Key terrain in cyberspace: Seeking the high ground

Date

2014

Journal Title

Journal ISSN

Volume Title

Publisher

IEEE

Abstract

In military doctrine, key terrain refers to areas which, if seized, afford an advantage to an attacker or defender. When applied to geographic terrain, this definition is clear. Key terrain might include a hill that overlooks a valley an enemy wants to control or a crossing point over a river that must be traversed before launching an attack. By definition, dominance of key terrain is likely to decide the overall outcome of a battle. While cyber key terrain is similar to geographic key terrain in some ways, there are also significant and often counterintuitive differences. Some consider cyber terrain to be tied to a physical location and to be represented in cyberspace by routers, switches, cables, and other devices. We will argue that key terrain in cyberspace exists at all of the cyberspace planes, which include the geographic, physical, logical, cyber persona, and supervisory planes [1]. In many cases, features of cyber terrain will not be tied to a specific location, or the geographic location will be irrelevant. In this paper we deconstruct and analyze cyber key terrain, provide a generalized framework for critical analysis, and draw parallels between cyber and physical key terrain while providing examples of key terrain in cyber operations. During a cyber operation, an analysis of key terrain will aid in the strategy and tactics of both the offense and the defense. During peacetime, an understanding of cyber key terrain can be employed broadly, ranging from helping a system administrator focus scarce resources to defend his network all the way to allowing nation-state militaries to develop long-lasting and effective doctrine.

Description

Keywords

Cyberspace, Software, Kinetic theory, Hardware, Bridges, Computers, Protocols

Citation

D. Raymond, T. Cross, G. Conti and M. Nowatkowski, "Key terrain in cyberspace: Seeking the high ground," 2014 6th International Conference On Cyber Conflict (CyCon 2014), Tallinn, Estonia, 2014, pp. 287-300, doi: 10.1109/CYCON.2014.6916409.