The Ethics of Cyber Attack: Pursuing Legitimate Security and the Common Good in Contemporary Conflict Scenarios

ABSTRACT

Cyber attack against Critical National Infrastructure is a developing capability in state arsenals. The onset of this new instrument in national security has implications for conflict thresholds and military ethics. To serve as a legitimate tool of policy, cyber attack must operate in accordance with moral concerns. To test the viability of cyber attack, this paper provides a new perspective on cyber ethics. Cyber attack is tested against the criteria of the common good. This involves identifying the four core components of the common good from a conflict perspective: respect for the person; social wellbeing; peace and security; and solidarity. The fate of these components is assessed in relation to the six key characteristics of cyber attack from a moral standpoint: security; the role or absence of violence; discrimination; proportionality; cyberharm; and the threshold of conflict. It is concluded that the common good must be incorporated into developing state cyber strategies.     

Optimal patrol to uncover threats in time when detection is imperfect

Consider a patrol problem, where a patroller traverses a graph through edges to detect potential attacks at nodes. An attack takes a random amount of time to complete. The patroller takes one time unit to move to and inspect an adjacent node, and will detect an ongoing attack with some probability. If an attack completes before it is detected, a cost is incurred. The attack time distribution, the cost due to a successful attack, and the detection probability all depend on the attack node. The patroller seeks a patrol policy that minimizes the expected cost incurred when, and if, an attack eventually happens. We consider two cases. A random attacker chooses where to attack according to predetermined probabilities, while a strategic attacker chooses where to attack to incur the maximal expected cost. In each case, computing the optimal solution, although possible, quickly becomes intractable for problems of practical sizes. Our main contribution is to develop efficient index policies—based on Lagrangian relaxation methodology, and also on approximate dynamic programming—which typically achieve within 1% of optimality with computation time orders of magnitude less than what is required to compute the optimal policy for problems of practical sizes. © 2014 Wiley Periodicals, Inc. Naval Research Logistics, 61: 557–576, 2014     

防空体系反制网电攻击的UML与Petri网模型

网电攻击装备的出现,给传统防空体系带来全面严峻的新威胁。通过分析"舒特"系统,得到网电攻击3种典型作战样式:物理摧毁、电子攻击和网络攻击,分别从物理层次、能量层次和网络层次探索了防空体系反制网电攻击策略。为描述防空体系反制网电攻击的对策、作战结构、作战步骤等问题,分别建立了统一建模语言(UML)和Petri网模型,从理论上初步探索了防空体系反制网电攻击的对策,具有一定的理论与现实意义。     

Nuclear deterrence and cyber warfare: coexistence or competition?

Nuclear deterrence and cyber war seem almost antithetical in their respective intellectual pedigrees. Nuclear weapons are unique in their ability to create mass destruction in a short time. Information or “cyber” weapons, at least for the most part, aim at sowing confusion or mass disruption instead of widespread physical destruction. Nevertheless, there are some intersections between cyber and nuclear matters, and these have the potential to become troublesome for the future of nuclear deterrence. For example, cyber attacks might complicate the management of a nuclear crisis. As well, information attacks on command-control and communications systems might lead to a mistaken nuclear launch based on false warnings, to erroneous interpretations of data or to panic on account of feared information blackout. It is not inconceivable that future nuclear strike planning will include a preliminary wave of cyber strikes or at least a more protracted “preparation of the battlefield” by roaming through enemy networks to plant malware or map vulnerabilities.     

Precision cyber weapon systems: An important component of a responsible national security strategy?

Given the advances made in conventional weapon capabilities, precision should by now be the accepted and expected norm in cyberspace as well. In this article I argue that developing precision cyber weapon systems, to be used during a lawful conflict, can be an important part of a responsible national security strategy to reduce the amount of violence and physical destruction in conflicts. I first describe a precision cyber weapon system in a military context. I then present three compelling rationales for the development of precision cyber weapon systems based on ethical, operational, and financial considerations. To support the position, I address several arguments that have been levied against their development. Thereafter I present several recommendations for a way ahead.     

