Lecture Materials for the John Wiley - PowerPoint PPT Presentation

About This Presentation
Title:

Lecture Materials for the John Wiley

Description:

Chapter 14: Cyber Warfare: An Architecture for Deterrence Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and ... – PowerPoint PPT presentation

Number of Views:98
Avg rating:3.0/5.0
Slides: 15
Provided by: Keun8
Category:

less

Transcript and Presenter's Notes

Title: Lecture Materials for the John Wiley


1
Chapter 14 Cyber Warfare An Architecture for
Deterrence
  • Lecture Materials for the John Wiley Sons book
  • Cyber Security Managing Networks, Conducting
    Tests, and Investigating Intrusions

2
Introduction to Cyber Warfare and Cyber
Deterrence
  • Over 120 countries are actively conducting cyber
    operations, primarily espionage
  • It is estimated that the Chinese have over
    100,000 activity duty cyber warriors, and over
    independent 80,000 hackers, who often carry out
    mission in the national interest
  • As stated in CNCI 10, cyber deterrence is a
    strategy that will deter interference and attack
    in cyberspace and developing appropriate
    responses by both state and non-state actors.

3
Methodology and Assumptions
  • Cyber deterrence is a cutting edge research
    problem, a very difficult one, in particular
    because attributing cyber activities is so
    difficult due to the technology
  • This research approach considers
  • National Security Goals
  • Cyber Warfare Laws Treaties
  • Strategic Functions
  • Solutions Architecture for Cyber Deterrence
  • Technical Functions

4
Methodology Assumptions 2
5
Cyber Deterrence Challenges
  • Assigning attribution
  • Internet technology makes it relatively easy to
    misdirect attribution to other parties
  • Unpredictability of cyber attack impacts
  • Potential damage due to counter-retaliation
  • Nation states, non-state actors, and individuals
    are at a peer level, all capable of waging
    attacks
  • No clear legal framework exists

6
Legal and Treaty Assumptions
  • Legality of cyber operations should be clarified
    in national and international treaties (allowing
    for non-disclosure)
  • Monitoring of suspected remote servers should be
    allowed,and attacked if they are
    non-life-critical, because servers used for
    attack may belong to unaware 3rd parties
  • Use of 3rd party servers should be defined
    unlawful according to the laws of war
  • International investigations should be enabled

7
Cyber Deterrence Strategy
Used in the book With permission from The RAND
Corporation Libicki 2010
8
Cyber Deterrence Retaliation Probabilities
(Sample)
Used in the book With permission from The RAND
Corporation Libicki 2010
9
Reference Model
10
Attacker Conceptual Architecture
11
Conceptual Application Architecture Rapid
Attribution
12
Conceptual Information Architecture Sample Record
  • RECORD 1
  • 'IPv4 Address' '173.201.21.161', 'FTP Open on
    Port' '21', 'RDP Open on Port' '3389', 'Ping
    Response''Alive', 'Attack Organization'
    'Aurora', 'Attack Role' 'Control Server'
  • RECORD 2
  • 'IPv4 Address' '69.164.192.46', 'Ping
    Response''Alive', 'Attack Organization'
    'Aurora', 'Attack Role' 'Control Server'
  • RECORD 3
  • 'IPv4 Address' '168.95.1.1', 'Ping
    Response''Alive', 'Attack Organization'
    'Aurora', 'Attack Role' 'Control Server'
  • RECORD 4
  • 'IPv4 Address' '203.69.66.1', 'Ping
    Response''Alive', 'Attack Organization'
    'Aurora', 'Attack Role' 'Control Server

13
Architectural Prototypes
  • Bot with Threaded Scanning
  • Botnet with Distributed Scanning

Performance Actuals
Performance Projected
14
REVIEW Chapter Summary
  • Cyber Security Managing Networks, Conducting
    Tests, and Investigating Intrusions
Write a Comment
User Comments (0)
About PowerShow.com