C3E 2015 Mid-Year Event

C3E 1-Day Event | 19 June 2015 | Arlington, Virginia

0800 - 0830 ARRIVAL
0830 - 0840 Welcome and Opening Remarks 
Kathy Bogner
0840 - 0900 Lightening Round (mini-introductions)
0900 - 0915 C3E Recap Briefing 
Kevin O'Connell and Dan Wolf
0915 - 1015 Fortification with Adaptation 
Dusko Pavlovic
1015 - 1030 MORNING BREAK
1030 - 1200 Content Development Session: Fortification with Adaptation
1200 - 1240 WORKING LUNCH
1240 - 1300 2015 Challenge Problem Discussion 
Dan Wolf, Chip Willard
1300 - 1400 "Recognizing the Adversary" 
Susan Landau
1400 - 1545 Content Development Session: Recognizing the Adversary
1600 - 1630 Development Session Out Briefs
1630 - 1645 Closing Remarks and Next Steps 
Kathy Bogner
1645 Workshop Adjourns

The following background is provided for participants:

Recognizing the Adversary 

Attribution is defined by Wheeler and Larsen as determining the identity or location of an attacker or an attacker’s intermediary. The ability to identify the ultimate source (sic. computer/location and person/affiliation) of a cyber attack is then the basis for taking action against the attacker. Furthermore, attribution becomes central to the creation of a system of deterrence, the idea that one can dissuade attackers from acting through fear of some sort of retaliation. Going deeper Clark and Landau denote that different types of cyber attacks and cyber exploitations raise different options for prevention and deterrence, finding it useful to think about attribution from four vantage points: types, timing, investigators, and jurisdiction. 

These four vantage points raise questions that will be central to the focus of this theme:

  • What should be the source of identity, and what conclusions can be drawn in regard to the utility of different types of identity?
  • What is the temporal nature of attribution, the roles of attribution before, during and after an event?
  • How quickly must attribution occur in order to be useful?
  • How might attribution be exploited as a part of deterrence?
  • What differences in attribution can be expected across different jurisdictions?
  • What will be the impact on attribution of the potential fragmentation of the internet into competing national Internets?
  • Would a redesign of the Internet, design for deterrence, deter today's sophisticated attacks?
  • What impacts might a redesign of the Internet have on issues of privacy and civil liberties?

David A.Wheeler and Gregory N. Larsen, Techniques for Cyber Attack Attribution (Institute for Defense Analysis, IDA Paper P-3792

David D. Clark and Susan Landau, Untangling Attribution, http://cs.brown.edu/courses/csci1800/sources/lec12/ClarkandLandau.pdf 
David D. Clark and Susan Landau,  Harvard National Security Journal 

David D. Clark and Susan Landau, Untangling Attribution, Harvard National Security Journal: http://harvardnsj.org/wp-content/uploads/2011/03/Vol.-2_Clark-Landau_Final-Version.pdf

Fortification with Adaptation

In the early days of Cold War, John von Neumann invented the strategic paradigm of Mutual Assured Destruction (MAD). A couple of years earlier, he had invented game theory as the method for resolving such one-shot strategic conflicts with perfect and complete information. In contrast, the strategic conflicts that arise in cyber space are mostly ongoing games of imperfect and incomplete information. Moreover, they are played by computationally bounded players. This new strategic paradigm is often called Advanced Persistent Threat (APT). While many particular game theoretic methods still apply to many particular problems of cyber security, the task of lifting the general method of strategic reasoning from MAD to APT is still open. (Pavlovic)

This theme will investigate the refining of existing methods and the exploration of new concepts along the following dimensions:

  • How can we move from the paradigm of security as a one-shot game into the realm of an economics of persistent attacking and defending?
  • How can a defender overcome the strategic bias that exists within security in favor of the attacker?
  • In light of compromised environments, how should we pursue adaptive strategies?
  • What scalable new methods for strategic adaptation within compromised environments can we imagine?
  • In developing an adaptive strategy for a conflict between two teams do we also need to take into account the conflicts within the individual team (the conflict between teams gives rise to dynamic interactions within the teams, which may in turn advance into further conflict)?
  • Given a paradigm of adaptive attacker, what will the dual concept of adaptive defender look like?
  • How can game theory and algorithm information theory be combined to mitigate attackers' strategic advantage in cyber security?

Dusko Pavlovic, Economy of Security by Obscurity, Posturing, Deceit

The DoD Cyber Strategy, April 2015, http://www.defense.gov/home/features/2015/0415_cyber-strategy/