Tae-hoi Huh,Sangho Lee,Woo-Young Chang

DOI: https://doi.org/10.1177/223386590701000112

2007-03-01

International Area Review

Abstract:with rapid development of science and technology and the evolution of information revolution, International security environment is being reshaped. Important factors that determine national security competence—military operations, intelligence information on advanced weapons and enemy forces, economic activities that form the poles of national power, government's major systems—are exposed to hostile cyber attacks or accidental intrusions. Therefore, protecting information systems has emerged as an urgent national security issue. In particular, in waging wars, the concept of electronic/communications war that seek destruction of enemy command and control system, has been transformed into a more comprehensive and proactive concept of information warfare by the introduction of the cyber war doctrine. Information warfare encompasses pursuit of paralysis and destruction of a nation's all social infrastructure system and military control power. The existing concept of security strategy, which is a passive concept devised for protection of national information and information system, has been replaced by the proactive and aggressive concept of information warfare strategy. Information warfare seek early and effective victory by cyber attacks that can destroy the enemy's war capability and morale. Korea, which is a leader in information technology as well as a country vulnerable to attacks challenging information security, should prepare for information warfare of the twenty first century. Provision of more systematic and detailed measures—new response strategies, the establishment of national information security response system, creation or reorganization of institutions, and training of human resources—to cope with changes in international information security environment is called for. In addition, the private, public, and military organizations should work together to introduce joint defense strategies and organizations. As an organic integrated defense system has to be established, the government has to establish a governmental system for systematic system for threat assessment, judgment, and response. In particular, the role and responsibilities of the NSC should be upgraded. The government has been tilted toward domestic security and social issues as it responded to cyber crimes and terrors. Such tendency should be guarded against.

Wade Huntley,Timothy Shives

DOI: https://doi.org/10.34190/eccws.23.1.2500

2024-06-27

Abstract:The study of cyber strategy and its implications for international security has become increasingly crucial, necessitating an examination of the unique challenges posed by the dynamic and stealthy nature of the cyber domain. This paper addresses whether offensive or defensive strategies prevail in cyberspace, especially in light of evolving technological landscapes and debates over cyber threats. By applying offense-defense theory from international relations, the research explores the nuanced relationship between offensive and defensive operations in cyberspace. Despite prevalent views favoring offense dominance, recent skepticism questions the severity of cyber threats and suggests a possible overemphasis on offensive operations. This paper systematically examines the core concepts, findings, and operational variables of offense-defense theory, providing clarity to the conceptual debates surrounding cyber conflict. Recognizing the unique characteristics of the cyber domain, it urges a careful consideration of biases that may distort judgments about offense dominance. The evolving nature of cyberspace and its potential for redesign introduces caution and underscores the need for a nuanced understanding of the offense-defense balance. The preliminary assessment concludes that the question of whether offense or defense "dominates" in cyberspace is overly simplistic. Given the intricate interactions of cyber capabilities, other coercive means available to states, and the dynamic evolution of cyber technology, this question can only be answered within specific contextual and chronological boundaries. Within such conditions, the state of the offense-defense balance is crucial to tactical and operational decision-making. At the strategic policymaking level, the more coherent question is how cyber technologies are shifting the balance of advantages between offense and defense in the overall military posture of states. In essence, this paper provides valuable insights into the ongoing discourse on cyber strategy, theoretical frameworks, and nuanced analyses to inform policy and strategic decision-making in the face of evolving cyber threats.

Eugenio Lilli

DOI: https://doi.org/10.1080/13523260.2021.1882812

IF: 5.719

2021-02-05

Contemporary Security Policy

Abstract:<span>This article explores the nature and the desirability of private sector contribution to national strategies of cyber deterrence. The article starts by developing a variation of the concept of cyber deterrence, called RCDC deterrence, which is simultaneously restrictive, comprehensive, dynamic, and complemental. Second, it applies RCDC deterrence to identify and analyze specific areas of cyber deterrence that can benefit the most from private sector contribution. Third, the article cautions about the potential security, legal, and moral issues that could arise from such private contributions. Instead of offering definitive answers on these complex issues, the article ends by suggesting avenues for further research. The ultimate objective is to assist decision-makers in designing policies and regulations aimed at maximizing the benefits of public–private cooperation in cyber deterrence while mitigating its potential downsides.</span>

