2018 10th International Conference on Cyber Conflict CyCon X: Maximising Effects T. Minárik, R. Jakschis, L. Lindström (Eds.) 30 May - 01 June 2018, Tallinn, Estonia 2018 10TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT CYCON X: MAXIMISING EFFECTS Copyright © 2018 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1826N-PRT ISBN (print): 978-9949-9904-2-9 ISBN (pdf): 978-9949-9904-3-6 COPYRigHT AND REPRINT PERmissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, or for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2018 10th International Conference on Cyber Conflict CyCon X: Maximising Effects T. Minárik, R. Jakschis, L. Lindström, (Eds.) 2018 © NATO CCD COE Publications NATO CCD COE Publications LEGAL NOTICE: This publication contains the opinions of the respective authors only. They do not Filtri tee 12, 10132 Tallinn, Estonia necessarily reflect the policy or the opinion of NATO Phone: +372 717 6800 CCD COE, NATO, or any agency or any government. NATO CCD COE may not be held responsible for Fax: +372 717 6308 any loss or harm arising from the use of information E-mail: [email protected] contained in this book and is not responsible for the Web: www.ccdcoe.org content of the external sources, including external websites referenced in this publication. Head of publishing: Jaanika Rannu Layout: Jaakko Matsalu Cover design: AKU NATO COOPERATIVE CYBER DEFENCE CENTRE OF ExcELLENCE The NATO Cooperative Cyber Defence Centre of Excellence (CCD COE) is a NATO- accredited cyber defence hub focusing on research, training and exercises. It represents a community of currently 21 nations providing a 360-degree look at cyber defence, with expertise in the areas of technology, strategy, operations and law. The heart of the Centre is a diverse group of international experts from military, government and industry backgrounds. The CCD COE is home to the Tallinn Manual 2.0, the most comprehensive guide on how International Law applies to cyber operations. The Centre also organises the world’s largest and most complex international live-fire cyber defence exercise, Locked Shields. Another highlight of the Centre is the International Conference on Cyber Conflict, CyCon, a unique event joining key experts and decision-makers of the global cyber defence community in Tallinn every spring. As of January 2018 CCD COE is responsible for identifying and coordinating education and training solutions in the field of cyber defence operations for all NATO bodies across the Alliance. The Centre is staffed and financed by its member nations - Austria, Belgium, the Czech Republic, Estonia, Finland, France, Germany, Greece, Hungary, Italy, Latvia, Lithuania, the Netherlands, Poland, Portugal, Slovakia, Spain, Sweden, Turkey, the United Kingdom and the United States. NATO-accredited centres of excellence are not part of the NATO Command Structure. CYCON 2018 SPONSORS TABLE OF CONTENTS Introduction 1 Rethinking the Data Wheel: Automating Open-Access, 9 Public Data on Cyber Conflict Christopher Whyte, Brandon Valeriano, Benjamin Jensen, Ryan Maness The Cyber Deterrence Problem 31 Aaron F. Brantly Offensive Cyber Capabilities: To What Ends? 55 Max Smeets, Herbert S. Lin Understanding and Countering Cyber Coercion 73 Quentin E. Hodgson Targeting Technology: Mapping Military 89 Offensive Network Operations Daniel Moore Drawing Inferences from Cyber Espionage 109 Martin C. Libicki The Topography of Cyberspace and 123 Its Consequences for Operations Brad Bigelow Net Neutrality in the Context of Cyber Warfare 139 Kim Hartmann, Keir Giles The Cyber Decade: Cyber Defence at a X-ing Point 159 Robert Koch, Mario Golling Aladdin’s Lamp: The Theft and 187 Re-weaponization of Malicious Code Kārlis Podiņš, Kenneth Geers Cyber Law and Espionage Law as Communicating Vessels 203 Asaf Lubin Internet Intermediaries and Counter-Terrorism: 227 Between Self-Regulation and Outsourcing Law Enforcement Krisztina Huszti-Orban From Grey Zone to Customary International Law: 245 How Adopting the Precautionary Principle May Help Crystallize the Due Diligence Principle in Cyberspace Peter Z. Stockburger Pressing Pause: A New Approach for International 263 Cybersecurity Norm Development Cedric Sabbah Developing Collaborative and Cohesive 283 Cybersecurity Legal Principles Jeff Kosseff Utilizing Air Traffic Communications for OSINT on 299 State and Government Aircraft Martin Strohmeier, Matthew Smith, Daniel Moser, Matthias Schäfer, Vincent Lenders, Ivan Martinovic FeedRank: A Tamper-resistant Method for the Ranking 321 of Cyber