发布求助
文献互助 智能选刊 最新文献

2017 International Conference on Cyber Conflict (CyCon U.S.)最新文献

筛选
英文 中文
One year after Warsaw: The growing need for a NATO cyber command 华沙战争后一年:北约网络司令部的需求日益增长
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167513
Siim Alatalu
{"title":"One year after Warsaw: The growing need for a NATO cyber command","authors":"Siim Alatalu","doi":"10.1109/CYCONUS.2017.8167513","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167513","url":null,"abstract":"With cyber on NATO's agenda since 2002 and cyberspace declared a domain of operations for the Alliance at its 2016 Summit, one can ask a straightforward question — how will the Alliance make this declaration work? Starting from defining cyber operations to establishing procedures and delivering practical capability, much needs to be discussed amongst the NATO nations. In a predictable security environment and following all the conventional capacity building steps each of these issues could take years to deliberate. In cyber, however, there is less predictability every moment. One of the ideas that have been proposed as a quick remedy for NATO to deliver on the Warsaw declaration, is the setup of a NATO Cyber Command. One year after Warsaw NATO has yet to take a decision that would establish a NATO-owned cyber-command. Although thus somewhat speculative, the article analyses how and where in the current NCS (NATO Command Structure) a cyber-command can be set up and what should be the key considerations — the ends, ways and means — for NATO in agreeing to its tasks.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114839970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Identifying self-inflicted vulnerabilities: The operational implications of technology within U.S. combat systems 识别自身造成的漏洞:美国作战系统中技术的操作含义
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167505
Rock Stevens
{"title":"Identifying self-inflicted vulnerabilities: The operational implications of technology within U.S. combat systems","authors":"Rock Stevens","doi":"10.1109/CYCONUS.2017.8167505","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167505","url":null,"abstract":"Since the 1970s, the United States has integrated technology into combat platforms to maintain its military superiority. Modern digital vulnerabilities within these platforms place U.S. capabilities and military forces at risk for cyber attack. This paper discusses the impact of digital vulnerabilities for operational commanders through the lens of joint functions and operational factors. The undisciplined pursuit of a technological advantage within its weapons systems stands to revert U.S. military capabilities back to the World War I era. A cursory analysis of these implications yields two policy recommendations that will mitigate risk if adopted. Primarily, the United States needs to extend existing vulnerability disclosure programs to classified capabilities and programs. Secondly, the DoD must implement unscripted attack scenarios within combat readiness exercises that allow commanders to experience the brunt of a cyber attack before lives are at stake in a real-world scenario.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"13 20","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133205162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Considerations for secure and resilient satellite architectures 对安全和弹性卫星架构的考虑
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167508
J. Willis, R. Mills, L. Mailloux, S. Graham
{"title":"Considerations for secure and resilient satellite architectures","authors":"J. Willis, R. Mills, L. Mailloux, S. Graham","doi":"10.1109/CYCONUS.2017.8167508","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167508","url":null,"abstract":"Traditionally, the focus of security and ensuring confidentiality, integrity, and availability of data in spacecraft systems has been on the ground segment and the uplink/downlink components. Although these are the most obvious attack vectors, potential security risks against the satellite's platform is also a serious concern. This paper discusses a notional satellite architecture and explores security vulnerabilities using a systems-level approach. Viewing attacks through this paradigm highlights several potential attack vectors that conventional satellite security approaches fail to consider. If left undetected, these could yield physical effects limiting the satellite's mission or performance. The approach presented aids in risk analysis and gives insight into architectural design considerations which improve the system's overall resiliency.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"190 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123400996","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Cyber security via formal methods: A framework for implementing formal methods 通过形式化方法实现网络安全:实现形式化方法的框架
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167500
J. Rivera
