to the Intelligence Cell. Delivery of these outcomes is likely to require analysts that have experience in cyber intelligence. Where dedicated cyber analysts are not available, the Intelligence Cell can still provide guidance to the Communications Cell on the adversary, based on the intelligence principles and processes used to support the physical domains.
Finally the IO Cell contains the expertise on deception in the tactical headquarters and should provide advice to the Communications Cell to ensure that any deception effort is developed using basic deception principles. It is proposed that the IO Cell should support the Communications Cell to: (1) ensure the deception aligns with the overall military mission, (2) create the deception objective, story, and plan, (3) plan the deception effort, (4) create measurable assessment criteria, and (5) determine when to terminate the deception effort.
While the current experience and resources to implement cyber deception is limited, Australian and US militaries should consider trialling the introduction of a cyber deception capability. Mel’nikov [38] stated “deception cannot succeed in wartime without developing theory and doctrine in peacetime. Preparation of assets must likewise start in peacetime and be continuous.” He also reinforced the importance of preparation to develop the deception concepts and insisted that planners understand the likely response times and effects. Only through exercising and practicing deception can proficiency in the field develop. As a starting point, conventional military doctrine should be adopted for the cyber battlespace. Research is on-going to review conventional defence and deception processes, and where possible adapt these to cyber operations. For example, the deception planning process first proposed by Whaley [33] and employed by the US Joint Publication 3-13-4 [9].
Challenges of implementing military cyber deception operations
Most militaries do not have a mature cyber capability that allows deception planners to monitor the disposition of friendly forces and identify and locate unauthorised network activities. Development of an initial capability to adopt traditional deception processes in the cyber battlespace is likely to require additional personnel and resources are likely to be required to implement these capabilities. Identifying these additional resources is challenging in the current environment.
Currently, the greatest likely point of divergence between the conventional deception in the physical domains and the cyber battlespace, is the requirement for the cyber deception planners to account for many different adversaries of various capabilities, intents and sophistication. In conventional land operations the adversary is clearly identifiable and his approximate location and direction is known. The successful conduct of cyber defensive operations requires the ability to manage threat actors that are external and internal to the networks. The Verizon Data Breach Investigations Report 2010 [34] states that current or former employees pose a credible cyber security threat. Regardless of the threat situation in the physical domains, cyberspace conflict is likely to be more akin to asymmetric warfare [35], where the complex computer network infrastructure is vulnerable to attack from all directions from an agile and technically savvy adversary with access to the system. Cyber defenders need to be prepared to orientate defences to protect against a range of threat actors, including insiders.
The development of decision support systems that collect and store operational data to provide situational awareness may reduce the chances of a successful deception. An adversary may gain access to a friendly decision support system, which may allow the adversary to easily distinguish deception activities from the real. The alternative is to publish deception assets as real on the situational awareness systems and risk creating confusion within friendly headquarters staff.
Gerwehr, Weissler, Medby, Anderson, and Rothenberg [28] hypothesised that deception is only possible if the target has the freedom to act. Deception has utility only if the target takes or refrains from some action that the deceiver can exploit. While a friendly force may employ false but seemingly important computer hosts in the attempt to delay a cyber adversary, creating the false computers would be an academic exercise if the adversary was employing automated software that could not be controlled once it was lodged on the friendly network. Ultimately, the deception is only worth undertaking if there is a chance that it is able to influence the outcome.
Aside from the challenges to communicate a message to the target and for that message to be understood and acted on in a cyber battlefield, the deceiver requires quality observation for sequencing, and to determine if enemy has fallen for the deception, or is pretending to do so [4]. Monitoring cyber activity can also be difficult in tactical environments where bandwidth limitations prevent the centralisation of event log data and network traffic capture. Moreover, the available space and power within mobile military communications nodes places limitations on the processing and storage capacity of network sensors.
Another limitation on deception is the capacity and resources of the deceiver. Dewar [37] argued that the degree of sophistication required to make a ploy successful is directly related to the length of time that the ploy has to be sustained. Cohen [36] elaborated on Dewar [37] stating that non-trivial deceptions involve complex sequences of acts, which need the development of optional branches based on feedback attained from the target. As the set of possible eventualities expands there will be a point where the time required to address the possible outcomes would exceed the available resources, and greater risk of deception failure must be accepted.
