7. POSTERS

Design of Action and Alliance Strategy in Defence against Anonymous Cyber Threats

Mina Rady
January 6, 2014

Anonymity, a major feature of the cyberspace, is a common channel to a multitude of threats. Despite efforts to defend against anonymous threats, their rapid evolution challenges the sustainability of any designed strategy for cyber defense. A sustainable cyber defense strategy must be able to dynamically adapt to information about new threats and to utilize international alliance when necessary without violating fundamental ethics. Our earlier research in 2012 analyzed ways to influence anonymous networks that can either undermine the network performance or undermine the anonymity of connecting users. Earlier we concluded that most influential control actions are accessible to State level actors. Here we propose a defense strategy design approach that begins with assessment of the control capacities of State actors over the given threat space (in our case, anonymity). Then we delineate the various motivations for States to exercise control over anonymous communication. We suggest a strategy design process that rests on alliance with States who share the control motivation and who possess highest possible control capacity. This strategy relies on a quality-controlled information system based on mapping new information about the Cyberspace into a compatible hierarchical classification.

Poster

The Dynamics of Managing Undersea Cables

Michael Sechrist, Daniel Goldsmith and Chintan Vaishnav
December 7, 2011

Problem:

Can the Old Modes of Governance Meet the Internet Growth Doubles Yearly New Demands of the Internet? The exponential growth of the Internet may soon demand that undersea cable deployment happen as quickly as possible. Legacy institutional barriers may need to be streamlined to the point of near instantaneous approval. Staying ahead of the exponential Internet growth rate is key to implementing a resilient, redundant, accessible Internet in the U.S. and around the world.

Poster

Escalation Management in Cyber Conflict: A Research Proposal

Rober Reardon
December 7, 2011

Research Questions:

  • Under what conditions is cyber conflict most likely to lead to uncontrolled escalation?
  • Under what conditions is cyber conflict likely to lead to escalation in other domains (conventional, nuclear)?
  • What steps are most effective at the reducing the risks of escalation?
  • How relevant are existing theories of deterrence and escalation management to cyber conflict?

Poster

Representing Cyberspace using taxonomies and Meta-data analysis

Gihan Daw Elbait
December 7, 2011

Problem:

  • Modeling and mapping the landscapes of emerging research fields, such as cyberspace.
  • Most research fields are composed of many subfields which are related in intricate ways, therefore structural organization of these subfields could be of great use.
  • Acquiring and analyzing such knowledge is hampered by the vast amount of data available in publications.
  • The need of database integration to enable the mapping of relevant component of the topic in hand (e.g., Cyberspace and International Relations).

Poster

Finding Order in a Contentious Internet

Jesse Sowell
December 7, 2011

In 1998 an attempt to remove an offensive video blocked YouTube for most of the Internet...network operators resolved the issue in three hours. Spamhaus disseminates authoritative spam blocking lists, performing a vetting function while distributing monitoring and enforcement effort. Non-state collectives are increasingly playing function-specific Internet governance roles, often competing with conventional governance modes. Despite demonstrated operational and decisional capacity, little is known about how this capacity develops or how it is maintained. This research is an empirical, comparative analysis of governance arrangements and the implications for the ongoing design and operations of the Internet.

Poster

The Coordinates of Cyber international Relations

Chintan Vaishnav
December 7, 2011

Problem:

As the Internet and International Relations become increasingly interwoven, the properties of information goods such as information security, control, or freedom, or those of international activities such as trade, or diplomacy must be framed in the context of emergent behaviors of a system where the Cyberspace interacts with traditional IR.

The purpose of this research is to create a foundation for such understanding by conceptualizing the hitherto separate domains of Cyberspace and International Relations into an integrated system, to analyze the fundamental interdependencies between the two domains, using methods from systems analysis.

Poster

Comparative Analysis of Cybersecurity Metrics to Develop New Hypotheses

Dara Fisher
December 7, 2011

Abstract:

Few Internet security organizations provide comprehensive, detailed, and reliable quantitative metrics,especially in the international perspective across multiple countries, multiple years, and multiple categories. Organizations ask why they should spend valuable time and resources collecting and standardizing data. This report aims to provide an encouraging answer to this question by demonstrating the value that even limited metrics can provide in a comparative perspective.

