Minhu Ma,Ting Fang,Yue Wang

DOI: https://doi.org/10.3969/j.issn.1002-1965.2016.03.004

2016-01-01

Abstract:Purpose/Significance] With the rapid development of information technology and global integration trend, vulnerabilities and insecurity faced by information systems to promote cybersecurity risks inherent uncertainty intensified. Therefore, how to establish and im-prove cybersecurity information sharing mechanism becomes the focus around the world, and the absence of such necessary mechanisms is a real problem in China presently. US cybersecurity information sharing mechanism, the firstly established one of its type, has developed a highly complete set of provisions, which may act as a useful resource for China in her proactive effort to establish a similar mechanism. [ Method/Process] By analyzing US cybersecurity information sharing mechanism and the characteristics of the legal basis, researching on the US cybersecurity information sharing organizations, and discussing the incentive mechanism and privacy protection mechanism, [ Re-sult/Conclusion] it is suggested that China should establish the cybersecurity information sharing system through legislation, build the cy-bersecurity information sharing organization system, construct a national-level cyber threats intelligence sharing and analysis center, and develop a cyber threats intelligence sharing incentive mechanism.

Qian Hongdao,Jiang Bin

DOI: https://doi.org/10.3785/j.issn.1008-942X.2012.09.221

2013-01-01

Abstract:From a global perspective,although the protection of freedom of expression will still be a problem in many countries,the new challenge of freedom of expression in the age of Internet is that people with ability and freedom to communicate freely tend to communicate only with people they agree with.This kind of ineffective communication leads to not only some negative consequences as "debates and communication cannot help people get close to the truth," but also to some serious negative ramifications as political division and social contradiction.In 2004,Ronald Dworkin delivered his concern in his writings on political division in American democracy.He also put forward his theoretical solution —"return to the common background." However,Dworkin's solution is more like an ideal one lack of practical strategy and workable operation.This article proposes a principle of "New Public Forum" and expects to solve the problem on a systematic,strategic and operational level.The principle of traditional public forum considers its main goal as solving the dilemma between the valuable role of mass media and the right of individuals to express freely and effectively.Today we have to deal with another dilemma because whereas the internet improves people's capability of sending and receiving information and expressing their opinions,the effectiveness of communication itself is still being threatened.Cyberkans,a phenomenon of worldwide network Balkanization,is the linchpin in this dilemma.Cyberkans results from complex factors such as political and legal policies,business strategies of Internet product manufacturers and a more crucial one that ordinary people as consumers tend to choose the internet product to help them filter for favorable information and opinions.In the Internet era,people not only rely on information filtration,but also prefer and actively choose filtering tools.They are fond of "personalized" products,which inevitably lead to information "cocoon" and "Daily Me." That is why people with different values,different preferences and different interests are easily separated and divided into different groups.Furthermore,opinions and beliefs in divided groups tend to become extreme in the process of "Group Polarization," which intensifies social contradictions and affects social stability because of the lack of effective debate and communication.Malfunction of the marketplace of opinions,group polarization and tagging tendency all manifest certain kind of ineffective communication resulting from Cyberkans. There are at least two solutions for these problems.The first one is to remove all separation institutes and integrate all information into one platform.This proposal fundamentally denies the network users' choices and overthrows market mechanism in the Network Economy,that's why it can only be applied to some web sites of government and other public service departments.The second solution is to establish a new kind of "Public Forum" for effective communication meanwhile keeping commodity market of internet working by itself.This new Public Forum Doctrine includes the test of extensity,compatibility and,the most important,efficiency.Extensity Test requires the forum to reach as many opinion groups as possible.Compatibility Test requires the forum to contain as many different opinions as possible.Efficiency Test requires political debaters to follow certain kind of regulations to make sure debates are reasonable and yield reasonable results.Considering the actual situation in China,the traditional mainstream media has the responsibility and capability to become the platform of the new public forum.