网络舆论战的心理学意义

从舆论战和网络舆论战的概念和特点出发,阐述了心理学在网络舆论战中的重要作用。综合心理学理论和舆论传播理论分析了网络舆论形成的心理机制,得出了网络舆论是通过个体心理和群体心理两个阶段而形成的结论。根据这个结论,提出了网络舆论引导的具体策略。即在个体层面上,通过操纵信息来影响人的认知;在群体层面上,通过塑造引导者主体的可信性和喜爱性,以及网络技术手段来增强舆论引导的效果。最后,指出了网络舆论战的发展前景在于充分考虑受众的心理,有针对性地进行舆论引导。     

Allocating capacity in parallel queues to improve their resilience to deliberate attack

We develop models that lend insight into how to design systems that enjoy economies of scale in their operating costs, when those systems will subsequently face disruptions from accidents, acts of nature, or an intentional attack from a well‐informed attacker. The systems are modeled as parallel M/M/1 queues, and the key question is how to allocate service capacity among the queues to make the system resilient to worst‐case disruptions. We formulate this problem as a three‐level sequential game of perfect information between a defender and a hypothetical attacker. The optimal allocation of service capacity to queues depends on the type of attack one is facing. We distinguish between deterministic incremental attacks, where some, but not all, of the capacity of each attacked queue is knocked out, and zero‐one random‐outcome (ZORO) attacks, where the outcome is random and either all capacity at an attacked queue is knocked out or none is. There are differences in the way one should design systems in the face of incremental or ZORO attacks. For incremental attacks it is best to concentrate capacity. For ZORO attacks the optimal allocation is more complex, typically, but not always, involving spreading the service capacity out somewhat among the servers. © 2011 Wiley Periodicals, Inc. Naval Research Logistics, 2011     

级联失效下非对称依赖网络鲁棒性研究

研究级联失效下网络化信息物理系统的鲁棒性具有重要的现实意义。针对具有单向依赖关系的信息物理系统构建双层非对称依赖网络模型,综合依赖失效和过载失效设计级联失效模型,提出一种更贴近实际的非对称攻击方式,并给出一种资源限制下的节点容量分配方式。针对无标度子网构成的非对称依赖网络进行了仿真实验,结果表明:网络鲁棒性与子网络平均度、度指数、节点容量等呈正相关关系;同配依赖网络以及按度值分配节点容量的网络具有更高的鲁棒性;非对称依赖网络面对蓄意攻击时具有脆弱性;以同等力度单独攻击被依赖子网时,网络受到的损伤更大。构建的模型及发现的规律对于研究网络鲁棒性、优化网络设计具有一定的参考价值。     

SHA-512算法及其基于生日攻击的安全性分析

生日攻击是一种通用的碰撞攻击方法,它可用于攻击任何类型的散列函数。分析了SHA-512的算法原理,讨论了生日攻击的碰撞阈值和攻击步骤,并对SHA-512算法在生日攻击下的安全性进行了分析。通过分析得出SHA-512所有消息块处理完后得到了8个64位变量H0-H7的数据级联,并且输出散列码是512位,这对于攻击者来说是不可预测的,猜中的概率可以忽略,而找到目标消息的碰撞的计算复杂度为2256。所以,相对来说SHA-512的安全性比MD5,SHA-1等要高,采用SHA-512后将更能抵抗生日攻击,并能抵御已知密码分析攻击。     

The Effects of Terrorism on Turkish Financial Markets

Abstract

In this research, we analyzed how Turkish financial markets and foreign investors in the stock market reacted to the terror attacks in Turkey. Our analysis, which was performed using the terror index for the stock market and the foreign exchange market, revealed that returns, abnormal returns, and cumulative abnormal returns were not affected by the terror attacks; however, foreign investors in the stock market were affected. When the geographic regions of the terror attacks were analyzed, the findings showed that foreign investors were negatively affected mainly by the terror attacks that occurred in southeast Anatolia. Attack type and target type were important only for foreign investors. An evaluation of the interaction between the terror attacks and the markets with the involvement of the terrorist organizations indicated that only the foreign investors in the stock market were affected by Al-Qaeda and PKK-linked terror attacks. An evaluation of the effect of terror attacks in foreign countries on Turkish financial markets revealed no effect on the domestic stock market and foreign exchange markets. We also examined the volatility spillovers from the terror index to the stock market and found that terrorist attacks increased the volatility of the stock market.     

无线自组织网络跨层攻击检测博弈模型

无线自组织网络中的跨层攻击具有比单层攻击更强的隐蔽性、更好的攻击效果或更低的攻击成本.为了检测无线自组织网络中的跨层攻击,提出了一种基于博弈论的攻击检测模型.由于攻击不可避免地会对各协议层的参数造成影响,因此模型从协议层攻防博弈的角度,建立起相应的策略矩阵和支付矩阵,并通过均衡分析得到该模型的混合策略纳什均衡解.仿真结...     

Disrupt and restraint: The evolution of cyber conflict and the implications for collective security

In the last decade, cyber conflict has become a main feature of international politics and a growing concern for strategic stability and collective security. Unfortunately, cyber conflict suffers from a lack of conceptual clarity about its impact on collective security and a lack of consensus among international actors on how to interpret it. This article proposes to understand cyber conflict as an evolving process driven by two factors: the way in which digital space is configured and the way in which tactical, organizational, strategic, and doctrinal characteristics related to cyber have been included in the field of national and international security. Both tend to encourage offensive behavior but also demonstrate features pointing to restraint.     