Threat Intelligence Feeds Roland Meier, Cornelia Scherrer, David Gugelmann, Vincent Lenders, Laurent Vanbever HTTP Security Headers Analysis of Top One Million Websites 345 Artūrs Lavrenovs, F. Jesús Rubio Melón On the Effectiveness of Machine and 371 Deep Learning for Cyber Security Giovanni Apruzzese, Michele Colajanni, Luca Ferretti, Alessandro Guido, Mirco Marchetti Screen Watermarking for Data Theft 391 Investigation and Attribution David Gugelmann, David Sommer, Vincent Lenders, Markus Happe, Laurent Vanbever Neural Network and Blockchain Based Technique 409 for Cyber Threat Intelligence and Situational Awareness Roman Graf, Ross King Mission-Focused Cyber Situational 427 Understanding via Graph Analytics Steven Noel, Paul D. Rowe, Stephen Purdy, Michael Limiero, Travis Lu, Will Mathews Biographies 449 INTRODUCTION CyCon X is the tenth iteration of the annual International Conference on Cyber Conflict, organised by the NATO Cooperative Cyber Defence Centre of Excellence and taking place in Tallinn from 29 May to 1 June 2018. Over the years, CyCon has become a world-recognised conference addressing cyber conflict and security from the perspectives of technology, strategy, operations, law, and policy. We are always glad to see our friends in Tallinn again – a number of them have been involved with CyCon since its origins a decade ago – and we also welcome newcomers, who can discover the cyber debates and ‘white night’ walks in Tallinn’s Old Town. We are proud to offer them all the opportunity to meet and learn something new from each other. If CyCon has been able to contribute to interdisciplinary understanding of cyber conflict and security throughout the years, then it has achieved its main goal. CyCon X’s core topic is ‘Maximising Effects’. Since the very beginning, cyberspace has provided unparalleled opportunities to achieve effects in new and novel ways. Today, cyberspace provides a technological platform and an environment for diverse actors, with both good and bad motivations, to influence everyone and everything. Maximising effects in the cyber realm is important for business, media, governments and military, and even private users. However, how will this be achieved and what will the consequences be? How will AI, machine learning and big data help to maximise effects in cyberspace? How will international law develop in light of the serious effects of state-sponsored operations that may or may not be hard to attribute? The effects generated through cyberspace, including new instabilities and vulnerabilities, will require new policies, legal frameworks and technological solutions to maximise security. In response to the Call for Papers in June 2017, almost 200 abstracts were submitted in October. After a careful selection and peer review by the Academic Review Committee, this book contains 22 articles whose authors were invited to present at the conference. Christopher Whyte, Brandon Valeriano, Benjamin Jensen, and Ryan Maness describe the prospects for open-source, public data collection for cyber security events and present an initial data collection and analysis of interstate cyber conflict incidents involving the United States. Aaron F. Brantly examines the applicability of deterrence in the digital age and for digital tools, based on examples from both within and beyond cyberspace. Max Smeets and Herbert S. Lin aim to explain if (and how) offensive cyber capabilities have the potential to change the role of military power and argue that these capabilities can alter the manner in which states use their military power strategically. Quentin E. Hodgson seeks to develop an understanding of how 1 states use cyber capabilities to coerce others for political objectives and examines the use of cyber operations by North Korea and Russia in recent years as part of their broader strategies. Daniel Moore argues that military offensive network operations can be usefully cast into a two-part taxonomy: event-based attacks and presence- based attacks – these two types offer different solutions, encompass varying risks, and may require different resources to accomplish. Martin C. Libicki shows how cyber espionage between state adversaries can ‘alter the balance of a confrontation’ and ‘shape the inferences that the other side draws about one’s intentions’ in cyberspace. Brad Bigelow suggests that ‘cyberspace’ as a label for a domain should not be confused with the individual networks – some interconnected
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages464 Page
-
File Size-