cuihong cai

DOI: https://doi.org/10.1142/S2377740015500189

2015-01-01

China Quarterly of International Strategic Studies

Abstract:"Cybersecurity" has become a topic of great strategic importance concerning both national and international security, especially after Edward Snowden's disclosure of the secret surveillance programs of the U. S. government. With the largest number of netizens in the world, China holds its own views, beliefs, and assumptions on this topic. To understand the current disputes over international cybersecurity and to identify challenges and opportunities presented to international cybersecurity cooperation, it is of great significance to examine "cybersecurity" in the Chinese context. This article deals with the following issues from a Chinese perspective: cyberspace and cybersecurity in general, China's vital cybersecurity interests and threatening challenges, and barriers to further progress in international cybersecurity cooperation. It is concluded that China's understanding of cybersecurity, which derives from its unique national conditions, does not limit its willingness to participate in international cybersecurity cooperation.

Shen Yi

DOI: https://doi.org/10.13549/j.cnki.cn11-3959/d.2010.04.008

2010-01-01

Abstract:Till now,the US has already established a national cyber security strategy which mainly focuses on shaping the global cyber space.At the same time,the strategy assumes that China is the main source of threat.The reason why cyber security is so important to Sino-US relationship is not only because of its effect on real interests,i.e.the development of economy,but also of its effect on the sensitive issue of sovereignty.More than the immediate shock in short term,the cyber security issues,if they cannot be properly managed,will also do harm to the basic conception of strategic stability between these two countries.Researching on how to buffer the shock and transform it into a new field that could promote cooperation between China and US would contribute to the further development of bilateral relationship,and help to promote the strategic stability as well.

Le Cheng,Yuxin Liu,Yun Zhao

DOI: https://doi.org/10.1515/ijld-2021-2058

2021-01-01

International Journal of Legal Discourse

Abstract:This study uses a combinative method of quantitative and qualitative discourse analysis applying the discourse-historical approach (DHA), based on a self-built special corpus composed of the U.S. laws, policies and strategy documents that are directly related to critical information infrastructure protection (CIIP); through a Word List ranked by frequency, it is found that there seems to be a coherent securitizing system which has been formed in the U.S. CIIP legislative practices, with some specific considerations in the CIIP policy-making process including the strategy for risk management. By further investigating the internal institutional relationships and institutional mechanisms with corpus tools, four discursive features and strategies of the U.S. CIIP institutional discourse can be discovered: the leading role of private and specific institutions in public-private cooperation; the coexisting characteristics of generality and precision in the process of object definition; the center-divergent institutional settings in executing CIIP execution; and the coordinating discourse patterns for CIIP within the U.S. legislation. Those discursive practices concerning different institutional actors can be further explained in the broader context of the U.S. social reality. This study is not only helpful in better understanding the legal practices in U.S. cybersecurity, but also provides some meaningful insights on CIIP legislation to policy makers in other countries as well as at the international level.

LI Jian-hua

DOI: https://doi.org/10.11959/j.issn.2096-109x.2016.00028

2016-01-01

Abstract:With a rapid development of information technologies including big data, cloud computing, Internet of things, etc., the threats in cyber space also become more ubiquitous and complex. Moreover, more and more persis-tence and hidden features present in all kinds of network attacks. Threat intelligence based network defense can analyze the undergoing attacks and predict the threat situation in the future. Furthermore, based on the potential risk, users can define efficient security policy, thus the defense capabilities of the cyber space could be enhanced system-atically. Threat intelligence is a very wide research area. The research works and developments of the sensing, shar-ing and analysis for threat intelligence were studied and reviewed deeply.

Yue Lin,He Wang,Bowen Yang,Mingrui Liu,Yin Li,Yuqing Zhang

DOI: https://doi.org/10.1007/978-3-030-30619-9_18

2019-01-01

Abstract:In the process of increasing cybersecurity attack and defense confrontation, there is a natural asymmetry between the offensive and defense. The Cyber Threat Intelligence (CTI) sharing mechanism is an effective means to improve the emergency-response ability of the protection party. However, currently, there are no effective sharing schemes in the community network to facilitate cross-sector threat intelligence sharing. This paper presents a collaborative threat intelligence sharing mechanism based on the blackboard model, which can be used to identify potential risks, prevent cyber attacks at an early stage, and facilitate community incident response. According to the China National Standard “Cyber security threat information format”, we divide threat intelligence sharing into routine and attack-specific threat intelligence sharing. Also, we design an attack-specific threat intelligence sharing module based on the blackboard model and describe the sharing process. Finally, we design the blackboard monitoring mechanism as a Multi-Agent System (MAS) to realize many tasks in the sharing process. Our scheme is illustrated by several CTI sharing scenarios in the community.