political science,international relations

Mary Ellen O’Connell,M. E. O'Connell

DOI: https://doi.org/10.1093/jcsl/krs017

2012-07-01

Journal of Conflict and Security Law

Abstract:Which government agency should have primary responsibility for the Internet? The USA seems to have decided this question in favour of the military—the US military today has the largest concentration of expertise and legal authority with respect to cyberspace. Those in the legal community who support this development are divided as to the appropriate legal rules to guide the military in its oversight of the Internet. Specialists on the international law on the use of force argue that with analogy and interpretation, current international law can be applied in a way that allows great freedom without sending the message that the USA is acting lawlessly when it comes to the Internet. Others reject this argument as unnecessary and potentially too restrictive. The USA need not observe international law rules, especially not with respect to the Internet. The way forward is to follow the Cold War strategy of threatening enemies with overwhelming force and preparing to act on these threats. This article also questions the application of international law on the use of force to the Internet. Rather than rejecting international law in general, however, the thesis here is that international law rules governing economic activity and communications are the relevant ones for activity on the Internet. Moving away from military analogy in general and Cold War deterrence in particular, will result in the identification and application of rules with a far better chance of keeping the Internet open and safer for all.

English Else

A. Yeremyan,L. Yeremyan

DOI: https://doi.org/10.24833/0869-0049-2022-2-85-100

2022-07-06

Moscow Journal of International Law

Abstract:INTRODUCTION. The world has many times faced cardinal changes triggered by technological development. Creation of the Internet and the emergence of the artificial intelligence have become the major trend of the ongoing changes with the signifi-cant potential to affect all spheres of live, including the military affairs and the geopolitical phenomena in general. In this paper, in particular, we discuss the opportunities and challenges of the rapid technological development in the defense sector in the context of globalization. The pace and the nature of changes in defense dictate the necessity to analyze the current and future challenges of our digitized age in search of adequate and timely legal and strategic practical solutions. Cyber means of warfare are the weapons of the present. Over the past decades, cyber means of warfare have been frequently used against states in the context of international and non-international armed conflicts, as well as outside of such context. Thus, the fundamental scientific questions that arise are the following: a) are the current legal regulations at international and national levels sufficient to address all the challenges caused by the spillover of armed conflicts into the virtual domain and by the future advancement of cyber weapons, and b) are the current cyber weapons or those of the future capable of changing the nature of “war” described by General Carl von Clausewitz yet in the 19th century as a violent method of forcing its political will by one party of the conflict to the other. We have analyzed the above-mentioned questions in the light of the cyber weapons, which already exist and are being used for military purposes, in the light of possible advancement of cyber weapons and integration of AI into them, as well as in the light of the Big Data management. We have reflected on the dangers, which the smart and entirely data driven world would face, from legal and geopolitical perspectives, through the several possible scenarios of development, emphasizing, in particular, the probable military (defense) aspect of data management. While most frequently the specific problems of application of International Law to the traditional cyber warfare situations become subject for academic debates and discussions, we stress the necessity to also analyze the legal and practical implications of further advancement of cyber weapons, as well as the necessity to consider the role of Big Data management in changing the nature of war and, consequently, also the applicable legal solutions. MATERIALS AND METHODS. The works of academics and international scholars in the field of international law and, specifically, international humanitarian law, and military theorists, as well as international treaties, commentaries to international treaties, and national cyber defense and cyber security strategies comprise the theoretical basis for the current paper. The research has been conducted via general and specific scientific methods of cognition, in particular the dialectical method, comparative legal method, method of interpretation, as well as methods of deduction, induction, analysis, synthesis, and others. RESEARCH RESULTS . The ongoing changes taking place in the world have resulted in a situation, when cyber domain is considered one of the traditional war domains. In this context the international community is now debating more flexible interpretations of international legal regulations in order to most efficiently address the new reality. It is also important that states at national level undertake measures to timely and adequately address the challenges already created and those that potentially may take place as a result of the globalization along with the rapid evolution of the cyber technologies and their military use. In the current article we conclude that the categories of the present generation of cyber weapons are lawful. However, the future developments in cyber weapon technologies, as well as the possible quasi-military implications of Big Data management raise many theoretical and practical questions deserving attention. The efforts of the international community and individual states in the field of legal regulation of cyber technologies should be directed toward creating guarantees that the products of the technological development are used for the benefit of humankind. As one of such measures The Authors indicate national cyber security and cyber defense strategies, which according to the Authors, should be elaborated giving due consideration to the possible future developments. DISCUSSION AND CONCLUSIONS. In this paper we analyze the peculiar features of evolution of the world in the 21st century and argue that wars are not static and autonomous phenomena isolated from the global context and all the changes taking place in the world. In particular, we address one of the most popular debates among the scholars in the field of military affairs concerning the issue whether the nature of war has changed or will change overtime, referring to Carl von Clausewitz’s thoughts. With regard to the current generation of cyber weapons, we conclude that even if they might prima facie seem to be inherently indiscriminate (such as, for example, nuclear weapons) in reality cyber weapons are not per se indiscriminate, but rather are weapons with a very high potential of being used indiscriminately or in violation of the principle of discrimination. However, the high potential of indiscriminate use of cyber weapons does not outlaw the cyber weapons as such. We also agree with the widely accepted opinion that the cyber weapons, which are currently used, are sufficiently regulated by the International Law. At the same time, the future tendencies for advancement and improvement of military cyber technologies, inter alia, via integration of artificial intelligence, may seriously call into question the possibility of their application in compliance with the international legal regulations. Finally, the possible scenarios of advancement of Big Data management have led us to the conclusion that big data management per se has the potential of being used as a weapon with less lethal or even non-lethal consequences, however equally effective in enforcing one’s policy as the traditional weapons or potentially kinetic cyber-weapons. If big data analysis at its current stage of development does not produce very accurate predictions, the well-distributed and structured informational flow in the cyber domain is capable of influencing and manipulating behaviours. In such case if Big data monopoly (including both: hardware and sostware) vests in one of several actor, it could drastically change the nature of war by making the element of violence redundant and consequently alter the geopolitical balance. One of the measures for early response to future challenges, in our opinion, could be through reflecting on lex ferenda in cyber security and cyber defence national strategies. From the analysis of the content of different strategies we could conclude that most states acknowledge cyberspace as a military domain like land, air or maritime, analyse the main specific characteristics of current generation of cyber weapons, and set state objectives and action plan for cyber offense, cyber defense and cyber deterrence respectively. While the future advancement of cyber means of warfare and the quasi-military dimension of the big data management seem to be overlooked by states in general.

