By Dr. Sandra Adside Wright, CISSP, CAP, Engineering Solutions, Incorporated (ESi);

Member of WiCyS MAA, (ISC)2 Item Writers, ISSA-Central Maryland, MADD, and Toastmasters International

The Web of Data Sciences (WODS), pronounced as in “wads of money”, have undeniable returns on investment; yet, WODS can result in deficits to our infrastructure and financial well-being when used nefariously. According to the Census Bureau, Data Science is, “a field of study that uses scientific methods, processes, and systems to extract knowledge and insights from data”. WODS did not evolve overnight and like a well-woven spider web, an eccentric technological web is designed by interweaving offensive and defensive mechanisms continuously throughout internal and external perimeters.

A spider web as defined by Merriam-Webster is, “the network of silken thread spun by most spiders and used as a resting place and as a trap for small prey”. Such a spider web can appear to be very uncanny when its designer, a spinner or a hunter, is deceptive, obscure, and typically not far away; the same can hold true for a technical web of offensive and defensive mechanisms. We (as users) can get so wrapped up in the presentation that the behind the scenes network layering that occurs may not come to mind as a first or second thought.

While this writing discusses pieces of the Open Systems Interconnect (OSI) Model from International Standards Organization (ISO) (Figure 1), focus will primarily be on intrinsic roles against a target that reap havoc on a network from layer to layer throughout our cyber devices. We should understand the vulnerabilities that may exist in our systems, the roles we play when using cyber devices, techniques to defend our resources, and offensive mechanisms to rebuke perpetrators from layer-to-layer.

Cybersecurity & Infrastructure Security Agency (CISA) provides a definition of a Blue Team that also describes the Red and White Teams: “A group that defends an enterprise’s information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team).” A Red, White, or Blue team approach can be advantageous to manage and protect our repertoire of work and home devices that are susceptible to penetration by deceptive adversaries and thieves. This article is WODS Part I, depicting vulnerabilities of cyber devices at OSI Layers 1through 4.

The Craft of WODS

Let’s look at a few of the offensive and defensive architectural views and characterization of spider webs and WODS that affect us day and night, while at work and at play. Spider webs seem to appear out of no-where, located at commonly-used entrances, less-traveled routes, well-lit and dark areas, abandoned buildings; just about anywhere. WODS can simply be code, a program, or an application designed or used by developers, software engineers, and experts with noble intent to build resilient and reliable products that prevent vulnerabilities in a system.

Consequently, WODS can also be used by unscrupulous actors, such as script kiddies whose primary purpose is to cause system damage and data loss using existing programs.

Just think, a spider web may be one of our most inspiring natural designs (Figure 2) emulated through WODS to sniff, spoof, disguise, deny, hijack, phish, or exploit a service, device, system, network or even the World Wide Web.

According to the National Park System (NPS), the Flatties, a spider with swift turning moves and a large “field of view [can] attack [their] prey omni-directionally”. This is where the physical layout of a spider web depends on the type of spider belonging to the web. Comparatively, a system can fall prey to sniffing at OSI Layer 1, the physical layer, depending on the attack mechanism.

Wi-Fi users are very susceptible to eavesdropping applications, such as Wireshark, where hackers can intercept packets of data containing your personal and sensitive data to exploit and steal your identity. A type of WODS asset, Wireshark is an open source software packet sniffer and analyzer written in C and C++ commonly used at the OSI physical layer to capture transmissions.

Concealment of Webs and WODS

The architecture of spider webs allow spiders to conceal their appearance predicating on susceptible prey. WODS at Layer 2, the data link layer, can be used to develop attacks in the form of spoofing, a nuisance when you’re on the receiving end of an email, website, or spoofed phone number, especially those robocalls during high political events (e.g. 2016 and 2020 Presidential Elections). Here, it’s the manner an adversary or unwanted solicitor utilizes the Address Resolution Protocol (ARP) to falsify their identity and gain your trust, further leading to unwarranted solicitation and data manipulation.

In the Middle of the WODS

As spiders weave their way around their uniquely designed web, they capitalize on the silk makeup of their abode permitting them to glide across the entire web; yet, the web is viscously designed to capture prospective prey. At OSI Layer 3, the network layer, Man-in-the-Middle (MitM) attacks occur. According to the Department of Homeland Security (DHS), “[MitM] use clear-text protocols to inject the attacker into the communication stream to read user IDs and passwords and/or change the intercepted data before forwarding it.” WODS may not be readily thought of in acts of deception, interception, or injection; however, it is no laughing matter when a videoconference is upended by crude implants or indecent overlays using software code or scripts (e.g. Python scripts).

Transporting WODS

Walking through a spider web that was somehow constructed overnight can send chills down your spin, leaving you to repetitively look over your shoulder for signs of a spider for the remainder of the day. While the web itself did not prevent the continuance of your day, WODS can be used in OSI Layer 4, the transport layer, to cause a denial of service (DOS) to your connections and project unreliability in current and projected sessions. The evolution and program design of WODS assimilated in COBOL, Basic, Fortran, Oracle, JAVA, Python, and other languages, certainly can complement software defined networks to a new dimension.

Conclusion

We can stay informed, remain vigilant, and use mechanisms of a Red, White, or Blue Team concept as necessary to employ the proper WODS and perform authorized attacks on our identified resource(s). Remember, we can learn a lot from predator engineer spiders with the demand for cybersecurity using evolutionary WODS in areas of emerging technology, e.g. Big Data Analytics and Artificial Intelligence. There are numerous facets of spider webs and WODS that continue to evolve because of our environment, demands, opportunities, technological advancements, and from layer-to-layer.

Comparable to a poisonous spider bite, system attacks are often detrimental; so beware of the physical, data link, network, and transport layer of attacks that can occur in your infrastructure while at work and at play. Forthcoming will be the second part of Web of Data Sciences (WODS), Our Cyber Devices Layer-to-Layer (Part II of II), where we will socialize the attacks occurring at the top of the OSI stack, Layers 5 through 7.

References

• Cybersecurity & Infrastructure Security Agency (CISA), Home and Business, https://us-cert.cisa.gov/home-and-business
• Data Science – https://www.census.gov/topics/research/data-science.html
• Department of Homeland Security, Cyber Security Procurement Language for Control Systems, September 2009.
• Department of Transportation National Highway Traffic Safety Administration 49 CFR Part 571 [Docket No. NHTSA–2016–0126], OSI Model. Federal Register / Vol. 82, No. 8 / Thursday, January 12, 2017 / Proposed Rules. https://www.govinfo.gov/content/pkg/FR-2017-01-12/pdf/2016-31059.pdf
• NPS – https://www.nps.gov/amis/learn/nature/arachnids.htm
• Spiderweb – Definition of Spiderweb by Merriam-Webster https://www.merriam-webster.com/dictionary/spiderweb
• Wireshark –https://en.wikipedia.org/wiki/Wireshark#:~:text=Wireshark%20is%20a%20free%20and,2006%20due%20to%20trademark%20issues
• OSI Stack – Federal Register /Vol. 82, No. 8 /Thursday, January 12, 2017 / Proposed Rules, p3893.

Acronyms:

CISA              Cybersecurity & Infrastructure Security Agency

DHS                Department of Homeland Security

DOS                Denial of Service

ISSA               Information Systems Security Association

(ISC)²              International Information System Security Certification Consortium, Inc.                                                                

MADD            Mothers Against Drunk Drivers

MiTM             Man-in-the-Middle

OSI                 Open Systems Interconnect

WODS            Web of Data Sciences

WiCyS MAA Women in Cybersecurity Mid-Atlantic Affiliate