Ming Liu,Zhi Xue,Xiangjian He,Jinjun Chen

DOI: https://doi.org/10.1109/mce.2019.2892220

2019-01-01

IEEE Consumer Electronics Magazine

Abstract:The term cyberthreat intelligence (CTI) is widespread and gaining much attention in the area of the Internet of Things (IoT), as CTI has shown capabilities regarding the defense of advanced persistent threats (APTs). The key component of CTI is the sharing of threat information, which conventionally was a time-consuming manual process.

Min-hu MA,Ning MA

2015-01-01

Abstract:Currently,China’s national cyber-security inspection system still has many legal puzzle-ments waiting to be solved urgently,as well as some “misinterpretations”.To avoid the damage to its justification caused by the “trade protectionism”,we should purposely implement the Chinese strate-gies in order to achieve the ideal state for this system with the risk-control as the aim,IT supply chain as the inspection coverage and the legislation and criterion as the basis.

Yue Wang,Ting Fang,Minhu Ma

DOI: https://doi.org/10.3969/j.issn.1002-1965.2016.01.004

2016-01-01

Abstract:Purpose/Significance] The informationization of critical infrastructure is developing rapidly. With the evolution of informa-tion technology and deepening of understanding on information security, how to establish and improve critical infrastructure information se-curity monitoring and warning mechanism has become a worldwide hotspot problem. [ Method/Process] The US, as the first country es-tablishing critical infrastructure information security protection regulation, experienced three stages:information system security stage, anti-terrorism and homeland security stage and cyberspace security stage, and has developed a set of critical infrastructure information security monitoring and warning mechanism. [ Result/Conclusion] This article explores the US critical infrastructure information security monito-ring and warning from its organization, information collection and analysis mechanism and information sharing mechanism, thus provides useful reference for the establishment and improvement of China's critical infrastructure information security monitoring and warning mech-anism. It conchldes that a monitoring and warning mechanism oriented critical infrastructure information sealrity protect regulation should established in China.

Le Cheng,Jiaxuan Qiu,Yi Yang

DOI: https://doi.org/10.1515/ijld-2023-2014

2023-01-01

International Journal of Legal Discourse

Abstract:Based on a self-built corpus of Chinese cybersecurity legislation, this study explores the construction of China’s official cybersecurity discourse via deconstructing cybersecurity legislation from the perspective of system theory. Analysis focusing on the internal features of the discourse obtains the themes, actors, and legal relations in China’s cybersecurity legislation. Among four pairs of legal relations, system theory provides an explanation for the tension between public-private legal relationship and private-private legal relationship, that is, whether the legislative system chooses to delegate network operators with administrative function depends on how the system perceives the nature of cybersecurity issues and integrate new issues into securitization process. Furthermore, the external features of legislation discourse reveal the changes in the number of all levels of cybersecurity legislation. It is found that the coupling resonance of the political system and the legal system promotes the development of relevant legislation, and facilitates the self-development legislation system to transfer from diversified legislation to unified legislation.

Chunhui Wang,Le Cheng,Jiamin Pei

DOI: https://doi.org/10.1515/ijld-2020-2025

2020-01-01

International Journal of Legal Discourse

Abstract:This study aims to examine China's approach to the cyber governance, especially the discourse of Internet information, through a detailed investigation of the Provision on Ecological Governance of Internet Information Content. The findings in this study indicate that China's approach to the governance of Internet information possesses the following essential features: the clarification of the dialectical relationship between Internet freedom and order, the unification of carrying forward positive energy and restraining negative information, the people-oriented and bottom-up participatory approach to the ecological governance of Internet information, as well as the strictly prohibitive conducts of three key administrative counterparts. The underlying reasons for choosing such an ecological path to regulate the Internet information can be attributed to China's national configuration, including its political system, cultural tradition, status quo of the Internet development, and the pervasive cybersecurity challenges facing its society. It is thus argued that the governance of Internet information, characteristic of spatiality, can merely be construed within specific socio-political and cultural contexts. Albeit the spatiality of the governance of the Internet information, China's approach can serve as a model for other nations to develop their own governance discourses pertaining to the Internet information. This study aims not only to unpack the Chinese discourse of the ecological governance of Internet information but also to provide useful insights into the discourse and practices of global cyber governance.