Mariarosaria Taddeo

DOI: https://doi.org/10.1007/s13347-017-0290-2

2017-10-16

Abstract:In this article, I analyse deterrence theory and argue that its applicability to cyberspace is limited and that these limits are not trivial. They are the consequence of fundamental differences between deterrence theory and the nature of cyber conflicts and cyberspace. The goals of this analysis are to identify the limits of deterrence theory in cyberspace, clear the ground of inadequate approaches to cyber deterrence, and define the conceptual space for a domain-specific theory of cyber deterrence, still to be developed.

Alex S. Wilner

DOI: https://doi.org/10.1080/01402390.2018.1563779

2019-02-04

Journal of Strategic Studies

Abstract:When compared to advancements in conceptualising deterrence in other domains, cyber deterrence is still in it messy infancy. In some ways cyber deterrence practice outpaces cyber deterrence theory. Tactics, strategy, doctrine, and policy are developed and put to use even before corresponding theories are properly understood. This article analyses how American cyber deterrence has been implemented over the past two decades in order to inform ongoing debates within the academic study of deterrence, and to provide insights from practice for how cyber deterrence theory can be better conceived and refined.

political science,international relations

Dmitry V. Streltsov

DOI: https://doi.org/10.31857/s013128120025335-9

2023-01-01

Problemy Dalnego Vostoka

Abstract:The article analyzes new moments in Japan&apos;s national security policy introduced by the documents which have been adopted by the Japanese cabinet in December 2022 — National Security Strategy, National Defense Program Guidelines and Medium Term Defense Program. The main attention is paid to the depiction of the external security environment, and above all to the assessment of China and Russia as the countries of greatest concern from the point of view of security policy. Noting that the documents do not use the term &quot;threat&quot; in China&apos;s assessment, the author concludes that Japan takes a more cautious position than the United States, trying not to be drawn into a confrontation between superpowers. As for Russia, the greatest alarmism is expressed not in relation to its policy as such, but in relation to its potential blocking with China on an anti—Japanese basis — the main &quot;nightmare&quot; for Tokyo. The article considers the issue of the &quot;counter-offensive&quot; missile potential provided for by the new strategy, which would allow Japan to strike at the enemy from a remote distance in the event of a direct threat to its security. The acquisition of such a potential has become particularly relevant for Japan in connection with the development of missile technologies of neighboring &quot;hostile&quot; countries — the DPRK and the PRC, as well as the general progress of missile weapons in the world, including the hypersonic ones. As part of the new approach, it is planned to create an integrated air and missile defense system that combines the capabilities of intercepting enemy missiles and counterattacking on strategic and military enemy targets. An important change in the security policy will also be the acute increase in defense spending declared by the documents under review. The biggest problem lies in the unresolved issue of the financial sources of the defense budget, which must ensure the implementation of the adopted strategy.

