DOCSLIB.ORG

Human Decision-Making in Computer Security Incident Response Creative Commons License BY-NC 6.2, 423; Version 3.3 DECLARATION

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Human Decision-Making in Computer Security Incident Response Creative Commons License BY-NC 6.2, 423; Version 3.3 DECLARATION HUMANDECISION-MAKINGINCOMPUTERSECURITY INCIDENTRESPONSE jonathan michael spring PhD Computer Science Faculty of Engineering University College London (UCL) 423; Supervisors: Prof. David Pym Dr. Phyllis Illari Dr. Emiliano De Cristofaro Jonathan Michael Spring: Human decision-making in computer security incident response Creative Commons license BY-NC 6.2, 423; version 3.3 DECLARATION I, Jonathan Michael Spring, confirm that the work presented in this thesis is my own. Where information has been derived from other sources, I confirm that this has been indicated in the thesis. London, UK, 423; Jonathan Michael Spring DEDICATION This work is dedicated to my parents, for their continued love and support. 7 ABSTRACT background: Cybersecurity has risen to international importance. Almost every organization will fall victim to a successful cyberat- tack. Yet, guidance for computer security incident response ana- lysts is inadequate. research questions: What heuristics should an incident analyst use to construct general knowledge and analyse attacks? Can we construct formal tools to enable automated decision support for the analyst with such heuristics and knowledge? method: We take an interdisciplinary approach. To answer the first question, we use the research tradition of philosophy of science, specifically the study of mechanisms. To answer the question on formal tools, we use the research tradition of program verification and logic, specifically Separation Logic. results: We identify several heuristics from biological sciences that cybersecurity researchers have re-invented to varying degrees. We consolidate the new mechanisms literature to yield heuristics re- lated to the fact that knowledge is of clusters of multi-field mech- anism schema on four dimensions. General knowledge structures such as the intrusion kill chain provide context and provide hy- potheses for filling in details. The philosophical analysis answers this research question, and also provides constraints on building the logic. Finally, we succeed in defining an incident analysis logic resembling Separation Logic and translating the kill chain into it as a proof of concept. conclusion: These results benefits incident analysis, enabling it to expand from a tradecraft or art to also integrate science. Future research might realize our logic into automated decision-support. Additionally, we have opened the field of cybersecuity to collab- oration with philosophers of science and logicians. 9 IMPACTSTATEMENT The potential impact of this thesis is both within and outside the academy. Improvements to the practice of incident response will take some significant effort to transition, not least because the attention of such personnel is a scarce resource. The learning curve on scientific know- ledge generation heuristics is steep. Nonetheless, I will provide two spe- cific improvements that can impact incident response and Computer Network Defense (CND): • robust knowledge creation and structured-observation design heuristics; • a logical language to communicate reasoning steps without reveal- ing sensitive data. The thesis should enable further work within the academy. This thesis will, in some ways, chart out new fields of philosophy of cybersec- urity in general and of computer security incident response in particular. Furthermore, this thesis will sensitize the fields of logic and philosophy of science to cybersecurity. The three research or development areas that appear most fruitful going forwards are: automated decision sup- port for incident response; meta-logical analysis of the properties of the logic defined; and extension of the account of explanation and mechan- ism discovery both into cybersecurity and back into the philosophical literature on scientific explanation generally. The third area for impact will be in how we train new incident ana- lysts. There are at least three areas in which this impact might be real- ized. First, standards bodies could work to fill the gap Chapter 4 will identify in existing standards. Second, both Chapter 5 and Chapter 6 will identify likely challenges; future work on pedagogy could focus on