Jin Ju,Liang Zhanping

DOI: https://doi.org/10.3969/j.issn.1003-2797.2006.04.017

2006-01-01

Abstract:This paper analyzes the reasons of CTI's emergence in USA,CTI's basic issues,the application and development of CTI in USA,the important implications of CTI's development,the enlightenment of CTI's development in USA on China,by reviewing and summarizing the situation,characteristics and practices of CTI' development in USA,in order for China's CTI professionals to learn the American experience and lessons in CTI profession.

Tian Zhihong,Fang Binxing,Liao Qing,Sun Yanbin,Wang Ye,Yang Xu,Feng Jiyuan

DOI: https://doi.org/10.15302/j-sscae-2023.06.007

2023-01-01

Abstract:The rapid development of network attack and defense technologies has posed various challenges to current cybersecurity assurance systems.Therefore,studying a new cybersecurity assurance system has become an urgent need to promote the development of information technologies and is of strategic significance for strengthening the network security and availability in China.This study summarizes the operation status of and major security challenges faced by China's current cybersecurity guarantee system that features a self-defense mode.A cybersecurity guarantee system based on a guard mode and its key technical tasks are proposed.Specifically,the tasks include honey point technology based on deep threat perception,honey court technology based on attack observation and discrimination,honey matrix technology based on collaborative linkage,and honey hole technology based on attack deterrence and mapping.Furthermore,we propose the following suggestions:(1)exploring the cybersecurity assurance mechanisms based on the guard mode to comprehensively improving the cybersecurity protection level of China;(2)exploring the research and application of security protection technologies based on the guard mode and achieving the integration of existing and new security protection technologies;(3)exploring a new talent-training model to cultivate innovative and practical professionals in the cybersecurity field.

Zheng-ming Li,Qile He,Xi Guo

DOI: https://doi.org/10.1109/TEM.2020.3029019

IF: 8.702

IEEE Transactions on Engineering Management

Abstract:The rising number of cyberattacks and cybercriminals around the world has put major threats on the cybersecurity and even the national security of many countries. In response, governments started to introduce policies and regulations to improve cybersecurity. It is increasingly realized that effective cybersecurity policy making largely depends upon optimized policy attention and the effective use of public resources. This article draws on the “attention-driven policy choice model” and the punctuated equilibrium theory to analyze the relationship between policy attention allocation, policy agenda setting, and the choice of policy tools in different periods of cybersecurity development. Using Chinese cybersecurity development as the main context, content analysis of policy texts was conducted to examine the pathway of cybersecurity policy development in China between 1994 and 2019. The findings suggest that there is evidence for punctuated equilibrium with policy stagnation and incrementality being broken up by major events which shift policy attention and subsequently affects agenda setting and the choice of policy tools. The findings of this article will provide important implications for the development of strategic foresight of cybersecurity and the effective use of public resources to improve cybersecurity.

Political Science,Computer Science

Xingbang Ma,Dongsheng Yu,Yanhui Du,Lanting Li,Wenkai Ni,Haibin Lv

DOI: https://doi.org/10.3390/electronics12112454

IF: 2.9

2023-05-30

Electronics

Abstract:With the development of the Internet, cyberattacks are becoming increasingly complex, sustained, and organized. Cyber threat intelligence sharing is one of the effective ways to alleviate the pressure on organizational or individual cyber security defense. However, the current cyber threat intelligence sharing lacks effective incentive mechanisms, resulting in mutual distrust and a lack of motivation to share among sharing members, making the security of sharing questionable. In this paper, we propose a blockchain-based cyber threat intelligence sharing mechanism (B-CTISM) to address the problems of free riding and lack of trust among sharing members faced in cyber threat intelligence sharing. We use evolutionary game theory to analyze the incentive strategy; the resulting evolutionarily stable strategy achieves the effect of promoting sharing and effectively curbing free-riding behavior. Then, the incentive strategy is deployed to smart contracts running in the trusted environment of blockchain, whose decentralization and tamper-evident properties can provide a trusted environment for participating members and establish trust without a third-party central institution to achieve secure and efficient cyber threat intelligence sharing. Finally, the effectiveness of the B-CTISM in facilitating and regulating threat intelligence sharing is verified through experimental simulation and comparative analysis.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhikai Yan,Yanfei Wang