Sandeep Pisharody,Jonathan Bernays,Vijay Gadepally,Michael Jones,Jeremy Kepner,Chad Meiners,Peter Michaleas,Adam Tse,Doug Stetson

DOI: https://doi.org/10.48550/arXiv.2110.01495

2021-10-04

Cryptography and Security

Abstract:With the recognition of cyberspace as an operating domain, concerted effort is now being placed on addressing it in the whole-of-domain manner found in land, sea, undersea, air, and space domains. Among the first steps in this effort is applying the standard supporting concepts of security, defense, and deterrence to the cyber domain. This paper presents an architecture that helps realize forward defense in cyberspace, wherein adversarial actions are repulsed as close to the origin as possible. However, substantial work remains in making the architecture an operational reality including furthering fundamental research cyber science, conducting design trade-off analysis, and developing appropriate public policy frameworks.

Jukka Ruohonen

DOI: https://doi.org/10.48550/arXiv.2011.07212

2020-11-14

Abstract:This paper explores a research question about whether defensive and offensive cyber security power and the capabilities to exercise the power influence the incentives of nation-states to participate in bilateral and multilateral cooperation (BMC) through formal and informal agreements, alliances, and norms. Drawing from international relations in general and structural realism in particular, three hypotheses are presented for assessing the research question empirically: (i) increasing cyber capability lessens the incentives for BMC; (ii) actively demonstrating and exerting cyber power decreases the willingness for BMC; and (iii) small states prefer BMC for cyber security and politics thereto. According to a cross-country dataset of 29 countries, all three hypotheses are rejected. Although presenting a "negative result" with respect to the research question, the accompanying discussion contributes to the state-centric cyber security research in international relations and political science.

Computers and Society

Erik Gartzke,Jon R. Lindsay

DOI: https://doi.org/10.1080/09636412.2015.1038188

2015-04-03

Security Studies

Abstract:It is widely believed that cyberspace is offense dominant because of technical characteristics that undermine deterrence and defense. This argument mistakes the ease of deception on the Internet for a categorical ease of attack. As intelligence agencies have long known, deception is a double-edged sword. Covert attackers must exercise restraint against complex targets in order to avoid compromises resulting in mission failure or retaliation. More importantly, defenders can also employ deceptive concealment and ruses to confuse or ensnare aggressors. Indeed, deception can reinvigorate traditional strategies of deterrence and defense against cyber threats, as computer security practitioners have already discovered. The strategy of deception has other important implications: as deterrence became foundational in the nuclear era, deception should rise in prominence in a world that increasingly depends on technology to mediate interaction.

international relations

Jan Kallberg

DOI: https://doi.org/10.48550/arXiv.2112.02773

2021-12-06

Abstract:Academia, homeland security, defense, and media have accepted the perception that critical infrastructure in a future cyber war cyber conflict is the main gateway for a massive cyber assault on the U.S. The question is not if the assumption is correct or not, the question is instead of how did we arrive at that assumption. The cyber paradigm considers critical infrastructure the primary attack vector for future cyber conflicts. The national vulnerability embedded in critical infrastructure is given a position in the cyber discourse as close to an unquestionable truth as a natural law. The American reaction to Sept. 11, and any attack on U.S. soil, hint to an adversary that attacking critical infrastructure to create hardship for the population could work contrary to the intended softening of the will to resist foreign influence. It is more likely that attacks that affect the general population instead strengthen the will to resist and fight, similar to the British reaction to the German bombing campaign Blitzen in 1940. We cannot rule out attacks that affect the general population, but there are not enough adversarial offensive capabilities to attack all 16 critical infrastructure sectors and gain strategic momentum. An adversary has limited cyberattack capabilities and needs to prioritize cyber targets that are aligned with the overall strategy. Logically, an adversary will focus their OCO on operations that has national security implications and support their military operations by denying, degrading, and confusing the U.S. information environment and U.S. cyber assets.