Poster

Learning Legal Principles to Enable Law at Cyber Speeds

Mark Finlayson
December 7, 2011

Goal: Law at Cyber Speeds - If we are to enable the creation of Automatic Cyber Targeting Systems to respond in network time to cyberattacks, we must be able to do legal analyses at network speeds.

Problem: Automatically Identifying Legal Principles - Identification of and reasoning from case precedents relies on legal principles; computers currently have no ability to extract legal principles in an automatic and dynamic way.

Poster

Diversity of User Experience and Alternative Future Internets

Shirley Hung, David D. Clark
November 6, 2012

Objective:

One of the primary objectives of the ECIR project is to understand what forms the future Internet may take. This requires identification of the levers, constraints, and conditions under which each scenario may evolve.

Technologists have mapped the Internet by connectivity, traffic, and even physical fiber. Each method provides different insights into physical and economic structure: who the players are, their relationships, and the depth and frequency of connections. But they do not reveal the wide variation in how people actually experience the Internet.

Poster

When Virtual Issues Become Real World Actions - Case Study: The Influence of Social Media Narrative Building on the 2011 London Riots

James Houghton
November 6, 2012

Hypothesis:

  1. Social media influences the behavior of individuals by contributing to the development of motivating narratives. These narratives are an aggregation of all digital and physical confirmatory messages, subject to a first order decay.
  2. Narratives, while held within individuals, can be aggregated to a group level to determine the behavior of that group.
  3. Powerful digital messages are repeated, and their impact is proportional to their spread.
  4. For groups consisting of a sufficiently large fraction of the population, the group receives a constant, representative fraction of the general population’s digital messaging. This allows the messaging of the full population to serve as surrogate for narrative-building messages within the group.

Poster

Understanding "Cyber Conflict"

Aadya Shunkla
November 6, 2012

Motivation:

The Oxford English Dictionary defines Control as “a device or mechanism used to regulate or guide the operation of a machine, apparatus, or system.” It is important to understand what processes, risks and relationships influence the degree of control and conflict when interests of multiple stakeholder dominate.

Poster

The Dynamics of Managing Udnersea Cables: When Solution Becomes The Problem

Michael Sechrist, Chintan Vaishnav, Daniel Goldsmith, and Nazli Choucri
November 6, 2012

Problem:

In the U.S., approximately 95% of all international Internet and phone traffic travels via undersea cables. Nearly all government traffic, including sensitive diplomatic and military orders, travels these cables to reach officials in the field. The problem, however,is that the undersea cable infrastructure is susceptible to several types of vulnerability, including: rising capacity constraints, increased exposure to disruption from both natural and mad-made sources, and emerging security risks from cable concentration in dense geographical networks (such as New York and New Jersey, and places like Egypt/Suez Canal.) Moreover, even under normal working conditions, there is a concern whether governance-as-usual can keep up with the future growth of Internet traffic. In this work, we explore the impact of these problems on the dynamics of managing undersea cable infrastructure.

Poster

Cyber Defence Resoruces & Vulnerablilities

Josephine Wolff
November 6, 2012

Problem:

Investment in security is aimed at reducing losses due to security breaches and typically determined by calculating annualized loss expectancy (ALE) metrics. However, in the cybersecurity space there is inadequate data on the frequency of breaches, the costs associated with those breaches, and the effectiveness of countermeasures, for organizations to be able to perform meaningful ALE calculations. With rising rates of both IT security spending and online attacks, surveys indicate that many business and government executives are unsure of how to allocate resources for defense and whether their investments in security measures are making any significant difference.

Poster

Cyber Mission Assurance using STPA

William E. Young, Jr. (Col, USAF)
November 6, 2012

Problem:

From Cyber Security to Mission Assurance Improving Campaign Mission Assurance How can we complete campaign mission across a wide range of degradations?

Current gaps: 1) Emergent system properties ignored; 2) Assurance restricted to tactical level 3) Ignores Operational (campaign)

Design Solution: 1) Use systems thinking; 2) Leverage safety-guided design.