DOI: https://doi.org/10.3969/j.issn.1002-1965.2016.07.001

2016-01-01

Abstract:Purpose/Significance] The "National Security Law" of 2015 provides a new background for the Chinese Intelligence Sci-ence. The intelligence circles should take this opportunity to respond and interpretate the articles of the law, to promote the continuous im-provement of theory. [ Method/Process] By analyzing the relevant legal provisions, this paper presents the challenges and opportunities faced by intelligence theory, then points out several problems, for example, the basic concept of intelligence is not uniform, the object of study is not clear, the theory is out of touch with reality,etc. [ Result/Conclusion] Intelligence circles should make clear of the object of study, research methods and research positions, and create a new situation of intelligence science in the new national security background.

Tianchi Lu,Chao Min,Yilin Gao,Yang Li

DOI: https://doi.org/10. 3969/j. issn. 1002-1965. 2019. 11. 006

IF: 3.1759

2019-01-01

Journal of Intelligence

Abstract:[Purpose/Significance]Since the founding of People's Republic of China,trade frictions between China and the United States have occurred from time to time. Although the field of artificial intelligence technology in China is developing rapidly,there is still a gap between China and the United States in artificial intelligence technology. With the implementation of the National Intelligence Law of the People's Republic of China,China should pay more attention to the role of competitive intelligence in international competition. In the new era of AI,through the research of key controlled technologies in developed countries such as the United States,we can provide important reference for the development and strategic investment in related fields of science and technology in China. [ Method/Process] Through quantitative analysis of the AI-related contents in the US Commodity Control List,this paper explores the key control areas in the United States and the related scientific and technological fields in urgent need of development in China. [Result/Conclusion]It is found that the United States has strategic competitive advantages in basic technology research,interdisciplinary and collaborative innovation,as well as e- merging applications and innovative development in areas related to AI. Based on this discovery,the paper puts forward suggestions and measures for the future development of AI technology in China from the perspective of competitive intelligence for the government,enter-prises and research institutions.

Manshu XU,Chuanying LU

DOI: https://doi.org/10.1007/s42533-021-00079-7

2021-06-01

China International Strategy Review

Abstract:In the past decade, cyber security issues have led to multiple conflicts between China and the United States, resulting in significant risks and threats to the cooperation of the two countries in cyberspace. Despite early successes and failures, cyber-crisis management is still in its infancy. Challenges, such as the misreading of cyberspace strategic intentions and the ideologization of technology competition, are very real. In the future, the two sides need to work together to seek consensus on the basic principles of crisis management, emphasize the important role of academic exchanges, and take confidence-building measures to lay the foundation for cooperation in cyber-crisis management.

LIU Ting,TIAN Jue,WANG Jia-Zhou,WU Hong-Yu,SUN Li-Min,ZHOU Ya-Dong,SHEN Chao,GUAN Xiao-Hong

DOI: https://doi.org/10.16383/j.aas.2018.c180461

2019-01-01

Abstract:Cyber-physical system (CPS) is an intelligent system consisting of computing units and physical objects that highly interact with each other through the network. The combination of cyber system and physical system is promoting the performance of the CPS. At the same time, it also introduces a new integrated security threat into CPS, which combines engineering safety threat of physical system and information security threat of cyber system. In this paper, concepts and security status of CPS are introduced, and the concept of CPS integrated security is defined. After analyzing several existing security accidents in CPS, a new threat model of CPS integrated security is proposed. Existing CPS attacks and defense methods are classified and summarized from a perspective of temporal and spatial correlation. The future research of CPS integrated security is discussed.