The requirement to consider legislation is crucial prior to the employment of deception. US Joint Publication 3-58 [39] states that US military forces may employ deception (whether administrative, physical, or technical) against hostile forces with legal impunity, however it is contrary to US policy to deliberately misinform or mislead the US public or US decision makers. This may limit the use of deception against cyber insider threats, either those directly or indirectly targeted.
In addition, it is illegal for US forces to employ deceptions that contravene the law of armed conflict. For instance feigning surrender, using an ambulance to carry armed combatants, weapons, or ammunition and the use in actual combat of false, deceptive, or neutral flags, insignia, or uniforms. Perfidious acts are prohibited because they undermine the effectiveness of protective signs and jeopardise the safety of civilians and non-combatants. Advice will be needed to understand if these laws prevent the employment of cyber deception to present false identifications or employ critical national infrastructure to deliver an effect. In addition, consideration is required before targeting of neutral, external network hosts, and the spillage of any cyber attack (virus) on to an unintended target. Collateral damage can also occur if a compromised honeypot is used to launch an attack external to the military network (Internet or Coalition network).
Conclusion
Deception is a cornerstone of military operations. While deception activities have been adopted from conventional military operations to protect commercial computer networks, there is little evidence to suggest any cross-pollination of conventional military deception in the cyber battlespace.
Military deception planning processes and principles designed for conventional operations should translate effectively to the challenges and scenarios faced in military cyberspace operations. For example, the planning procedures described in the US Joint Publication 3-13-4 [9] should be adopted and employed in the cyber battlespace as well as conventional environments.
It is proposed that successful cyber deception can only be achieved through coordination between cells within tactical headquarters. Cyber deception in support for offensive activities should continue to be the responsibility of the IO Cell, with support from the Intelligence and Communications Cells, however, cyber deception in the defence of computer networks is best achieved if led by the Communications Cell, and supported by the Intelligence and IO Cells due to: (1) an understanding of the technologies involved (2) an understanding of the cyber threat (3) access to personnel with networking and programming experience, and (4) the ability to coordinate with other IA activities.
In addition, communication managers should conduct operational cyber warfare planning, and consider the adversary, as they would in the air, land and sea domains, rather than simply develop communications plans to support physical manoeuvre. On-going research will assess if these assertions are correct.
There are a number of challenges to delivering an effective deception campaign, however wider discussion and employment of the capability on exercises will help develop solutions to these problems.
References
[1] G.T. Dennis, Maurice’s Strategikon: Handbook of Byzantine Military Strategy, Philadelphia, PA: University of Pennsylvania Press, 1984.
[2] American Heritage Dictionary, Highton Mifflin, 2006.
[3] H.E Hinton, “Natural Deception”, R.I. Gregory and E.H Gombrich (eds) Illusion in Nature and Art, New York: Scribner’s, 1973, pp. 97–160.
[4] R. Heuer, “Cognitive Factors in Deception and Counterdeception”, in D. Daniel and K. Herbig (eds), Strategic Military Deception, Pergamon Press, 1982.
[5] C.K. West, The Social and Psychological Distortion of Information, Chicago: Nelson-Hall, 1981.
[6] F.J. Stech and C. Elasser, “Deception Detection by Analysis of Competing Hypotheses”, Proceedings of the 2005 International Conference on Intelligence Analysis, 2005.
[7] R.K. Guy, “The Strong Law of Small Numbers”, American Mathematical Monthly 95, October 1988 (8), pp. 697–712.
[8] T. Gilovich, How We Know What Isn’t So: The Fallibility of Human Reason in Everyday Life, NY: Free Press, 1991.
[9] US Joint Publication 3-13-4, Military Deception.
[10] C. Von Clausewitz, On War, edited and translated by Michael Howard and Peter Paret, Princeton Princeton NJ: University Press, 1976.
[11] J.B. Perroni, Jr., Operational Deception: The Key to Victory, US Naval War College, 1984.