how to best enable analysts to overcome them. Chapter 6, Chapter 7, and Chapter 9 will offer qualitative progress on some norms and ex- pectations for analytic steps, but integrating these ideas into training and measuring results is future work. In all three of these areas – practice, academics, and pedagogy – in order to bring about impact the work will need to be disseminated, in- tegrated into education, and potentially engage public policy makers or business leaders about integrating these changes into the way computer- security incidents are handled. ; CONTENTS 3 introduction and motivation 45 3.3 Summary of the argument 45 3.4 Impact 46 3.5 Important definitions 47 3.6 Publications and submissions adapted for thesis 48 3.7 Publications not adapted in thesis 49 3.8 Disclaimer 4; i background 4 literature review – incident response 55 4.3 Introduction 55 4.4 Scope 57 4.4.3 Scope—Topic 58 4.4.4 Scope—Publication Venues 5: 4.5 Related literature reviews 65 4.6 Methods 69 4.6.3 Search strategy 69 4.6.4 Appraisal strategy 6: 4.6.5 Synthesis methods 6; 4.6.6 Limitations 74 4.7 Results 76 4.7.3 IETF 77 4.7.4 ISO 78 4.7.5 FIRST 78 4.7.6 Intelligence community 7; 4.7.7 Referenced Documents 82 4.8 Discussion 93 4.8.3 Comments and clarifications on Table 4.34 98 4.8.4 Note on case studies :5 4.9 Gaps and Work Plan :6 4.9.3 Research question :6 4.: Related work :7 4.:.3 Interdisciplinary overlaps :8 4.:.4 Parts of information and computer science :; 4.; Conclusion ;4 5 literature review – science and security ;7 5.3 Purported impediments to a science of security ;8 5.4 Philosophy of science – historical background ;9 5.5 Existing statements of science and security 322 5.5.3 Prepositions: ‘of’ or ‘for’ security 333 5.6 Practicing Science of Security 334 5.6.3 Scientific methods 336 5.6.4 Evaluating Results 342 5.6.5 The nature of scientific inquiry 348 5.6.6 Scientific Language(s) 352 33 34 contents 5.6.7 Engineering or Science? 355 5.7 A Science of Security very much exists 357 5.8 Research plan 359 ii generalising, applying, and formalising know- ledge 6 general knowledge of mechanisms 363 6.3 Introduction 364 6.4 Generality in philosophy of science 367 6.4.3 Turning away from laws 367 6.4.4 Generality and mechanisms 369 6.5 Building mechanistic knowledge in cybersecurity 374 6.5.3 The three challenges for cybersecurity 375 6.5.4 Three examples of cybersecurity mechanisms 37: 6.6 Building general knowledge in cybersecurity 38: 6.6.3 Constraining: On improving coordination in cy- bersecurity 395 6.7 Conclusion 398 7 the intrusion kill chain as a case study 3:3 7.3 Introduction 3:3 7.4 Reasoning with the kill chain as a mechanism 3:6 7.4.3 Higher-level mechanisms 3;2 7.4.4 On lower-level mechanisms 3;4 7.5 Examples of Incident Analysis 3;6 7.5.3 Example 3: The Cuckoo’s Egg 3;7 7.5.4 Example 4: Airport Security 422 7.6 Conclusions 426 8 separation logic as a case study 429 8.3 Introduction to Separation Logic 429 8.4 Solving a Hard Problem 434 8.5 Why Separation Logic Works 439 8.5.3 The separating conjunction 43; 8.5.4 Hoare triples 442 8.5.5 Frame Rule 443 8.5.6 Automatable abduction 444 8.6 The Semantics of Separation Logic 445 8.6.3 Bunched Logic 446 8.6.4 The Semantics of Bunched Logic 447 8.6.5 The Resource Semantics of Separation Lo- gic 44; 8.7 Deployable Proof Theory for Separation Logic 455 8.7.3 Separation Logic and the Frame Rule 456 8.7.4 Deployability via Contextual Refinement 457 8.7.5 Bi-abduction 458 8.8 Conclusion 465 iii a logic of reasoning in incident analysis 9 logic definition 46; 9.3 Philosophical and historical analyses 46; contents 35 9.3.3 Summary of requirements 474 9.4 Logic design choices 475 9.5 Logic Definitions 477 9.5.3 Expressions 478 9.5.4 Basics and syntax 479 9.5.5 Model 47; 9.5.6 Semantics 484 9.5.7 Abduction 486 9.5.8 On the metatheory of the security incident ana- lysis logic 487 9.6 A worked example 488 9.6.3 A logic of the kill chain 492 9.6.4 Using more granular knowledge 495 9.6.5 Composition of attacks into a campaign 497 9.7 Benefits of this logic 49; 9.8 Conclusions 4:2 iv consolidation : summary 4:5 ; conclusions 4:7 v backmatter bibliography 4;5 LISTOFFIGURES Figure 5.3 The mathematical modeling cycle 342 Figure 6.3 GameOver Zeus botnet mechanism 37; Figure 6.4 Simple kill-chain diagram 385 Figure 7.3 Improved kill chain mechanism 3:7 Figure 7.4 Mechanistic translation of common language for computer security incidents 3;2 Figure 7.5 Mechanistic translation of a