Computers and Society,Cryptography and Security

Benjamin J Knox

DOI: https://doi.org/10.3389/fpsyg.2018.00717

2018-05-15

Abstract:Through analysis of empirical interview data this research undertakes to investigate the ways in which the growing phenomenon of cyberpower - defined as using cyberspace for advantage and influence - is impacting on institutional development in Norway. Exploring this governance challenge through the conceptual framework of complexity, difference and emergence opens space - political or otherwise - for discussion regarding why rapid developments arising from digitalization are transforming the way individuals, organizations, institutions and states behave, relate and make decisions. Cyberpower is creating an uncertain institutional landscape as a dependency vs. vulnerability paradox shapes values, rules and norms. Findings from this thematic analysis of qualitative data reflect this paradox, and suggest that organizations in Norway are in a survival-mode that is blocking collaboration. This occurs as national governance systems, human capacity and cyberpower effects lack synergy making for an uneasy arena where complexity, contestation and emerging challenges frame institutional development. To improve long-term prospects of governing cyberpower effects requires a cross-sectorial conflation of time and human resources. This means consciously taking steps to merge organizational and institutional boundaries through expressive innovative collaborations that foster a shared and holistic agenda. The emerging challenges cyberpower is presenting across multiple domains means further research is recommended to build a richer understanding of the term cyberpower from different perspectives. The investigation recommends investment in building the skills and capacities necessary for the co-creation of new models and strategies for managing the effects of cyberpower.

Hao YIN,Dongchao GUO,Yongqiang LYU,Peng YANG,Zhiwei ZHAO,Yaoxue ZHANG

DOI: https://doi.org/10.1360/n112017-00171

2019-01-01

Abstract:Cyberspace security is vital to state interest. Recently, there are some challenges in cyber security. In architecture for instance, although protection mechanisms are introduced and applied everywhere, the modern network architecture (well connected and open) still has difficulty in completely ensuring cyber security. It is also observed that contemporary cyber security protection mechanism highly depends on the priori information of security threats and thus will hardly address unknown potential threats. In this paper, a novel cyberspace security protection framework is proposed. A dual-structural Internet scheme that integrates the current Internet architecture with a redundant secondary structure network characterized by its broad-storage scheme, heterogeneous structure, and dynamic protection mechanism is introduced. Also, a novel active defense mechanism that is knowledge-data driven and thus independent of the priori information of the security threat is proposed. Furthermore, some key techniques such as transparent access and prepositive active defense are introduced. The theoretical and technical work proposed in this paper offers a comprehensively evolutionary solution to constructing a cyberspace in which the protection mechanism is more independent and active.

Yu Zheng,Zheng Li,Xiaolong Xu,Qingzhan Zhao

DOI: https://doi.org/10.1016/j.dcan.2021.07.006

IF: 6.348

2021-07-01

Digital Communications and Networks

Abstract:Driven by the rapid development of the Internet of Things, cloud computing and other emerging technologies, the connotation of cyber space is constantly expanding and becoming the fifth dimension of human activities. However, security problems in cyber space are becoming serious, and traditional defense measures (e.g., firewall, intrusion detection systems and security audit) often fall into a passive situation of being prone to attacks and difficult to take effect when responding to new types of network attacks with higher and higher degree of coordination and intelligence. By constructing and implementing the diverse strategy of dynamic transformation, the configuration characteristics of systems are constantly changing and the probability of vulnerability exposure is increasing. Therefore, the difficulty and cost of attack are increasing, which provides new ideas for reversing the asymmetric situation of defense and attack in cyber space. Nonetheless, there are few related works that systematically introduce dynamic defense mechanisms for cyber security. The related concepts and development strategies of dynamic defense are rarely analyzed and summarized. To bridge this gap, we conduct a comprehensive and concrete survey of recent research efforts on dynamic defense in cyber security. Specifically, we firstly introduce basic concepts and define dynamic defense in cyber security. Next, we review the architectures, enabling techniques and methods for moving target defense and mimic defense. This is followed with taxonomically summarizing the implementation and evaluation of dynamic defense. Finally, we discuss some open challenges and opportunities on dynamic defense in cyber security.

Yohan Fernandes,Nasr Abosata

2024-06-18

Abstract:The demand for strong cyber defence measures grows, especially in countries such as India, where the rate of digitalization far exceeds cybersecurity developments. The increasing amount of cyber threats highlights the urgent need to strengthen cyber defences. The literature review reveals significant shortcomings in India's cyber defence readiness, especially in real-time threat detection and response capabilities. Through simulation models, the study explores network security behaviours and the impact of defences on network security. The next section of this study focuses on implementing a cyber threat detection system that uses machine learning to identify and categorise cyber threats in real time, followed by strategies to integrate it into India's present infrastructure. Also, the study proposes an educational framework for training cyber professionals. The study concludes with a reflection on the implemented defence strategies. It adds to the continuing discussion about national security by providing an in-depth investigation of cyber warfare preparation and recommending a systematic method to improving through both technological and educational solutions.

