An Analysis of Martha Nussbaum's Capabilities Approach with Attention to Her Use of the Term "Threshold"

This paper investigates Martha Nussbaum's capabilities approach, which is influential in current political philosophy and policy making. The capabilities approach is contextualized within the scope of Nussbaum's influences in section I. These influences are primarily Aristotle, Kant, Marx, John Rawls, and Amartya Sen. In section II her own view is explicated with attention to the influences previously described. This section also attempts to clarify certain aspects of her view, such as her use of "person" and "human." This is in order to set the stage for section III, which critiques the various aspects of the approach which were explained in section II. In general, the capabilities approach is found wanting, however there are some useful qualities that are unique to a capabilities approach to political philosophy, ethics, or economics

An Analysis of How Many Undiscovered Vulnerabilities Remain in Information Systems

Vulnerability management strategy, from both organizational and public policy perspectives, hinges on an understanding of the supply of undiscovered vulnerabilities. If the number of undiscovered vulnerabilities is small enough, then a reasonable investment strategy would be to focus on finding and removing the remaining undiscovered vulnerabilities. If the number of undiscovered vulnerabilities is and will continue to be large, then a better investment strategy would be to focus on quick patch dissemination and engineering resilient systems. This paper examines a paradigm, namely that the number of undiscovered vulnerabilities is manageably small, through the lens of mathematical concepts from the theory of computing. From this perspective, we find little support for the paradigm of limited undiscovered vulnerabilities. We then briefly support the notion that these theory-based conclusions are relevant to practical computers in use today. We find no reason to believe undiscovered vulnerabilities are not essentially unlimited in practice and we examine the possible economic impacts should this be the case. Based on our analysis, we recommend vulnerability management strategy adopts an approach favoring quick patch dissemination and engineering resilient systems, while continuing good software engineering practices to reduce (but never eliminate) vulnerabilities in information systems

Cybersecurity Information Sharing: Analysing an Email Corpus of Coordinated Vulnerability Disclosure

Cybersecurity Information Sharing: Analysing an Email Corpus of Coordinated Vulnerability Disclosure. K Sridhar, A Householder, JM Spring, DW Woods. The 20th Workshop on the Economics of Information Security (WEIS 2021

Human decision-making in computer security incident response

Background: Cybersecurity has risen to international importance. Almost every organization will fall victim to a successful cyberattack. Yet, guidance for computer security incident response analysts is inadequate. Research Questions: What heuristics should an incident analyst use to construct general knowledge and analyse attacks? Can we construct formal tools to enable automated decision support for the analyst with such heuristics and knowledge? Method: We take an interdisciplinary approach. To answer the first question, we use the research tradition of philosophy of science, specifically the study of mechanisms. To answer the question on formal tools, we use the research tradition of program verification and logic, specifically Separation Logic. Results: We identify several heuristics from biological sciences that cybersecurity researchers have re-invented to varying degrees. We consolidate the new mechanisms literature to yield heuristics related to the fact that knowledge is of clusters of multi-field mechanism schema on four dimensions. General knowledge structures such as the intrusion kill chain provide context and provide hypotheses for filling in details. The philosophical analysis answers this research question, and also provides constraints on building the logic. Finally, we succeed in defining an incident analysis logic resembling Separation Logic and translating the kill chain into it as a proof of concept. Conclusion: These results benefits incident analysis, enabling it to expand from a tradecraft or art to also integrate science. Future research might realize our logic into automated decision-support. Additionally, we have opened the field of cybersecuity to collaboration with philosophers of science and logicians

Large Scale DNS Traffic Analysis of Malicious Internet Activity with a Focus on Evaluating the Response Time of Blocking Phishing Sites

This thesis explores four research areas that are examined using DNS traffic analysis. The tools used for this analysis are presented first. The four topics examined are domain mapping, response time of anti-phishing block lists to find the phishing sites, automated identification of malicious fast-flux hosting domains, and identification of distributed denial of service attacks. The first three approaches yielded successful results, and the fourth yields primarily negative lessons for using DNS traffic analysis in such a scenario. Much of the analysis concerns the anti-phishing response time, which has yielded tentative results. It is found that there is significant overlap between the automatically identified fast-flux sites and those sites on the block list. It appears that domains were being put onto the list approximately 11 hours after becoming active, in the median case, which is very nearly the median lifetime of a phishing site. More recently collected data indicates that this result is extremely difficult to verify. While further work is necessary to verify these claims, the initial indication is that finding and listing phishing sites is the bottleneck in propagating data to protect consumers from malicious phishing sites

Paramagnetic Nd sublattice and thickness-dependent ferromagnetism in Nd₂NiMnO₆ double perovskite thin films

We investigate ferromagnetic and insulating thin films of the B-site ordered double perovskite Nd2NiMnO6 (NNMO) grown by radio frequency off-axis magnetron sputtering. The films grow epitaxially strained on a selection of substrates and display a strain-independent and bulklike TC of 200K at a thickness of 30 unit cells. We explore the thickness dependence of the NNMO/SrTiO3(001) system and find ferromagnetism down to ultralow thicknesses of only 3 unit cells (∼1.2nm). Below 10 unit cells, the magnetic properties deteriorate due to an interfacial charge transfer caused by the polar discontinuity at the NNMO/SrTiO3 interface. A detailed x-ray magnetic circular dichroism study allows us to separate the magnetic components into a robust ferromagnetic Ni/Mn sublattice and a paramagnetic Nd sublattice.</p