drive-by down- load 3;5 Figure 7.6 Model of accounting systems generated by Stoll during incident analysis 3;9 Figure 7.7 Representation of game-theoretic model as a mechanism 423 Figure 8.3 Anatomy of a pointer 436 Figure 8.4 Example pointer error – memory leaks 437 Figure 8.5 Pointers forming a linked list 452 Figure 8.6 Satisfaction relation for BI pointer logic 453 LISTOFTABLES Table 4.3 Results of ACM CSUR search for extant literat- ure reviews 67 Table 4.4 All documents found to be relevant through the search methodology 76 Table 4.5 IETF database search results 77 Table 4.6 ISO database search results 79 Table 4.7 Summary of results found through FIRST 7: Table 4.8 intelligence community search results 82 Table 4.9 Data formats cited by IETF standards 84 Table 4.: ISO database search results 87 Table 4.; Publications referenced by NIST SP:22-83 89 Table 4.32 Documents referenced by CERT/CC sources 8; Table 4.33 Resources referenced by intelligence community
Load more

Recommended publications
  • DIPLOMACY-2021/05/27 ANDERSON COURT REPORTING 1800 Diagonal Road, Suite 600 Alexandria, VA 22314 Phone
    DIPLOMACY-2021/05/27 1 THE BROOKINGS INSTITUTION WEBINAR STRENGTHENING US FOREIGN POLICY THROUGH SUBNATIONAL DIPLOMACY Washington, D.C. Thursday, May 27, 2021 PARTICIPANTS: Welcome: ANTHONY F. PIPA Senior Fellow, Center for Sustainable Development, The Brookings Institution The Value of international engagement for local progress: Dallas LIZ SCHRAYER, Moderator President and CEO, U.S. Global Leadership Coalition THE HONORABLE ERIC JOHNSON Mayor, City of Dallas AMBASSADOR JEANNE PHILLIPS Senior Vice President, Corporate Engagement & International Relations Hunt Consolidated, Inc. The Value of Subnational Diplomacy for U.S. Foreign Policy ANTHONY F. PIPA, Moderator Senior Fellow, Center for Sustainable Development, The Brookings Institution HEATHER HURLBURT Director, New Models of Policy Change New America AMBASSADOR NINA HACHIGIAN Deputy Mayor for International Affairs, City of Los Angeles AMBASSADOR THOMAS A. SHANNON, JR. Senior International Policy Advisor, Arnold & Porter Closing Remarks: THE HONORABLE TED LIEU (D-CA) Member, U.S. House of Representatives * * * * * ANDERSON COURT REPORTING 1800 Diagonal Road, Suite 600 Alexandria, VA 22314 Phone (703) 519-7180 Fax (703) 519-7190 DIPLOMACY-2021/05/27 2 P R O C E E D I N G S MR. PIPA: Welcome and good morning. I'm Tony Pipa, senior fellow in the Center for Sustainable Development at the Brookings Institution. And on behalf of the center and Brookings, I'm really pleased to welcome here to today's event to examine the relationship between the global affairs of cities and states and U.S. foreign policy. And in particular, we're going to explore how setting up an office of subnational diplomacy at the State Department might leverage the global leadership of U.S.
    [Show full text]
  • Mar 1968 - North Korean Seizure of U.S.S
    Keesing's Record of World Events (formerly Keesing's Contemporary Archives), Volume 14, March, 1968 United States, Korea, Korean, Page 22585 © 1931-2006 Keesing's Worldwide, LLC - All Rights Reserved. Mar 1968 - North Korean Seizure of U.S.S. “Pueblo.” - Panmunjom Meetings of U.S. and North Korean Military Representatives. Increase in North Korean Attacks in Demilitarized Zone. - North Korean Commando Raid on Seoul. A serious international incident occurred in the Far East during the night of Jan. 22–23 when four North Korean patrol boats captured the 906-ton intelligence ship Pueblo, of the U.S. Navy, with a crew of 83 officers and men, and took her into the North Korean port of Wonsan. According to the U.S. Defence Department, the Pueblo was in international waters at the time of the seizure and outside the 12-mile limit claimed by North Korea. A broadcast from Pyongyang (the North Korean capital), however, claimed that the Pueblo–described as “an armed spy boat of the U.S. imperialist aggressor force” –had been captured with her entire crew in North Korean waters, where she had been “carrying out hostile activities.” The Pentagon statement said that the Pueblo “a Navy intelligence-collection auxiliary ship,” had been approached at approximately 10 p.m. on Jan. 22 by a North Korean patrol vessel which had asked her to identify herself. On replying that she was a U.S. vessel, the patrol boat had ordered her to heave to and had threatened to open fire if she did not, to which the Pueblo replied that she was in international waters.