Cryptography and Security

Hampei Sasahara,Henrik Sandberg

DOI: https://doi.org/10.1109/TAC.2023.3340978

2023-12-07

Abstract:This paper addresses the question whether model knowledge can guide a defender to appropriate decisions, or not, when an attacker intrudes into control systems. The model-based defense scheme considered in this study, namely Bayesian defense mechanism, chooses reasonable reactions through observation of the system's behavior using models of the system's stochastic dynamics, the vulnerability to be exploited, and the attacker's objective. On the other hand, rational attackers take deceptive strategies for misleading the defender into making inappropriate decisions. In this paper, their dynamic decision making is formulated as a stochastic signaling game. It is shown that the belief of the true scenario has a limit in a stochastic sense at an equilibrium based on martingale analysis. This fact implies that there are only two possible cases: the defender asymptotically detects the attack with a firm belief, or the attacker takes actions such that the system's behavior becomes nominal after a finite time step. Consequently, if different scenarios result in different stochastic behaviors, the Bayesian defense mechanism guarantees the system to be secure in an asymptotic manner provided that effective countermeasures are implemented. As an application of the finding, a defensive deception utilizing asymmetric recognition of vulnerabilities exploited by the attacker is analyzed. It is shown that the attacker possibly stops the attack even if the defender is unaware of the exploited vulnerabilities as long as the defender's unawareness is concealed by the defensive deception.

Cryptography and Security,Computer Science and Game Theory,Systems and Control

Shui Yu,Wanlei Zhou,Wanchun Dou,S. Kami Makki

DOI: https://doi.org/10.1109/ICDCSW.2012.25

2012-01-01

Abstract:We are witnessing numerous cyber attacks every day, however, we do not see many cyber criminals are brought to justice. One reason is that it is technically hard to identify and trace cyber criminals. One reason for this passive situation is our limited or even inappropriate understanding of the cyber space. In this paper, we survey the challenges and opportunities in this research field for interested readers. We also list promising tools and directions based on our understanding.

Amitai Gilad,Asher Tishler

DOI: https://doi.org/10.1080/10242694.2022.2161739

IF: 1.6

2023-01-17

Defence and Peace Economics

Abstract:Modern countries employ computer networks that manage organizations in the private and public sectors. Cyber-attacks aim to disrupt, block, delete, manipulate or steal the data held in these networks, which challenge these countries' national security. Consequently, cybersecurity programs must be developed to protect these networks from cyber-attacks in a manner that is similar to operations against terrorism. This study presents several models that analyze a contest between a network operator (defender) that deploys costly detectors to protect the network and a capable cyber attacker. Generally, when the deployed detectors become more potent or the defender exhibits higher vigilance, the attacker allocates more resources to R&D to ensure that the attack remains covert. We show that detectors may be substitutes, complements, or even degrade each other, implying that defenders must account for the cyber weapons' characteristics and the attacker's profile and strategic behavior. We derive the optimal number of detectors when the attacker's R&D process features R&D spillovers and show that targeted detectors act as deterrents against high-quality weapons only if the attacker's budget is not substantial. Finally, we demonstrate that common cybersecurity practices may be detrimental from a social-welfare perspective by enhancing an arms race with the attacker.

economics

Benjamin Edwards,Alexander Furnas,Stephanie Forrest,Robert Axelrod

DOI: https://doi.org/10.1073/pnas.1700442114

2017-03-14

Abstract:Cyber conflict is now a common and potentially dangerous occurrence. The target typically faces a strategic choice based on its ability to attribute the attack to a specific perpetrator and whether it has a viable punishment at its disposal. We present a game-theoretic model, in which the best strategic choice for the victim depends on the vulnerability of the attacker, the knowledge level of the victim, payoffs for different outcomes, and the beliefs of each player about their opponent. The resulting blame game allows analysis of four policy-relevant questions: the conditions under which peace (i.e., no attacks) is stable, when attacks should be tolerated, the consequences of asymmetric technical attribution capabilities, and when a mischievous third party or an accident can undermine peace. Numerous historical examples illustrate how the theory applies to cases of cyber or kinetic conflict involving the United States, Russia, China, Japan, North Korea, Estonia, Israel, Iran, and Syria.