https://hdl.handle.net/1721.1/141485 2026-04-08T15:32:33Z https://hdl.handle.net/1721.1/141619 Design of action and alliance strategy in defense against anonymous cyber threats Rady, Mina Anonymity, a major feature of the cyberspace, is a common channel to a multitude of threats. Despite efforts to defend against anonymous threats, their rapid evolution challenges the sustainability of any designed strategy for cyber defense. A sustainable cyber defense strategy must be able to dynamically adapt to information about new threats and to utilize international alliance when necessary without violating fundamental ethics. Our earlier research in 2012 analyzed ways to influence anonymous networks that can either undermine the network performance or undermine the anonymity of connecting users. Earlier we concluded that most influential control actions are accessible to State level actors. Here we propose a defense strategy design approach that begins with assessment of the control capacities of State actors over the given threat space (in our case, anonymity). Then we delineate the various motivations for States to exercise control over anonymous communication. We suggest a strategy design process that rests on alliance with States who share the control motivation and who possess highest possible control capacity. This strategy relies on a quality-controlled information system based on mapping new information about the Cyberspace into a compatible hierarchical classification. Poster presented in the workshop on “Cybersecurity, & the Governance Gap: Complexity, Contention, Cooperation,” MIT, Cambridge, MA, United States, January 6–7, 2014. 2014-01-06T00:00:00Z https://hdl.handle.net/1721.1/141618 The dynamics of managing undersea cables: When solution becomes the problem Sechrist, Michael; Vaishnav, Chintan; Goldsmith, Daniel; Choucri, Nazli In the U.S., approximately 95% of all international Internet and phone traffic travels via undersea cables. Nearly all government traffic, including sensitive diplomatic and military orders, travels these cables to reach officials in the field.The problem, however, is that the undersea cable infrastructure is susceptible to several types of vulnerability, including: rising capacity constraints, increased exposure to disruption from both natural and mad-made sources, and emerging security risks from cable concentration in dense geographical networks (such as New York and New Jersey, and places like Egypt/ Suez Canal.) Moreover, even under normal working conditions, there is a concern whether governance-as-usual can keep up with the future growth of Internet traffic. In this work, we explore the impact of these problems on the dynamics of managing undersea cable infrastructure. Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141617 Cyber defense resources & vulnerabilities Wolff, Josephine Investment in security is aimed at reducing losses due to security breaches and typically determined by calculating annualized loss expectancy (ALE) metrics. However, in the cybersecurity space there is inadequate data on the frequency of breaches, the costs associated with those breaches, and the effectiveness of countermeasures, for organizations to be able to perform meaningful ALE calculations. With rising rates of both IT security spending and online attacks, surveys indicate that many business and government executives are unsure of how to allocate resources for defense and whether their investments in security measures are making any Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141616 Cyber mission assurance using STPA Young, William E. From Cyber Security to Mission Assurance: Improving Campaign Mission Assurance. How can we complete campaign mission across a wide range of degradations? Current gaps: 1) Emergent system properties ignored 2) Assurance restricted to tactical level, and 3) Ignores Operational (campaign) Design. Solution: 1) Use systems thinking, and 2) Leverage safety-guided design Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141615 Who controls anonymity? Control point analysis of the Onion routing anonymity network (TOR) Rady, Mina Anonymity networks have played major roles in censorship circumvention and various benign or malicious activities in the cyber domain. Hence, those networks became well defined targets of repressive regimes or law enforcement. In this research, we attempt to infer the various control capacities over the operation of such networks and we take the Tor network as an example. We decompose the operation and process of Tor network across the Cyberspace layers. Then we do survey of existing literature about possible control mechanisms over various locations in the network. Then we extrapolate from the control actions to infer possible political actors who would be able to exercise each control action. We use Tor network model as the subject of this investigation due to its distinctive pervasiveness. We conclude with a comprehensive model that depcits distribution of control capacities across the actors at different political levels of analysis. Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141614 When virtual issues become real world actions Houghton, James Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141613 Diversity of user experience and alternative future internets Clark, David D; Hung, Shirley One of the primary objectives of the ECIR project is to understand what forms the future Internet may take. This requires identification of the levers, constraints, and conditions under which each scenario may evolve. Poster presented in the workshop on “Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z https://hdl.handle.net/1721.1/141612 The Coordinates of cyber international relations Vaishnav, Chintan As the Internet and International Relations become increasingly interwoven, the properties of information goods such as information security, control, or freedom, or those of international activities such as trade, or diplomacy must be framed in the context of emergent behaviors of a system where the Cyberspace interacts with traditional IR. The purpose of this research is to create a foundation for such understanding by conceptualizing the hitherto separate domains of Cyberspace and International Relations into an integrated system, to analyze the fundamental interdependencies between the two domains, using methods from systems analysis. Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141611 Finding order in a contentious Internet Sowell, Jesse In 1998 an attempt to remove an offensive video blocked YouTube for most of the Internet...network operators resolved the issue in three hours. Spamhaus disseminates authoritative spam blocking lists, performing a vetting function while distributing monitoring and enforcement effort. Non-state collectives are increasingly playing function-specific Internet governance roles, often competing with conventional governance modes. Despite demonstrated operational and decisional capacity, little is known about how this capacity develops or how it is maintained. This research is an empirical, comparative analysis of governance arrangements and the implications for the ongoing design and operations of the Internet. Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141610 The dynamics of managing undersea cables Sechrist, Michael; Vaishnav, Chintan; Goldsmith, Daniel Problem: Can the Old Modes of Governance Meet the New Demands of the Internet? The exponential growth of the Internet may soon demand that undersea cable deployment happen as quickly as possible. Legacy institutional barriers may need to be streamlined to the point of near instantaneous approval. Staying ahead of the exponential Internet growth rate is key to implementing a resilient, redundant, accessible Internet in the U.S. and around the world. Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141609 Escalation management in cyber conflict: A research proposal Reardon, Robert Research Questions • Under what conditions is cyber conflict most likely to lead to uncontrolled escalation? • Under what conditions is cyber conflict likely to lead to escalation in other domains (conventional, nuclear)? • What steps are most affective at the reducing the risks of escalation? • How relevant are existing theories of deterrence and escalation management to cyber conflict? Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141608 Comparative analysis of cybersecurity metrics to develop new hypotheses Fisher, D.; Madnick, Stuart E.; Choucri, Nazli; Li, X.; Ferwerda, J. Few Internet security organizations provide comprehensive, detailed, and reliable quantitative metrics, especially in the international perspective across multiple countries, multiple years, and multiple categories. Organizations ask why they should spend valuable time and resources collecting and standardizing data. This report aims to provide an encouraging answer to this question by demonstrating the value that even limited metrics can provide in a comparative perspective. We present some findings generated through the use of the Explorations in Cyber Internet Relations (ECIR) Data Dashboard. In essence, this dashboard consists of a simple graphing and analysis tool, coupled with a database consisting of data from disparate national-level cyber data sources provided by governments, Computer Emergency Response Teams (CERTs), and international organizations. Users of the dashboard can select relevant security variables, compare various countries, and scale information as needed. In this paper, we present an example of observations concerning the fight against cybercrime, along with several hypotheses attempting to explain the findings. We believe that these preliminary results suggest valuable ways in which such data could be used and we hope this research will help provide the incentives for organizations to increase the quality and quantity of standardized quantitative data available. Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141607 Learning legal principles to enable law at cyber speeds Finlayson, Mark A. Goal: Law at Cyber Speeds. If we are to enable the creation of Automatic Cyber Targeting Systems to respond in network time to cyberattacks, we must be able to do legal analyses at network speeds Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141606 Representing cyberspace using taxonomies and meta-data analysis Elbait, Gihan Daw Problem: Modeling and mapping the landscapes of emerging research fields, such as cyberspace. • Most research fields are composed of many subfields which are related in intricate ways, therefore structural organization of these subfields could be of great use. • Acquiring and analyzing such knowledge is hampered by the vast amount of data available in publications. • The need of database integration to enable the mapping of relevant component of the topic in hand (e.g. Cyberspace and International Relations). Poster presented in the workshop on “People, Power, and CyberPolitics,” MIT, Cambridge, MA, United States, December 7–8, 2011. 2011-12-07T00:00:00Z https://hdl.handle.net/1721.1/141488 Understanding “Cyber Conflict” Shukla, Aadya Problem: Emergence of cyber as the new arena for conflict raises three basic questions: (a) What qualifies as a Cyber Conflict? (multiple definitions exist); (b) Does intervention of cyber in conflict life-cycle requires new models to decipher control points in cyberspace?; and (c) What is different between conflicts in kinetic and cyberspace? Solution: Application of USE CASE ANALYSIS to understand the mechanics of cyber conflict to arrive at a model of cyber conflict in a data driven manner (analysis of events since 2001). In Software Engineering domain use case analysis is used as an established tool to define processes and roles a stakeholder employs to interact with a system, and system’s response to the user stimulus. Poster presented in the workshop on "Who Controls Cyberspace,” MIT, Cambridge, MA, United States, November 6-7, 2012. 2012-11-06T00:00:00Z