{"title":"Cyber security via formal methods: A framework for implementing formal methods","authors":"J. Rivera","doi":"10.1109/CYCONUS.2017.8167500","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167500","url":null,"abstract":"This paper demonstrates a methodology for how the organizations that employ complex enterprise systems of systems can significantly improve cyber defense while decreasing overall operating costs by using formal methods. The paper demonstrates an approach that uses an event-based methodology to formalize all types of enterprise behavior, to include system, human, and environmental events.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122861135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Proactive identification of exploits in the wild through vulnerability mentions online 通过在线提到的漏洞在野外主动识别漏洞
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167501
Mohammed Almukaynizi, Eric Nunes, Krishna Dharaiya, M. Senguttuvan, Jana Shakarian, P. Shakarian
{"title":"Proactive identification of exploits in the wild through vulnerability mentions online","authors":"Mohammed Almukaynizi, Eric Nunes, Krishna Dharaiya, M. Senguttuvan, Jana Shakarian, P. Shakarian","doi":"10.1109/CYCONUS.2017.8167501","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167501","url":null,"abstract":"The number of software vulnerabilities discovered and publicly disclosed is increasing every year; however, only a small fraction of them is exploited in real-world attacks. With limitations on time and skilled resources, organizations often look at ways to identify threatened vulnerabilities for patch prioritization. In this paper, we present an exploit prediction model that predicts whether a vulnerability will be exploited. Our proposed model leverages data from a variety of online data sources (white-hat community, vulnerability researchers community, and darkweb/deepweb sites) with vulnerability mentions. Compared to the standard scoring system (CVSS base score), our model outperforms the baseline models with an F1 measure of 0.40 on the minority class (266% improvement over CVSS base score) and also achieves high True Positive Rate at low False Positive Rate (90%, 13%, respectively). The results demonstrate that the model is highly effective as an early predictor of exploits that could appear in the wild. We also present a qualitative and quantitative study regarding the increase in the likelihood of exploitation incurred when a vulnerability is mentioned in each of the data sources we examine.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133979827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
The control & capabilities test: How a new legal regime is shaping attribution in cyberspace 控制和能力测试:新的法律制度如何塑造网络空间的归属
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167514
P. Stockburger
{"title":"The control & capabilities test: How a new legal regime is shaping attribution in cyberspace","authors":"P. Stockburger","doi":"10.1109/CYCONUS.2017.8167514","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167514","url":null,"abstract":"Attribution in cyberspace is one of the most difficult questions facing policy makers, lawyers, and jurists. Indeed, the first question often asked in the wake of a cyber incident is “who did it?” The answer to this question is often critical when dealing with the application of international law because it will dictate the rights and responsibilities of States both from an offensive and defensive perspective. Without proper attribution, for example, a State's responsive capabilities are limited. Making matters worse, attribution is difficult to establish factually. Non-State actors often mask their identity, and State actors often hide their true intentions. The degree to which the international rules governing State attribution apply in cyberspace is therefore a matter of great public importance.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126449032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cyber terrain mission mapping: Tools and methodologies 网络地形任务映射:工具和方法
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167504
Jeffrey Guion, Mark Reith
{"title":"Cyber terrain mission mapping: Tools and methodologies","authors":"Jeffrey Guion, Mark Reith","doi":"10.1109/CYCONUS.2017.8167504","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167504","url":null,"abstract":"The Air Force is shifting its cybersecurity paradigm from an information technology (IT)-centric toward a mission oriented approach. Instead of focusing on how to defend its IT infrastructure, it seeks to provide mission assurance by defending mission relevant cyber terrain enabling mission execution in a contested environment. In order to actively defend a mission in cyberspace, efforts must be taken to understand and document that mission's dependence on cyberspace and cyber assets. This is known as cyber terrain mission mapping. This paper seeks to define mission mapping and overview methodologies. We also analyze current tools seeking to provide cyber situational awareness through mission mapping or cyber dependency impact analysis and identify existing shortfalls.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115769598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
1st Troll Battalion: Influencing military and strategic operations through cyber-personas 第一巨魔营:通过网络角色影响军事和战略行动
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167503
S. Hart, Marcus Klink