    [Show full text]
  • PERSPECTIVES on Responsible Behavior in State Uses of Icts
    DRAFT – shared with the participants of the ICT4Peace Workshop on Existing and future norms on international ICT infrastructure and data integrity PERSPECTIVES on Responsible Behavior in State Uses of ICTs ICT4Peace Foundation 2017 DRAFT – shared with the participants of the ICT4Peace Workshop on Existing and future norms on international ICT infrastructure and data integrity FOREWORD The ICT4Peace Foundation stands for an open, neutral and inclusive promotion of a peaceful cyberspace through international negotiations with governments, companies and non-state actors, in particular on norms and confidence building measures and capacity building. Our roots in the UN World Summit on the Information Society in 2003 placed upon us the task of carefully considering all different viewpoints, arguments and proposals and to promote a broad societal acceptance of standards of responsible behavior in uses of ICTs. With the support of the Dutch Government, Microsoft and the Cyber Policy Institute, in 2014 ICT4Peace launched a process to promote and support the international cyber norms dialogue. This publication contains a collection of papers developed during this process. We offer the ‘Perspectives on Responsible Behavior in State Uses of ICTs’ as a collaborative contribution to the international community, hoping to enrich and inform further discussion of the theme. Sincerely, Dr. Daniel Stauffacher Founder and President, ICT4Peace Foundation DRAFT – shared with the participants of the ICT4Peace Workshop on Existing and future norms on international ICT infrastructure and data integrity FOREWORD It seems that in the cyber community everybody is talking about norms. The roots of this global discourse lie in fast development of information and communication technologies (ICTs).
    [Show full text]
  • America's War in Angola, 1961-1976 Alexander Joseph Marino University of Arkansas, Fayetteville
    University of Arkansas, Fayetteville ScholarWorks@UARK Theses and Dissertations 5-2015 America's War in Angola, 1961-1976 Alexander Joseph Marino University of Arkansas, Fayetteville Follow this and additional works at: http://scholarworks.uark.edu/etd Part of the African History Commons, and the United States History Commons Recommended Citation Marino, Alexander Joseph, "America's War in Angola, 1961-1976" (2015). Theses and Dissertations. 1167. http://scholarworks.uark.edu/etd/1167 This Thesis is brought to you for free and open access by ScholarWorks@UARK. It has been accepted for inclusion in Theses and Dissertations by an authorized administrator of ScholarWorks@UARK. For more information, please contact [email protected], [email protected]. America’s War in Angola, 1961-1976 America’s War in Angola, 1961-1976 A thesis submitted in partial fulfillment of the requirements for the degree of Master of Arts in History by Alexander J. Marino University of California, Santa Barbara Bachelor of Arts in History, 2008 May 2015 University of Arkansas This thesis is approved for recommendation to the Graduate Council ______________________________________ Dr. Randall B. Woods Thesis Director ______________________________________ Dr. Andrea Arrington Committee Member ______________________________________ Dr. Alessandro Brogi Committee Member ABSTRACT A study of the role played by the United States in Angola’s War of Independence and the Angolan Civil War up to 1976. DEDICATION To Lisa. TABLE OF CONTENTS INTRODUCTION ........................................................................................................................