How Different Terrorist Attacks Affect Stock Markets

Terrorist attacks adversely affect the Pakistani stock market. However, such effect is short-lived: the market recovers from terrorist shocks in one day. The impact of attack depends on the locations and types of attack. The more severe the attack (i.e. more people killed), the more negative is the KSE-100 index return. Most interestingly, stock market contains information about future attacks. In sum, different tactics of terrorists have varied effects on financial markets, which in turn can predict terrorist attacks.     

网络舆论战的理论探析

网络舆论战是一种新型作战样式。加强网络舆论战研究,既是信息化战争的时代要求,又是实现强军目标的客观需要,对于丰富具有我军特色的现代舆论战理论体系,推动我军政治工作的创新发展,具有十分重要意义。文章通过论述网络舆论战的地位作用和主要特点,对开展网络舆论战的基本战法进行了探讨。     

Middle Powers And The Demand For Military Expenditures

This paper identifies and classifies middle power nations through the use of broad political science definitions, the demand for military expenditures models and gross domestic product (GDP) per capita. The latter is used as a simple quantifiable measure of relative and potential military power. The paper also develops and utilizes a threat variable that is applicable to middle power nations. The panel data analysis shows that the middle power nations react to threat variables that proxy global instability utilize foreign aid as a complementary policy tool along with military expenditures, and face significant trade-offs between military and non-military government spending.     

潜艇信息系统信息安全与纵深防护策略研究

随着网络中心战的发展，信息安全问题在现代潜艇系统中的重要性日益凸显。首先分析潜艇信息安全问题的背景、总结其研究现状，然后研究了潜艇信息安全需求及属性定义，探讨了潜艇信息系统信息安全防护整体框架，在此基础上提出了一种综合静态安全防护和动态运行安全防护的潜艇信息系统信息安全纵深防护体系结构。以期为解决潜艇系统设计中的安全缺陷、建立潜艇信息安全防护体系，辅助系统维护、保障系统安全提供基础。     

军民融合视角下的美国网络安全人才战略

由于网络技术的军民两用特性,军民融合是提升网络空间安全能力的必然选择。而网络空间的竞争,归根结底是人才竞争。网络安全人才战略必须有效应对人才资源整体不足的现实困难,通过合理配置资源和创建创新机制安排,推进军民融合式的网络安全人才体系建设。美国高度重视人才在网络安全战略体系中的关键作用,通过宏观政策引导、创新交流机制、拓宽吸纳渠道等多种方式,为构建军民融合式的网络安全人才战略提供了经验借鉴。     

浅析经济原则在网络语言中的应用

随着网络技术的发展,网络语言作为一种新的语言媒体和社会方言,越来越得到人们的重视。在不同的学术领域,专家对网络语言作出不同的诠释和研究。主要从构词、句法、非语言符号三个角度来分析经济原则在网络语言中的普遍使用,并从聊天室中收集、归纳、分析相关语料来证明经济原则的存在,及在网络空间中普遍使用的原因。对网络语言的深入研究,将更有助于人们了解语言在以高科技为背景条件下发展趋势。当网络语言冲击传统语言时,要树立正确的态度面对语言的发展。     

阈下听觉技术研究及其应用

从网络空间侦察能力、指挥控制能力、精确攻击能力、防御能力和评估能力等五个方面,对网络空间支援力量的核心支援能力进行了系统论述,提出建设军队网络支援力量、应对网络空间安全威胁的新思考和新观点。研究认为,当前我军在网络空间的安全意识、核心技术、均衡发展等方面面临严峻困难。为实现网络强国的奋斗目标,需要加强国家网络安全的顶层设计,增强网络技术自主创新能力,强化军民融合式建设和系统常态的攻防训练等。     

一种可扩展的Cyber空间作战体系描述模型

研究了Cyber空间作战体系模型构建技术,提出一种面向Cyber空间作战模拟的战争系统建模新思路,并以此为基础提出了Cyber空间作战体系一体化逻辑网络模型。将Cyber空间作战涉及到的敌我双方作战实体视为一个整体系统的组分,抽象为网络模型的实体节点,实体间的各种合作、协同、对抗等不同类型交互行为统一抽象为网络模型的逻辑边。针对网络模型的节点和边分别建立了基于本体的实体描述模型和基于OO-LAMBDA语言的行为描述模型。通过一个真实战例的仿真实验验证了本文提出的方法的有效性和正确性。