{"title":"1st Troll Battalion: Influencing military and strategic operations through cyber-personas","authors":"S. Hart, Marcus Klink","doi":"10.1109/CYCONUS.2017.8167503","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167503","url":null,"abstract":"The Twenty-First Century has seen the dawn of the Internet as a pervasive medium by which nearly all information flows. However, the permissive environment in which the Internet was founded fostered a community plagued by Internet trolls, individuals who deliberately post inflammatory, off-topic, or offensive material on online message boards to elicit angst, or other emotions, from their targets. Then American adversaries weaponized information using trolling, and stories of its increased use and technology to influence behavior dominated headlines over the past year. Foreign influence in cyberspace directed towards the 2016 Presidential Election demonstrates how trolling has changed the political environment in the United States. Americans are vulnerable to the influence of these foreign actors, and most troubling, some will not realize foreign intelligence services target their online activities. Adversaries leverage access through Internet trolling to shift public opinion in a new and original way by distributing politically charged narratives and suppressing the free exchange of ideas through a variety of means. By combining cyber operations, information warfare, and military intelligence with automated infrastructure in one military unit, the Troll Battalion, leaders can influence military operations by shaping adversaries' social and political environments while protecting Americans from the effects of foreign trolls. The practical application of influencing strategic and tactical outcomes via cyber-personas requires further analysis for use on the battlefield, and the protection and defense of American leaders, institutions, and persons must also be analyzed to protect Americans from information warfare.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116303638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A framework for cybersecurity assessments of critical port infrastructure 关键港口基础设施网络安全评估框架
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167506
D. Trimble, Jonathon Monken, Alexander F. L. Sand
{"title":"A framework for cybersecurity assessments of critical port infrastructure","authors":"D. Trimble, Jonathon Monken, Alexander F. L. Sand","doi":"10.1109/CYCONUS.2017.8167506","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167506","url":null,"abstract":"Nearly all global economic trade flows through the ports and a broader intermodal transit system in which supporting technology networks are often privately owned and operated. The majority of government oversight and industry cooperation focuses on physical access and the safe construction and operation of ships. The cybersecurity of critical maritime and interconnected infrastructure remains largely unregulated with minimal, if any, assessment or mitigation of cybersecurity risks. These critical infrastructure networks encompass industrial control, SCADA, and information technology systems — much of it proprietary and dependent on operational support or interdependencies in intersecting domains, from energy to transportation. While many operators of the infrastructure are concerned about cybersecurity, the complexity of their systems, interdependence with other sectors, and an outsized public interest in mitigating cyber risks against such crucial economic arteries demonstrates a compelling need for standardized frameworks for assessing cybersecurity risk in the maritime domain. Our work identifies cyber risk factors affecting maritime infrastructure, present barriers to mitigating risks, and proposes the creation of an independent public/private entity for assessing, containing, and mitigating potential risks.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126535665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Solving the fiscal challenge of real-time cyber capability development: How low-cost cyber capability development can be accelerated through the use of Operations and Maintenance funds and what congress can do to help 解决实时网络能力发展的财政挑战:如何通过使用运营和维护资金加速低成本网络能力的发展,以及国会可以提供哪些帮助
2017 International Conference on Cyber Conflict (CyCon U.S.) Pub Date : 2017-11-01 DOI: 10.1109/CYCONUS.2017.8167509
Rebecca K. Lively, M. Curran
{"title":"Solving the fiscal challenge of real-time cyber capability development: How low-cost cyber capability development can be accelerated through the use of Operations and Maintenance funds and what congress can do to help","authors":"Rebecca K. Lively, M. Curran","doi":"10.1109/CYCONUS.2017.8167509","DOIUrl":"https://doi.org/10.1109/CYCONUS.2017.8167509","url":null,"abstract":"This paper addresses contract and fiscal limitations in the acquisition process often seen as a constraint on real-time cyber capability development. First, the paper advocates for increased use of Operations and Maintenance (O&M) funds for low-cost cyber capability development. Using the Air Force's Real Time Operations and Innovation model, the paper suggests a near-term solution for other services to expand their use O&M funds for certain types of cyber capability development. Next, the paper outlines a course of action to better define and expand Department of Defense authority to spend O&M funds for low-cost cyber capability development.","PeriodicalId":259012,"journal":{"name":"2017 International Conference on Cyber Conflict (CyCon U.S.)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127177586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信