Poster

Control Point Analysis of Tor Anonymity Network

Mina Rady
January 6, 2014 (Update of poster presented on November 6, 2012)

Anonymity networks have played major roles in censorship circumvention and various benign or malicious activities in the cyber domain.  Hence, those networks became well defined targets of repressive regimes or law enforcement. In this research, we attempt to infer the various control capacities over the operation of such networks and we take the Tor network as an example. We decompose the operation and process of Tor network across the Cyberspace layers. Then we do survey of existing literature about possible control mechanisms over various locations in the network. Then we extrapolate from the control actions to infer possible political actors who would be able to exercise each control action. We use Tor network model as the subject of this investigation due to its distinctive pervasiveness. We conclude with a comprehensive model that depcits distribution of contol capacities across the actors at different political levels of analysis.

Poster

Bridging the Cyber Security Governance Gap, A Realistic Agenda for Multi-Track Diplomacy

Marco Mayer, Fabio Rugge
January 6, 2014

Cyber Politics: from the utopian level playing field to the new technological battleground.

Exploring pathways to conflict mitigation, confidence building and track 2 initiatives.

Poster

Complexity of ICANN: Structure, functions, and resources

Cecilia Testart
January 6, 2014

ICANN is recognized as the central institution involved in the governance of the global Internet. This in-depth study contributes to the understanding of who participates in ICANN’s decision-making process and how, examining in detail the internal structure of the organization.

  • How are the different constituencies represented and organized in ICANN internal structure, what is their role and how do they participate and influence ICANN deciciaon making process.
  • What are ICANN's connections with the international system?
  • What are th ecurrecnt contentious regarding ICANN and why?

Poster

Critical Infrastructure: Does ICT Make it More Vulnerable?

John C. Hoag
January 6, 2014

Every private and public sector activity is dependent upon Critical Infrastructure. CI, specifically energy, is adopting Information and Communication Technology for out-of-band realtime control. The Smart Grid has concurrent goals of improving efficiency, increasing use of renewable sources, and reducing outages. Autonomous Microgrids improve point resilience but their widespread adoption undermines scope and scale benefits of public utilities. US and EU programs for technical standards promote interoperability and, indirectly, continuing the centralization paradigm. Moreover, standards may freeze technology in-place and create a greater “common mode” of vulnerability.

Poster

Cyber Conflict History: Assessing State Responsibility and Other Major Trends

Jason Healey, Karl Grindal
January 6, 2014

Even in its earliest history, cyberspace had disruptions, caused by malicious actors, which have gone beyond being mere technical or criminal problems. These cyber conflicts exist in the overlap of national security and cyberspace, whre nations and non-state groups use offensive and defensive cyber capabilities to attack defend, and spy on each other, typically for political or other national security purposes.

In other areas of national security, newly hired people learn their field through the vicarious experience of those that have gone before. Understanding history is hte main way to turn the experience of the past generations into cumulative knowledge, such as by teaching military officers the implications of Gettysburg, Inchon, Trafalgar, or MIG Alley. Yet, the US government and military have almost completely ignored cyber history. Even through major conflicts have occurred in cyber conflict since the mid-1980s, these are largely unknown and untaught, making it far more likely we will continue repeating the same mistakes.

We sought to mine cyber conflict history to develop this vicarous experience and create a narrative of "cyber mindedness to connect past, present and future cyber cadres. While historical analysis can address numerous questions, we sought to address one of the comon maxims in cyber international relations that cyber threats are not attributable.

Poster

Cyberconflict and understanding the geography of the Internet

Danilo Delia, Alix Desforges
January 6, 2014

  • Complexity of cyberspace: not only technical issues but also geopolitical conflicts
  • Concerns regarding the use of networks in political conflicts, military campaigns, economic warfare etc.
  • Matching cyberspace with its spatial context
  • Understanding the strategies of stakeholders

Poster

Cyberplaces and the Politics of Disruption

Renée Marlin-Bennett, Kavi Abraham
January 6, 2014

The Puzzle

Many online practices are purely frivoulous until, suddenly, they are political. One moment 4chan and /b/ are nothing but opportunities to waste time with scatological or pornographic images; the next moment Anonymous emerges on the site and begins acting out a progressive politics. How does the politcal emerge from places within cyberspace? How does Anonymous, with its progressive politics, come out of /b/, an illiberal site?

