PrEP: A Framework for Malware and Cyber Weapons

Herr, Trey

doi:10.2139/ssrn.2343798

Cited by 15 publications

(7 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A leggyakrabban idézett érvelés, miszerint csak a károkozás, vagyis közvetlenül az informatikai eszközben, az azon tárolt adatokban, vagy közvetve az informatikai eszköz által irányított fizikai rendszerek működésében okozott fennakadás vagy fizikai kár okozására használt malware nevezhető kiberfegyvernek. [10,11] Technikai és taktikai szemszögből ez meglehetősen mesterkélt megkülönböztetés, mivel a sikeres kibertámadás előfeltétele a támadás alatt álló rendszer minél alaposabb előzetes felderítése. Informatikai biztonsági szempontból pedig már az informatikai eszközbe való behatolás is támadásnak minősül, mert megsérti a bizalmasság követelményét.…”

Section: A Kiberfegyverek Műszaki Megközelítéseunclassified

“…Bár 2015-ben leírt kritikája, miszerint a kereskedelmi IT biztonsági cégek malwer-kutatásai megragadnak az egyes malwerek vagy exploitok elemzésénél, vagyis a taktikai szinten, nem egészen helytálló. [10] A közelmúltban kezd kialakulni az igen átfogó, és jelentős forrásokat igénylő komplex, stratégiai szintű fenyegetettség elemzés (threat intelligence). Itt a cél az informatikai támadások hátterének lehető legszélesebb körű, beleértve a nemzetbiztonsági szintű felderítését.…”

Section: A Kiberfegyverek Műszaki Megközelítéseunclassified

See 1 more Smart Citation

A kiberfegyver koncepció evolúciója

Dévai

2019

Hadmérnök

View full text Add to dashboard Cite

Az utóbbi idők nagy erejű informatikai támadásai, mint például a BlackEnergy, NoPetya vagy a Stuxnet elodázhatatlanul felvetnek egy sor jogi, stratégiai és informatikai kérdést a nemzetállamok által politikai vagy katonai célokra felhasznált kibertámadásokkal kapcsolatban. A 1990-es évek vége óta naprenden van a kinetikus fegyverek analógiájára a kiberfegyverek szabályozásának a kérdése. Az analógia azonban nem is olyan egyértelmű. A közleményben megvizsgálom a kiberfegyverek különböző definícióit, és a koncepció lehetséges stratégiai vagy tudományos hasznosíthatóságát.

show abstract

Section: A Kiberfegyverek Műszaki Megközelítéseunclassified

A kiberfegyver koncepció evolúciója

Dévai

2019

Hadmérnök

View full text Add to dashboard Cite

show abstract

“…Cyberweapons consist of three components, the absence of any one of which denies the categorisation of malware as a weapon proper: propagation method, payload and exploits (Herr, 2014). The propagation method defines how the code is delivered into a target system and the payload is the core executable code of the malware that determines its functionality and delivers its effects.…”

Section: Structural Power and Cyberweapons Marketsmentioning

confidence: 99%

“…Cyberweapons do not perceive their environment in an animal sense but they are programmed to seek out affordances (vulnerabilities) and exploit them for payload delivery (Herr, 2014). Once inside a target system, they can manipulate its conditions of existence and functionality.…”

Section: Institutional Power and The Internetmentioning

confidence: 99%

Cyberweapons: power and the governance of the invisible

Stevens

2017

Int Polit

View full text Add to dashboard Cite

This article explores the non-emergence of a global governance regime for cyberweapons.Cyberweapons are malicious software entities deployed to cause harm to adversaries' computer networks and systems. They threaten the integrity and functionality of digital systems that enable global circuits of communication and exchange, with significant potential impacts on social, economic and political order. Using a power-analytical approach, this article identifies four areas in which power works to constrain regime formation: the productive power of NATO's Tallinn Manual Process; the structural power of US involvement in cyberweapons markets; the institutional power of Internet technologies; and diplomatic claims to sovereignty that mask the operations of compulsory power. These work together to prevent a unified global approach to the regulation of cyberweapons. The article concludes that there are substantial obstacles to effective cyberweapons governance but that these should not prevent ongoing efforts to tackle this important and ubiquitous security issue.

show abstract

“…614 Often a payload built specifically for the purpose in mind is required as well, so teams must have the specialized skill to write the type of code needed for that particular type of attack. 615 Due to the greater investment of time and resources such an effort requires, these attacks are more difficult to successfully execute. 616 Of benefit to the attacker, however, is that much of the same equipment needed to breach easier targets overlaps with what is needed to attack harder targets.…”

Section: Chapter 5 -Countering Malicious Non-state Cyber Actors: the mentioning

confidence: 99%

Beyond theory: applying empirical evidence to cyberspace theories

Cohen¹

View full text Add to dashboard Cite

Political science has made progress in the study of how actors behave in cyber-space, but it is still an emerging field. Much of the academic work regarding cyber-space is focused on theory building. There are many scholars who have produced outstanding theories, but the field now needs to move further and begin to collect empirical evidence to determine which theories are more useful than others. This dissertation attempts to do just that. It examines existing theory, and proposes new theories, using evidence from Israel to improve the field's understanding of cyber-space. Israel is one of the most powerful states in cyber-space, but it is woefully understudied. This is the first major book sized project that applies the Israel case to cyber theories. This dissertation is therefore useful not only as a standalone project, but as one that can be useful as a basis for others' work in cyber-space. A central goal of this project is to improve the ability of decision makers to craft good policy. Thus, policy recommendations are offered on every topic with the goal of strengthening state's use of cyber-space both offensively and defensively. The dissertation also addresses two other understudied areas, the behavior of non-state actors in cyber-space, and the role of international law and norms. Using Israel as a case study, this project examines both of those issues. It examines the types of dangers Israel faces from non-state actors and Israel's response, and evaluates what Israel has done well and what it could do better in this regard. The role that norms and international law play in decision making in cyber-space is also explored by examining what Israel's actions and decisions have been. 4

show abstract

PrEP: A Framework for Malware and Cyber Weapons

Cited by 15 publications

References 12 publications

A kiberfegyver koncepció evolúciója

A kiberfegyver koncepció evolúciója

Cyberweapons: power and the governance of the invisible

Beyond theory: applying empirical evidence to cyberspace theories

Contact Info

Product

Resources

About