[12] M. Howard, Strategic Deception in the Second World War, Pimlico: London. 1992.
[13] M. Handel, Perception, Deception, and Surprise: The Case of the Yom Kippur War, Volume 19 of Jerusalem Papers on Peace Problems, Hebrew University of Jerusalem, Leonard Davis Institute for International Relations, 1976.
[14] S. Bellovin, “There be Dragons”, Proceedings of the Third Usenix UNIX Security Symposium, Baltimore, September 1992.
[15] W. Tirenin and D. Faatz, “A Concept for Strategic Cyber Defense”, Military Communications Conference Proceedings, 1999, MILCOM 1999, pp. 458–463.
[16] N. Gupta, Improving the Effectiveness of Deceptive Honeynets Through an Empirical Learning Approach, 2003.
[17] L. Spitzner, Honeypots—Tracking Hackers, Indianapolis, IN: Addison-Wesley, 2003, pp. 242–261.
[18] S. Gerwehr, J. Rothenberg, and R.H. Anderson, An Arsenal of Deceptions for INFOSEC (OUO), PM-1167-NSA, RAND National Defense Research Institute Project Memorandum, October 1999.
[19] S. Gerwehr, R. Weissler, J. Medby, R.H. Anderson, and J. Rothenberg, Employing Deception in Information Systems to Thwart Adversary Reconnaissance-Phase Activities (OUO), PM-1124-NSA0, RAND National Defense Research Institute, November 2000.
[20] Sun Tzu, The Art of War, from R. Cantrell. Understanding Sun Tzu on the Art of War, Center for Advantage, Arlington, 2003.
[21] Quadrennial Defense Review 2006 (Washington D.C.: Secretary of Defense, 2006), p. 32.
[22] Australian Government, Cyber Security Strategy, November 2009, p.5.
[23] Australian Department of Defence, Australian Defence Whitepaper, 2009
[24] Australian Department of Defence, Computer Network Defence Post Activity Report, Talisman Sabre 2009.
[25] US Joint Publication 3-13, Joint Doctrine for Information Operations, 2006.
[26] D.C. Daniel, and K.L. Herbig, “Propositions on Military Deception”, in J. Gooch and A. Perlmutter (eds), Military Deception and Strategic Surprise, Frank Cass, 1982.
[27] US Joint Publication 5-0, Joint Operation Planning, 1995.
[28] Moore, Kewley, Williams, Snyder, Parks and Tinnel, “The Information Battlespace Preparation Experiment”, Proceedings of the DARPA Information Survivability Conference and Exposition, 2001.
[29] Australian Defence Force Publication 6-0.
[30] Australian Defence Force Signals Planning Process.
[31] US Joint Publication 1-02, DOD Dictionary of Military and Associated Terms, 8 November 2010.
[32] US Joint Publication 6-0, Joint Communications System, 1995.
[33] B. Whaley, “Towards a General Theory of Deception”, in J. Gooch and A. Perlmutter (eds), Military Deception and Strategic Surprise, Frank Cass, 1982.
[34] Verizon Data Breach Investigations Report 2010, http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf accessed at 6th June 2011.
[35] A.J.R. Mack, “Why Big Nations Lose Small Wars: The Politics of Asymmetric. Conflict,” World Politics, Vol. 27, No. 2, January 1975, pp. 175–200
[36] F. Cohen, D. Lambert, C. Preston, N. Berry, C. Stewart, and E. Thomas, “A Framework for Deception”, Computers and Security, 2001
[37] M. Dewar, The Art of Deception, David and Charles Military Books, 1989.
[38] P. Mel’nikov, “Operatihnmaya Maskirovka [Operational Deception]”, Voyenno Istoricheskil Ztumal [Military History Journal], April 1982, pp. 18–26.
[39] US Joint Publication 3-58, Joint Doctrine for Military Deception, 1996.
Ben Whitham has nearly twenty years experience in Information Operations, primarily specialising in communications and cyber security. He is currently a Director of M5 Network Security and a student of the Australian Defence Force Academy. He is contactable on +612 6195 1803 (phone) and +61 1300 6793 586 (fax) or ben.whitham@m5netsec.com.au (email).