Poster

Data Initiatives: ECIR Data Dashboard

Stuart Madnick, Nazli Choucri
January 6, 2014

Purpose

  • To provide historical trend data, current statistics, headline news to interested stakeholders
  • to provide the oportunity for exploring cyber security relations and trends accross countries
  • To identify data problems, limitations, and challenges, and to select effective responses
  • Contains an initial set of potentially interesting types of attributes

Poster

Defense-in-Depth in Practice

Josephine Wolff
January 6, 2014

Problem

As network defense mechanisms - ranging from firewalls and antivirus programs to encryption packages and intrusion detection systems - have become more numerous and complex, it has become increasingly difficult to understand how they can most effectively be combined and layered together. this research looks at how - and to what end - combinations of these defenses are implemented in practice to protect the networking infrastructure and resources at MIT and aims to draw some more generalizable conclusions from that data about how organizations can design and implement effective defense-in-depth.

Poster

Do We Care About Surveillance? Edward Snowden’s Impact and Policy Implications

Evan Marshall
January 6, 2014

Problem

Public outcry was especially strong in June of 2013, after the Guardian and the Washington Post simultaneously released materials leaked by NSA contractor Edward Snowden that describe unprecedented mass sureillance programs. A day after the release, President Barack Obama addressed the issure during a visit to Silicon Valley, saying, "it's important to recognize that you can't have 100% security and also then have 100% privacy and zero inconvenience. you know, we're going to have to make some choices as a society."

In the months since, the American people have responded in various ways. Some have taken to social media sites to discuss the Snowden revelations. Others have gone a step further, not only discussing the topics of the Snowden leaks, but also the underlying concepts of network security, encryption, metadata. Using quantitative social media and interent traffic data my research identifies three stages of this online response: Discovery and Dissemination, Information Aggregation, and Behavioral Shifts. Knowing how these cohorts behave is a powerful step to making the policy choices about privacy and security.

Poster

Framing the Value of IX Participation

Jesse Sowell
January 6, 2014

When Internet eXchanges (IXes) were developed to localize expensive traffic flows, transit savings were sufficient justification for IX platform development and participation. Transit savings became the de facto indicatior, overshadowing emerging collateral benefits. recently, transit and IX costs seem to be converging (below). Upacking collateral benefits of IX perticipation consistently returned to the benefits of finding unique intrconnection partners and/or redundant interconnection relationships. These are conceptually distinct but complementary objectives. Another key theme was the dynamic nature of the decision process: how does interconnnection provisiionsin on IXes contribute to the incremental development of strategic bundles of interconnection relations?

These discussions insprired a framework that highlights the role of IX-mediated options int eh context of the larger interconnection market. It has facilitted more precisely specifying hypothesis---IX-mediated interconnections options have immediate and longer term effects for the interconnection market. Immediate local effects are reductions in the certain types of transaction costs, in particular measurment costs. Int eh larger market, IX-mediated options foster a feedback loop htat engenders learning effects. These are hypothesized to reduce barriers to broader market participation and the development of strategic interconnection bundles. Ongoing work refreames these hypothesis as emperical questions for more directed studies of the industry and the attendant governance practices.

Poster

International Conflicts in Cyberspace

Alex Gamero-Garrido
January 6, 2014

Actors: International & public-private cooperation essential. New players:
activists & shady State contractors. U.S., Russia & China most significant actors.
Socio-Political: Most cases related to “physical” conflicts. Awareness has increased. Diverse goals & targets.
Tools: DDoS most common. Attackers not always savvy. Air-gapping insufficient.
Sophistication: State-backed and for-profit increasing the most.
Outcome: Economic hard to estimate, incentives not to report. >2/3rd cases within a handful of jurisdictions, not global.
Accountability: hard to assign, which is valuable for States. Lower entrance barriers, cost & consequences.

