Understanding the Human Dimension of Cyber Security


 Indian Journal of Criminology & Criminalistics (ISSN 0970 - 4345), Vol .34 No. 1 Jan- June,2015, p.141-152
Indian Journal of Criminology & Criminalistics (ISSN 0970 – 4345), Vol .34 No. 1 Jan- June,2015, p.141-152

Sandeep Mittal, I.P.S.,*



It is globally realized that humans are the weakest link in cyber security to the extent that the dictum ‘users are the enemy’ has been debated over about two decades to understand the behavior of the user while dealing with cyber security issues.Attempts have been made to identify the user behavior through various theories in criminology to understand the motive and opportunities available to the user while he interacts with the computer system. In this article, the available literature on interaction of user with the computer system has been analyzed and an integrated model for user behavior in information system security has been proposed by the author. This integrated model could be used to devise a strategy to improve user’s behaviour by strengthening the factors that have a positive impact and reducing the factors that have a negative impact on information system security.


Most of the system security organizations work on the premise that the human factor is the weakest link in the security of computer systems, yet not much research has hitherto been undertaken to explore the scientific basis of these presumptions. The interaction between computers and humans is not a simple mechanism but is instead a complex interplay of social, psychological, technical and environmental factors operating in a continuum of organizational externality and internality.1 This article tries to examine various aspects of interaction between humans and computers with particular reference to the ‘users’.The taxonomy adopted for understanding who is actually a user is based on the available literature.

read ful article

Perspectives in Cyber Security, the future of cyber malware


Published in The  Indian Journal of Criminology (ISSN 0974 - 7249), Vol .41 (1) & (2), Jan. & July,2013
Published in The Indian Journal of Criminology (ISSN 0974 – 7249), Vol .41 (1) & (2), Jan. & July,2013

Sandeep Mittal, I.P.S.


The term ‘Malware’ has become a fashionable word to throw around now days. However, it should not be thought of something very sophisticated only. In this paper, we would give a brief definition and description of the term ‘malware’ and the related concepts including the evolutionary and historical time line. The concept of the future of ‘malware’ would be dealt with from four perspectives which may be dependent upon one another at least at some point in space and time. The first being the ‘malware design’ as the malware experts are using increasingly complex designs, taking the ‘malware’, to the scale of ‘war- grade- weapon’ in the recent past. The second important perspective is the ‘terrain’ of the cyber domain where the malware operates or is deployed. The third important perspective would be the ‘technologies’ that are used to detect these malware. As the malware are becoming ‘multiplatform’ and complex, the technologies have to keep pace with the evolution of malware. However, it is made clear at the outset that this paper deals only with the basics of issues raised and technical details have been kept to the minimum, being beyond the scope of present work.

read ful article

The Issues in Cyber-Defence and Cyber-Forensics of the SCADA Systems


Jan.- March, 2015, vol. LXII.1,
Jan.- March, 2015, vol. LXII.1, PP. 29- 41.

Sandeep Mittal, I.P.S.


As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.


read ful article

Risks and Opportunities provided by Cyber Domain and Policy-needs to address the Cyber Defense


Sandeep Mittal, I.P.S.

The term ‘Cyber Domain’ has been used widely by various experts, sometimes interchangeably with ‘Cyber Space’, to imply – “the global domain within the information environment that encompasses the interdependent networks of information technology infrastructures, including the internet and telecommunication networks” (Camillo & Miranda, 2011). Today it has become “the fifth domain of warfare after land, sea, air and space and its a challenge to have a common definition of cyber Domain” but for the purpose of this essay the definition given above would suffice. Any entity, whether it is a Nation State or an Enterprise, who operates in cyber domain need to maintain confidentiality, integrity and availability of its deployed resources. The dynamics of cyber domain is complex and complicated in time and space. The humans, machines, things and their interaction is evolving continuously to pose risks and opportunities in the cyber domain. The risk to someone becomes opportunity for the other. In this essay, the ‘risks presented by’ and ‘opportunities available in’ the cyber Domain would be identified, discussed and analyzed to consider key strategic policy elements to defend the cyber domain.

read ful article



A Strategic Roadmap for Prevention of Drug Trafficking through Internet

The Indian Journal of Criminology and Criminalistics( ISSN 09704345), July- Dec., 2012,Volume XXXIII, NO.2, pp: 86- 95.
The Indian Journal of Criminology and Criminalistics( ISSN 09704345),
July- Dec., 2012,Volume XXXIII, NO.2, pp: 86- 95.

Sandeep Mittal, I.P.S.


The ‘World Wide Web (WWW)’ or popularly known as the ‘Internet’ has become an essential part of our professional and personal lives. It has revolutionized communication and trade beyond the control of National and International borders. Therefore, the prevention of trafficking of drugs through World Wide Web is the emerging evil and remains a global challenge for Law Enforcement Agencies. The problem of understanding ‘Trafficking of Drugs through Internet’ has been compared with the problem of elephant and the five blind men.

A Typical modus operandi of drug trafficking through internet and operation of Internet Pharmacies has been identified on the basis of Indian case -studies. Based on the Indian experience, a Strategic Roadmap for prevention of drug trafficking through Internet has been prepared. The obstacles to the implementation of Strategic Roadmap have been identified and solutions proposed within the existing system of Criminal Justice Administration. Finally, the process of evaluation of the proposed Strategic Plan has been proposed by author.

read ful article


Proceedings of XXXII All India Police Science Congress , Chandigarh 27 – 29 November, 2000

Screenshot from 2015-07-16 15:36:33

Sandeep Mittal, I.P.S.

After passing out of the Police Academy, I was posted as Assistant Superintendent of Police Incharge of a subdivision. I have the privilege of serving in the communally sensitive areas of Tamilnadu like Maniyachi, Sivakasi and Tuticorin mainly in rural areas which were training grounds for me to learn the basic field policing. Immediately after I joined the Maniyachi Subdivision, the Tuticorin District witnessed communal tension due to caste conflicts. While deployed on Law and order duty, I tried to find out the reasons for the communal clashes and the “police response” to it. Here it would be suffice to say that the origin of caste clashes is deep rooted and there is little that police can do under the present circumstances mainly due to attitude of police towards public and vice-versa. It was almost impossible for the police to obtain the timely intelligence on communal elements mainly because the local officers had not developed good rapport with the public. Another realisation was that due to continuous deployment of men on Law and order duties, their training is neglected. There-fore, the main challenge before the Police-Leadership is training and development of subordinates so as to improve the system of policing and widen the police base among the public and winning their support.

read ful article

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s