    [Show full text]
  • Justice for Rwanda: Toward a Universal Law of Armed Conflict Heather Alexander
    Golden Gate University Law Review Volume 34 | Issue 2 Article 7 January 2004 Justice for Rwanda: Toward a Universal Law of Armed Conflict Heather Alexander Follow this and additional works at: http://digitalcommons.law.ggu.edu/ggulrev Part of the Human Rights Law Commons, and the International Law Commons Recommended Citation Heather Alexander, Justice for Rwanda: Toward a Universal Law of Armed Conflict, 34 Golden Gate U. L. Rev. (2004). http://digitalcommons.law.ggu.edu/ggulrev/vol34/iss2/7 This Comment is brought to you for free and open access by the Academic Journals at GGU Law Digital Commons. It has been accepted for inclusion in Golden Gate University Law Review by an authorized administrator of GGU Law Digital Commons. For more information, please contact [email protected]. Alexander: Justice for Rwanda COMMENT JUSTICE FOR RWANDA TOWARD A UNIVERSAL LAW OF ARMED CONFLICT INTRODUCTION In 1994, an armed conflict raged in Rwanda between a non-state party and the Rwandan Government. l This armed conflict triggered the attempted extermination of the Tutsi ethnic group by the Rwandan Government. As a result of this appalling campaign, the United Nations (hereinafter "U.N.") created the International Criminal Tribunal for Rwanda (here­ inafter "ICTR") to prosecute three categories of offenses against the law of nations, classified as human-rights violations, com­ mitted during the Rwandan conflict: genocide,2 crimes against humanity,3 and violations of humanitarian law.4 Because of the 1 s.c. Res. 955, U.N. SCOR, 49th Sess., 3453rd mtg., at P2, U.N. Doc. S/Res/955 (1994) !hereinafter S.C.
    [Show full text]
  • Hybrid Threats a Strategic Communications Perspective ISBN - 978-9934-564-33-8
    IMAGES – SHUTTERSTOCK – IMAGES Hybrid Threats A Strategic Communications Perspective ISBN - 978-9934-564-33-8 DISCLAIMER: This document is a research product of the NATO Strategic Communications Centre of Excellence (NATO StratCom COE). It is produced for NATO, NATO member countries, NATO partners, related private and public institutions and related individuals. It does not represent the opinions or policies of NATO or NATO StratCom COE. The NATO Strategic Communications Centre of Excellence (NATO StratCom COE) is a NATO accredited multi-national organisation that conducts research, publishes studies, and provides strategic communications training for government and military personnel. The NATO StratCom COE was initially founded by Latvia, Estonia, Germany, Italy, Lithuania, Poland, and the United Kingdom in 2014. Since then Canada, Finland, the Netherlands and Sweden have joined the Centre. Denmark, France and Slovakia are set to join in 2019. © All rights reserved by the NATO StratCom COE. Material may not be copied, reproduced, distributed or publicly displayed without permission of the originator. Hybrid Threats A Strategic Communications Perspective Acknowledgements Project Director Ben Heap Project Assistants Sophia Krauel, Jente Althuis Research Assistants Alexandra Clifton, Tara Flores, Leonie Haiden, Pia Hansen, Torsten Hertig Contributing Authors Dr Sean Aday, Dr Māris Andžāns, Dr Una Bērziņa-Čerenkova, Dr Francesca Granelli, John-Paul Gravelines, Dr Mils Hills, Miranda Holmstrom, Adam Klus, Irene Martinez-Sanchez, Mariita Mattiisen,
    [Show full text]
  • Atoms for Peace and the Origins of Nuclear Power in Japan, 1952-1958
    Nuclear Society: Atoms for Peace and the Origins of Nuclear Power in Japan, 1952-1958 DISSERTATION Presented in Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the Graduate School of The Ohio State University By Craig D. Nelson Graduate Program in History The Ohio State University 2014 Dissertation Committee: James R. Bartholomew, Adviser Philip C. Brown Christopher A. Reed Copyright by Craig D. Nelson 2014 Abstract This project seeks to explain why Japan developed nuclear power despite its negative experiences with nuclear weapons and fallout. It focuses on the period from the end of the American Occupation in 1952, when the Japanese regained full sovereignty, until the signing of the agreement to import a commercial British nuclear reactor in 1958. The Japanese experience with atomic bombs and radioactive fallout made Japan a seemingly unlikely candidate to develop nuclear power. These fears were renewed following the Lucky Dragon Incident when an American hydrogen bomb test showered a Japanese fishing vessel with radioactive fallout and contaminated deep water tuna throughout the Pacific. Japan, however, had ample reasons to embrace nuclear power as it: provided a potential solutions to Japan’s energy crisis, while offering Japan a way to secure its place in the international community and a means of defining itself as a nation dedicated to scientific, technological, and economic development. Pro-nuclear advocates identified nuclear power as a key to the advancement of Japan, partaking in what Hiromi Mizuno termed “scientific nationalism.” Although Japanese policy makers were interested in the adopting nuclear power before the US offered to extend aid to Japan, the process of doing so was influenced by the American approach to the Cold War and was heavily informed by American efforts to maintain the support of both the government and the general public.
