Design of Action and Alliance Strategy in Defence against Anonymous Cyber ThreatsMina Rady Anonymity, a major feature of the cyberspace, is a common channel to a multitude of threats. Despite efforts to defend against anonymous threats, their rapid evolution challenges the sustainability of any designed strategy for cyber defense. A sustainable cyber defense strategy must be able to dynamically adapt to information about new threats and to utilize international alliance when necessary without violating fundamental ethics. Our earlier research in 2012 analyzed ways to influence anonymous networks that can either undermine the network performance or undermine the anonymity of connecting users. Earlier we concluded that most influential control actions are accessible to State level actors. Here we propose a defense strategy design approach that begins with assessment of the control capacities of State actors over the given threat space (in our case, anonymity). Then we delineate the various motivations for States to exercise control over anonymous communication. We suggest a strategy design process that rests on alliance with States who share the control motivation and who possess highest possible control capacity. This strategy relies on a quality-controlled information system based on mapping new information about the Cyberspace into a compatible hierarchical classification. |
The Dynamics of Managing Undersea CablesMichael Sechrist, Daniel Goldsmith and Chintan Vaishnav Problem: Can the Old Modes of Governance Meet the Internet Growth Doubles Yearly New Demands of the Internet? The exponential growth of the Internet may soon demand that undersea cable deployment happen as quickly as possible. Legacy institutional barriers may need to be streamlined to the point of near instantaneous approval. Staying ahead of the exponential Internet growth rate is key to implementing a resilient, redundant, accessible Internet in the U.S. and around the world. |
Escalation Management in Cyber Conflict: A Research ProposalRober Reardon Research Questions:
|
Representing Cyberspace using taxonomies and Meta-data analysisGihan Daw Elbait Problem:
|
Finding Order in a Contentious InternetJesse Sowell In 1998 an attempt to remove an offensive video blocked YouTube for most of the Internet...network operators resolved the issue in three hours. Spamhaus disseminates authoritative spam blocking lists, performing a vetting function while distributing monitoring and enforcement effort. Non-state collectives are increasingly playing function-specific Internet governance roles, often competing with conventional governance modes. Despite demonstrated operational and decisional capacity, little is known about how this capacity develops or how it is maintained. This research is an empirical, comparative analysis of governance arrangements and the implications for the ongoing design and operations of the Internet. |
The Coordinates of Cyber international RelationsChintan Vaishnav Problem: As the Internet and International Relations become increasingly interwoven, the properties of information goods such as information security, control, or freedom, or those of international activities such as trade, or diplomacy must be framed in the context of emergent behaviors of a system where the Cyberspace interacts with traditional IR. The purpose of this research is to create a foundation for such understanding by conceptualizing the hitherto separate domains of Cyberspace and International Relations into an integrated system, to analyze the fundamental interdependencies between the two domains, using methods from systems analysis. |
Comparative Analysis of Cybersecurity Metrics to Develop New HypothesesDara Fisher Abstract: Few Internet security organizations provide comprehensive, detailed, and reliable quantitative metrics, especially in the international perspective across multiple countries, multiple years, and multiple categories. Organizations ask why they should spend valuable time and resources collecting and standardizing data. This report aims to provide an encouraging answer to this question by demonstrating the value that even limited metrics can provide in a comparative perspective. |
Learning Legal Principles to Enable Law at Cyber SpeedsMark Finlayson Goal: Law at Cyber Speeds - If we are to enable the creation of Automatic Cyber Targeting Systems to respond in network time to cyberattacks, we must be able to do legal analyses at network speeds. Problem: Automatically Identifying Legal Principles - Identification of and reasoning from case precedents relies on legal principles; computers currently have no ability to extract legal principles in an automatic and dynamic way. |