Poster

The Meaning of the Cyber Revolution: Perils to Theory and Statecraft

Lucas Kello
January 6, 2014

Problem:

Do cyberweapons require a revolution in thinking about force
and conflict?
Practitioner’s predicament in addressing this question: the cyber revolution gives rise to novel threats and opportunities requiring immediate policy responses; yet grasping its implications is a slow learning process.
The result is a lag in strategic understanding.
• No consensus “on how to characterize the strategic instability” of cyber interactions. (Gen. Keith Alexander)
• Range of conceivable cyber conflict is poorly understood
• Principles of cyber offense and defense are rudimentary
• Not clear how traditional security mechanisms apply
There is an evident need for international relations and security scholars to contribute to the theoretical evaluation of the cyber revolution.
Yet there is little systematic analysis from a security studies perspective.

Poster

Mental Models in the Cyber Domain

James Houghton, Michael Siegel
January 6, 2014

Poster

Resilience Metrics for Cyber Systems

Igor Linkov, Daniel A. Eisenberg, Kenton Plourde, Thomas P. Seager, Julia Allen, and Alex Kott
December 7, 2011

Problem:

As federal agencies and businesses rely more on cyber infrastructure, they are increasingly vulnerable to cyber attacks that can cause damages disproportionate to the sophistication and cost to launch the attack. In response, regulatory authorities call for focusing attention on enhancing infrastructure resilience. Despite the national and international importance, resilience metrics to inform management decisions are still in the early stages of development. There is a need for a generic approach that could integrate actual data, technical judgment, and literature-based measures to assess resilience across physical, information, cognitive, and social domains.

Poster

SCAN: A Framework for Security Management in Cyber Physical Systems (CPS)

Arash Naurian

Securing a critical infrastructure is of paramount importance with the rapid growth of using commercial-of-the-shelf (COTS) products in industrial control systems. These changes have made CPSs more available target for attackers. The critical nature CPSs also makes them intriguing targets. For the first time in the history of the Internet, cyber attacks can have physical manifestations in the real world, providing easy access target for those who desire to either cause disruption to physical services or cause a national disaster.

Poster

Strategic Level Assessment of Cyber Vulnerability – Organizational and Global

Kathleen M. Carley
December 6, 2014

  • Goal: Strategic Cyber Assessment
  • Global - Identify nation-states likely to have or develop offensive Cyber Capabily
    • Assess motivation based on social influence
    • Assess capability based on research, trade and pharmaceutical industry
  • Organization Idenity Resilient Designs

Poster

Sustainability and Cyber Sustainability: Complexity Models in a GSSD* Perspective

Jean-Francois Mascari and Naxli Choucri
January 6, 2014

Interactions of Sustainability and Cyber access are increasingly recognized in International Relations.Based on the co-evolution of Sustainability and Cyberspace a new research area is now emerging, which we call: “Cyber Sustainability”. New: integrated conceptual and analytical foundations call for transdisciplinary approach to support the development of knowledge intensive policies and practices.

Poster

What Do We Know about Cyber Conflict? Scope, Impact, and Restraint in Cyberspace

Brandon Valeriano, Ryan C. Maness

  • This presentation summarizes and connects our various divergent cyber conflict research projects to present a complete picture of the dynamics, theories, and scope of cyber operations.
  • Cyber operations, cyber crime, and other forms of cyber activities directed by one state against another are now considered part of the normal relations range of combat and conflict. It is now acceptable to respond to an attack in one domain, cyberspace, through another domain, the physical and conventional layer.
  • Rather than suggesting that the nature of combat has changed, we are interested in measuring if, how, and why it has changed. The shift towards the knowable rather than "unknown unknowns" of the cyber domain is important in scholarly discourse and could perhaps lead to a more proportional means of defense for governments involved in the cyber battlefield.

Poster

Who Controls Anonymity?: Control Point Analysis of the Onion Routing Anonymity Network (Tor) 2012

Mina Rady
November 6, 2012

Problem

Anonymity networks have played major roles in censorship circumvention and various benign or malicious activities in the cyber domain. Hence, those networks became well defined targets of repressive regimes or law enforement. In this research, we attempt to infer the various control capacities over the operation of such networks and we take the Tor network as an example. We decompose the operation and process of survey of existing literature about possible control mechanisms over various locations in the network. Then we extrapolate from the control actions to infer possible political actors who would be able to exercise each control action. We use Tor network model as the subject of this investigation due to its distinctive pervasiveness. We conclude with a comprehensive model that depicts distribution of control capacities across the actors at differenct political levels of analysis.

Poster