    [Show full text]
  • The Validity of the Incidents Genre
    The Validity of the Incidents Genre Richard Falkt Intellectual breakthroughs in a field of study often come from perse- vering in a slightly different way of perceiving reality. And so it is with incidents jurisprudence, introduced by Michael Reisman as "a new genre in the study of international law." 1 It is not new to assess the legal impli- cations of a prominent international occurrence, whether it be a particu- lar cross-border retaliatory raid after allegations of a terrorist attack or the dropping of atomic bombs on the cities of Hiroshima and Nagasaki at the end of World War II. Instead, what is new here is the identification of the incident itself as the law-shaping event, and the regarding of the incident as a basis for the systematic observation and generalized under- standing of international law as a distinctive type of law. Especially after the emergence of realist international theories in the 1950's,2 the study of international law in the United States has been ac- companied by an appreciation that neither appellate judicial decisions nor doctrines detached from specific factual contexts provide insight into the actual functioning of international law. This recognition has animated the multi-volume enterprise of scholarship carried on at the Yale Law School by Myres S. McDougal and his many associates over the years, including, of course, Michael Reisman, a prime collaborator and heir apparent. Although never free from controversy-or from snip- ing by more literal-minded, positivist international law specialists-Mc- Dougal has put the United States on the map of global legal studies and made New Haven its capital.
    [Show full text]
  • International Law Regime Against Piracy Lawrence Azubuike
    Annual Survey of International & Comparative Law Volume 15 | Issue 1 Article 4 2009 International Law Regime Against Piracy Lawrence Azubuike Follow this and additional works at: http://digitalcommons.law.ggu.edu/annlsurvey Part of the Law of the Sea Commons Recommended Citation Azubuike, Lawrence (2009) "International Law Regime Against Piracy," Annual Survey of International & Comparative Law: Vol. 15: Iss. 1, Article 4. Available at: http://digitalcommons.law.ggu.edu/annlsurvey/vol15/iss1/4 This Article is brought to you for free and open access by the Academic Journals at GGU Law Digital Commons. It has been accepted for inclusion in Annual Survey of International & Comparative Law by an authorized administrator of GGU Law Digital Commons. For more information, please contact [email protected]. Azubuike: International Law Regime Against Piracy INTERNATIONAL LAW REGIME AGAINST PIRACY DR. LAWRENCE AZUBUII<E" I. INTRODUCTION It has been the lot of international law that the question is always asked whether it is really law. While there may not be anyone answer to this question, it is commonly accepted that international law is different from municipal positive laws. International law deals with states and municipal law, in most cases, concerns individuals. However, the twentieth century marked a shift from the state-centric outlook of international law towards a more realistic accommodation that individuals might, in certain cases, be subjects of international law. Developments in the areas of humanitarian and international criminal laws best illustrate this shift. Yet, the relevance of international law to the individual, even if recognizable by scholars of international law, might not be easily perceptible to the average citizen of a state.
    [Show full text]
  • Removal of Diplomatic Immunity in the Extraordinary Rendition of Abu Omar •Fi Can It Be Done?