Diversity of User Experience and Alternative Future InternetsShirley Hung, David D. Clark Objective: One of the primary objectives of the ECIR project is to understand what forms the future Internet may take. This requires identification of the levers, constraints, and conditions under which each scenario may evolve. Technologists have mapped the Internet by connectivity, traffic, and even physical fiber. Each method provides different insights into physical and economic structure: who the players are, their relationships, and the depth and frequency of connections. But they do not reveal the wide variation in how people actually experience the Internet. |
When Virtual Issues Become Real World Actions - Case Study: The Influence of Social Media Narrative Building on the 2011 London RiotsJames Houghton Hypothesis:
|
Understanding "Cyber Conflict"Aadya Shunkla Motivation: The Oxford English Dictionary defines Control as “a device or mechanism used to regulate or guide the operation of a machine, apparatus, or system.” It is important to understand what processes, risks and relationships influence the degree of control and conflict when interests of multiple stakeholder dominate. |
The Dynamics of Managing Undersea Cables: When Solution Becomes The ProblemMichael Sechrist, Chintan Vaishnav, Daniel Goldsmith, and Nazli Choucri Problem: In the U.S., approximately 95% of all international Internet and phone traffic travels via undersea cables. Nearly all government traffic, including sensitive diplomatic and military orders, travels these cables to reach officials in the field. The problem, however, is that the undersea cable infrastructure is susceptible to several types of vulnerability, including: rising capacity constraints, increased exposure to disruption from both natural and mad-made sources, and emerging security risks from cable concentration in dense geographical networks (such as New York and New Jersey, and places like Egypt/Suez Canal.) Moreover, even under normal working conditions, there is a concern whether governance-as-usual can keep up with the future growth of Internet traffic. In this work, we explore the impact of these problems on the dynamics of managing undersea cable infrastructure. |
Cyber Defence Resources & VulnerabilitiesJosephine Wolff Problem: Investment in security is aimed at reducing losses due to security breaches and typically determined by calculating annualized loss expectancy (ALE) metrics. However, in the cybersecurity space there is inadequate data on the frequency of breaches, the costs associated with those breaches, and the effectiveness of countermeasures, for organizations to be able to perform meaningful ALE calculations. With rising rates of both IT security spending and online attacks, surveys indicate that many business and government executives are unsure of how to allocate resources for defense and whether their investments in security measures are making any significant difference. |
Cyber Mission Assurance using STPAWilliam E. Young, Jr. (Col, USAF) Problem: From Cyber Security to Mission Assurance Improving Campaign Mission Assurance How can we complete campaign mission across a wide range of degradations? Current gaps: 1) Emergent system properties ignored; 2) Assurance restricted to tactical level 3) Ignores Operational (campaign) Design Solution: 1) Use systems thinking; 2) Leverage safety-guided design. |
Control Point Analysis of Tor Anonymity NetworkMina Rady Anonymity networks have played major roles in censorship circumvention and various benign or malicious activities in the cyber domain. Hence, those networks became well defined targets of repressive regimes or law enforcement. In this research, we attempt to infer the various control capacities over the operation of such networks and we take the Tor network as an example. We decompose the operation and process of Tor network across the Cyberspace layers. Then we do survey of existing literature about possible control mechanisms over various locations in the network. Then we extrapolate from the control actions to infer possible political actors who would be able to exercise each control action. We use Tor network model as the subject of this investigation due to its distinctive pervasiveness. We conclude with a comprehensive model that depicts distribution of control capacities across the actors at different political levels of analysis. |
Bridging the Cyber Security Governance Gap, A Realistic Agenda for Multi-Track DiplomacyMarco Mayer, Fabio Rugge Cyber Politics: from the utopian level playing field to the new technological battleground. Exploring pathways to conflict mitigation, confidence building and track 2 initiatives. |
Complexity of ICANN: Structure, functions, and resourcesCecilia Testart ICANN is recognized as the central institution involved in the governance of the global Internet. This in-depth study contributes to the understanding of who participates in ICANN’s decision-making process and how, examining in detail the internal structure of the organization.
