11,766 research outputs found
Cyber-Deception and Attribution in Capture-the-Flag Exercises
Attributing the culprit of a cyber-attack is widely considered one of the
major technical and policy challenges of cyber-security. The lack of ground
truth for an individual responsible for a given attack has limited previous
studies. Here, we overcome this limitation by leveraging DEFCON
capture-the-flag (CTF) exercise data where the actual ground-truth is known. In
this work, we use various classification techniques to identify the culprit in
a cyberattack and find that deceptive activities account for the majority of
misclassified samples. We also explore several heuristics to alleviate some of
the misclassification caused by deception.Comment: 4 pages Short name accepted to FOSINT-SI 201
Cyber Warfare and the Crime of Aggression: The Need for Individual Accountability on Tomorrow’s Battlefield
As cyberspace matures, the international system faces a new challenge in confronting the use of force. Non-State actors continue to grow in importance, gaining the skill and the expertise necessary to wage asymmetric warfare using non-traditional weaponry that can create devastating real-world consequences. The international legal system must adapt to this battleground and provide workable mechanisms to hold aggressive actors accountable for their actions. The International Criminal Court--the only criminal tribunal in the world with global reach--holds significant promise in addressing this threat. The Assembly of State Parties should construct the definition of aggression to include these emerging challenges. By structuring the definition to confront the challenges of cyberspace--specifically non-State actors, the disaggregation of warfare, and new conceptions of territoriality--the International Criminal Court can become a viable framework of accountability for the wars of the twenty-first century
Traffic and Log Data Captured During a Cyber Defense Exercise
Cybersecurity research relies on relevant datasets providing researchers a snapshot of network traffic generated by current users and modern applications and services. The lack of datasets coming from a realistic network environment leads to inefficiency of newly designed methods that are not useful in practice. This data article provides network traffic flows and event logs (Linux and Windows) from a two-day cyber defense exercise involving attackers, defenders, and fictitious users operating in a virtual exercise network. The data are stored as structured JSON, including data schemes and data dictionaries, ready for direct processing. Network topology of the exercise network in NetJSON format is also provided
The Bastion Network Project
Workshop on Education in Computer Security (WECS) 6The Naval Postgraduate School’s Center for Information Systems Security Studies and Research (CISR)
has developed a small, but realistic network lab—the Bastion Network—that is dedicated to educating
students in the myriad elements involved in the secure operation of a computer network. This paper
describes the rationale for this network lab, and offers an overview of a simple framework that could
accommodate educational network interaction with other schools that have similar IA educational goals,
and that have, or may soon acquire, similarly designated labs. The framework describes the essential
elements of a memorandum of understanding, and twelve suggested inter-network cyber-exercise
scenarios
Jack Voltaic 3.0 Cyber Research Report
The Jack Voltaic (JV) Cyber Research project is an innovative, bottom-up approach to critical infrastructure resilience that informs our understanding of existing cybersecurity capabilities and identifies gaps. JV 3.0 contributed to a repeatable framework cities and municipalities nationwide can use to prepare. This report on JV 3.0 provides findings and recommendations for the military, federal agencies, and policy makers
- …