    Seton Hall University eRepository @ Seton Hall Law School Student Scholarship Seton Hall Law 5-1-2013 Removal of Diplomatic Immunity in the Extraordinary Rendition of Abu Omar – Can It Be Done? Michael Liguori Noonan Follow this and additional works at: https://scholarship.shu.edu/student_scholarship Recommended Citation Noonan, Michael Liguori, "Removal of Diplomatic Immunity in the Extraordinary Rendition of Abu Omar – Can It Be Done?" (2013). Law School Student Scholarship. 278. https://scholarship.shu.edu/student_scholarship/278 Removal of Diplomatic Immunity in the extraordinary rendition of Abu Omar – Can it be Done? By Michael Noonan Since the attacks of September 11, 2001 and the subsequent war on terror, the United States has been forced to find new means and methods of bringing foreign terrorists to justice. One of those methods is the process of extraordinary rendition, by which foreign nationals are forcibly taken from their respective countries for interrogation and possible trial in the U.S. Abducted targets are often held in CIA controlled “secret prisons” around the world for months or years at a time. The target’s family is not told when he is taken, and, despite allegations that some nations from which suspected terrorists are taken are implicit in the kidnapping, their own governments are typically none the wiser either.1 Targets quite simply vanish. This process of extraordinary rendition has sparked a multitude of questions of international law and earned the condemnation of certain nations.2 One particular act of extraordinary rendition known to have occurred took place in Milan on February 17, 2003. Cleric Hassan Mustafa Osama Nasr, or Abu Omar, was abducted by a combination of Italian police and American CIA agents while on the way to his mosque.
    [Show full text]
  • A Legal Analysis of the Shooting of Korean Airlines Flight 007 by the Soviet Union Farooq Hassan
    Journal of Air Law and Commerce Volume 49 | Issue 3 Article 3 1984 A Legal Analysis of the Shooting of Korean Airlines Flight 007 by the Soviet Union Farooq Hassan Follow this and additional works at: https://scholar.smu.edu/jalc Recommended Citation Farooq Hassan, A Legal Analysis of the Shooting of Korean Airlines Flight 007 by the Soviet Union, 49 J. Air L. & Com. 555 (1984) https://scholar.smu.edu/jalc/vol49/iss3/3 This Article is brought to you for free and open access by the Law Journals at SMU Scholar. It has been accepted for inclusion in Journal of Air Law and Commerce by an authorized administrator of SMU Scholar. For more information, please visit http://digitalrepository.smu.edu. A LEGAL ANALYSIS OF THE SHOOTING OF KOREAN AIRLINES FLIGHT 007 BY THE SOVIET UNION By DR. FAROOQ HASSAN* O N SEPTEMBER 2, 1983, the world was stunned by the news that during the previous day the Soviet Union had shot down a South Korean jetliner over the Sea of Japan, killing all 269 passengers aboard. The airliner, which was on a scheduled flight between New York and Seoul, had appar- ently strayed off course into Soviet airspace when it was de- stroyed by Russian jet fighter planes. The tragedy was brought to international attention through strong statements issued by the President and Secretary of State of the United States.' While some aspects of this incident may never be known, 2 sufficient data is available to analyze the legal as- pects of the actions taken by the Korean airliner and the So- viet interceptors.
    [Show full text]
  • Contribs6.Pdf
    Contributions to the Study of Peacemaking Volume 6 A Summary of Pr ojects Completed by Grantees and Fel l ow s 1997– 9 9 Pre p a r ed By Anne-Marie Smith United States Institute of Peace Washington, D.C. First published December 1999 The views expressed in this report are those of the authors alone. They do not necessarily reflect views of the United States Institute of Peace. UNITED STATES INSTITUTE OF PEACE 1200 17th Street NW,Suite 200 Washington, DC 20036-3011 Phone: (202) 457-1700 Fax: (202) 429-6063 E-mail: [email protected] Web: www.usip.org CONTENTS Introduction v 1. Understanding and Organizing International Security 1 2. Peace Operations 11 3. Nationalism and Ethnic Conflict 19 4. Humanitarian Emergencies, Human Rights, and NGO Responses 26 5. Cross-Cultural Negotiation 31 6. Europe and the Former Soviet Union 36 7. Middle East 41 8. Africa 48 9. Asia 55 10. Latin America 60 Bibliography 68 Author Index 73 INTRODUCTION The Institute’s Grant Program and its fellowship program, the Jennings Randolph Program for International Peace, are the principal means by which the United States Institute of Peace supports the work of scholars and international affairs practitioners to promote better management of international conflict. The publications summarized in these pages direct- ly resulted from projects funded by these two programs. In many cases these projects are multifaceted and ongoing, and what is summarized here may represent only part of the project’s impact on policy and intellectual debates or the resolution of international conflicts. Institute fellows, for instance, often conduct policy briefings and workshops related to their publications, and they write Institute Special Reports and other policy- oriented papers and opinion pieces.
    [Show full text]