|
Critical Infrastructure: Does ICT Make it More Vulnerable?John C. Hoag Every private and public sector activity is dependent upon Critical Infrastructure. CI, specifically energy, is adopting Information and Communication Technology for out-of-band realtime control. The Smart Grid has concurrent goals of improving efficiency, increasing use of renewable sources, and reducing outages. Autonomous Microgrids improve point resilience but their widespread adoption undermines scope and scale benefits of public utilities. US and EU programs for technical standards promote interoperability and, indirectly, continuing the centralization paradigm. Moreover, standards may freeze technology in-place and create a greater “common mode” of vulnerability. |
Cyber Conflict History: Assessing State Responsibility and Other Major TrendsJason Healey, Karl Grindal Even in its earliest history, cyberspace had disruptions, caused by malicious actors, which have gone beyond being mere technical or criminal problems. These cyber conflicts exist in the overlap of national security and cyberspace, where nations and non-state groups use offensive and defensive cyber capabilities to attack defend, and spy on each other, typically for political or other national security purposes. In other areas of national security, newly hired people learn their field through the vicarious experience of those that have gone before. Understanding history is the main way to turn the experience of the past generations into cumulative knowledge, such as by teaching military officers the implications of Gettysburg, Inchon, Trafalgar, or MIG Alley. Yet, the US government and military have almost completely ignored cyber history. Even through major conflicts have occurred in cyber conflict since the mid-1980s, these are largely unknown and untaught, making it far more likely we will continue repeating the same mistakes. We sought to mine cyber conflict history to develop this vicarious experience and create a narrative of "cyber mindedness to connect past, present and future cyber cadres. While historical analysis can address numerous questions, we sought to address one of the common maxims in cyber international relations that cyber threats are not attributable. |
Cyberconflict and understanding the geography of the InternetDanilo Delia, Alix Desforges
|
Cyberplaces and the Politics of DisruptionRenée Marlin-Bennett, Kavi Abraham The Puzzle Many online practices are purely frivolous until, suddenly, they are political. One moment 4chan and /b/ are nothing but opportunities to waste time with scatological or pornographic images; the next moment Anonymous emerges on the site and begins acting out a progressive politics. How does the political emerge from places within cyberspace? How does Anonymous, with its progressive politics, come out of /b/, an illiberal site? |
Data Initiatives: ECIR Data DashboardStuart Madnick, Nazli Choucri Purpose
|
Defense-in-Depth in PracticeJosephine Wolff Problem As network defense mechanisms - ranging from firewalls and antivirus programs to encryption packages and intrusion detection systems - have become more numerous and complex, it has become increasingly difficult to understand how they can most effectively be combined and layered together. this research looks at how - and to what end - combinations of these defenses are implemented in practice to protect the networking infrastructure and resources at MIT and aims to draw some more generalizable conclusions from that data about how organizations can design and implement effective defense-in-depth. |
Do We Care About Surveillance? Edward Snowden’s Impact and Policy ImplicationsEvan Marshall Problem Public outcry was especially strong in June of 2013, after the Guardian and the Washington Post simultaneously released materials leaked by NSA contractor Edward Snowden that describe unprecedented mass surveillance programs. A day after the release, President Barack Obama addressed the issue during a visit to Silicon Valley, saying, "it's important to recognize that you can't have 100% security and also then have 100% privacy and zero inconvenience. you know, we're going to have to make some choices as a society." In the months since, the American people have responded in various ways. Some have taken to social media sites to discuss the Snowden revelations. Others have gone a step further, not only discussing the topics of the Snowden leaks, but also the underlying concepts of network security, encryption, metadata. Using quantitative social media and internet traffic data my research identifies three stages of this online response: Discovery and Dissemination, Information Aggregation, and Behavioral Shifts. Knowing how these cohorts behave is a powerful step to making the policy choices about privacy and security. |
Framing the Value of IX ParticipationJesse Sowell When Internet eXchanges (IXes) were developed to localize expensive traffic flows, transit savings were sufficient justification for IX platform development and participation. Transit savings became the de facto indicator, overshadowing emerging collateral benefits. Recently, transit and IX costs seem to be converging (below). Upacking collateral benefits of IX participation consistently returned to the benefits of finding unique interconnection partners and/or redundant interconnection relationships. These are conceptually distinct but complementary objectives. Another key theme was the dynamic nature of the decision process: how does interconnection provisions on IXes contribute to the incremental development of strategic bundles of interconnection relations? These discussions inspired a framework that highlights the role of IX-mediated options in the context of the larger interconnection market. It has facilitated more precisely specifying hypothesis---IX-mediated interconnections options have immediate and longer term effects for the interconnection market. Immediate local effects are reductions in the certain types of transaction costs, in particular measurement costs. Int eh larger market, IX-mediated options foster a feedback loop that engenders learning effects. These are hypothesized to reduce barriers to broader market participation and the development of strategic interconnection bundles. Ongoing work reframes these hypothesis as empirical questions for more directed studies of the industry and the attendant governance practices. |
International Conflicts in CyberspaceAlex Gamero-Garrido Actors: International & public-private cooperation essential. New players: |
The Meaning of the Cyber Revolution: Perils to Theory and StatecraftLucas Kello Problem: Do cyberweapons require a revolution in thinking about force |
Mental Models in the Cyber DomainJames Houghton, Michael Siegel |
Resilience Metrics for Cyber SystemsIgor Linkov, Daniel A. Eisenberg, Kenton Plourde, Thomas P. Seager, Julia Allen, and Alex Kott Problem: As federal agencies and businesses rely more on cyber infrastructure, they are increasingly vulnerable to cyber attacks that can cause damages disproportionate to the sophistication and cost to launch the attack. In response, regulatory authorities call for focusing attention on enhancing infrastructure resilience. Despite the national and international importance, resilience metrics to inform management decisions are still in the early stages of development. There is a need for a generic approach that could integrate actual data, technical judgment, and literature-based measures to assess resilience across physical, information, cognitive, and social domains. |
SCAN: A Framework for Security Management in Cyber Physical Systems (CPS)Arash Naurian Securing a critical infrastructure is of paramount importance with the rapid growth of using commercial-of-the-shelf (COTS) products in industrial control systems. These changes have made CPSs more available target for attackers. The critical nature CPSs also makes them intriguing targets. For the first time in the history of the Internet, cyber attacks can have physical manifestations in the real world, providing easy access target for those who desire to either cause disruption to physical services or cause a national disaster. |
Strategic Level Assessment of Cyber Vulnerability – Organizational and GlobalKathleen M. Carley
|
Sustainability and Cyber Sustainability: Complexity Models in a GSSD* PerspectiveJean-Francois Mascari and Nazli Choucri Interactions of Sustainability and Cyber access are increasingly recognized in International Relations.Based on the co-evolution of Sustainability and Cyberspace a new research area is now emerging, which we call: “Cyber Sustainability”. New: integrated conceptual and analytical foundations call for transdisciplinary approach to support the development of knowledge intensive policies and practices. |
What Do We Know about Cyber Conflict? Scope, Impact, and Restraint in CyberspaceBrandon Valeriano, Ryan C. Maness
|
Who Controls Anonymity?: Control Point Analysis of the Onion Routing Anonymity Network (Tor) 2012Mina Rady Problem Anonymity networks have played major roles in censorship circumvention and various benign or malicious activities in the cyber domain. Hence, those networks became well defined targets of repressive regimes or law enforcement. In this research, we attempt to infer the various control capacities over the operation of such networks and we take the Tor network as an example. We decompose the operation and process of survey of existing literature about possible control mechanisms over various locations in the network. Then we extrapolate from the control actions to infer possible political actors who would be able to exercise each control action. We use Tor network model as the subject of this investigation due to its distinctive pervasiveness. We conclude with a comprehensive model that depicts distribution of control capacities across the actors at different political levels of analysis. |