Conferences related to Cyber Espionage

Back to Top

2018 10th International Conference on Cyber Conflict (CyCon)

Conflict and actors in cyberspaceCyber capabilitiesTechnical challenges, innovations and requirementsInternet of thingsInternational law and normsInternational cooperation

  • 2017 9th International Conference on Cyber Conflict (CyCon)

    International cooperation and international relations with regards to cyberspace; Technical challenges and requirements; Conflict in cyberspace; Regulations and standards; virtualisation

  • 2016 8th International Conference on Cyber Conflict (CyCon)

    In today’s increasingly complex cyberspace we see a variety of actors struggling to gain or maintain their position. The ubiquitous use of information and communication technologies has had a profound influence on how these actors pursue their goals and interests. The 8th International Conference on Cyber Conflict (CyCon 2016) will focus on ‘cyber power’ as one of the core elements of relations between different stakeholders and will discuss how the traditional concept of ‘power’ applies to cyberspace. Both ‘hard’ and ‘soft power’ are being employed to achieve strategic and political goals through technical, legal and economic means. But how can we assess such power? How can we ensure that such power remains in the right hands? How can we ensure or enforce ‘cyber power’ without risking conflict escalation? How can we respond to exercises of this power with the right tools and measures? Is there a way to maintain a balance of power in cyberspace?

  • 2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace(CyCon)

    International cooperation and international relations with regards to cyberspace;Technical challenges and requirements;Conflict in cyberspace;Regulations and standards;Virtualisation

  • 2014 6th International Conference on Cyber Conflict (CyCon)

    The International Conference on Cyber Conflict is CCD COE's annual event that brings together strategic, technical and legal experts to discuss current key aspects of cyber conflicts . The theme of the conference is Active Cyber Defence.

  • 2013 5th International Conference on Cyber Conflict (CyCon)

    Technical, strategic and legal implications of using automaticmethods to manage cyber conflicts. Conceptual Framework of Cyber ConflictsConcepts for using automatic methods in cyber conflictActors in cyber conflictAutomation of Tactical, Operational and Strategic Procedures in Cyber ConflictsCase Studies, Experiments and SystemsCyber Conflict ModelsReasoning and Attribution in Cyber Conflict targeting and Cyber Attack Impact Assessment

  • 2012 4th International Conference on Cyber Conflict (CYCON)

    The 4th International Conference on Cyber Conflict 2012 (CYCON 2012) will provide a multi-disciplinary forum for scholars, researchers, analysts and practitioners to discuss issues related to cyber conflict and warfare. The conference aspires to advance scientific knowledge and understanding and to support the development of related policies, models and systems.

  • 2011 3rd International Conference on Cyber Conflict (ICCC)

    The International Conference on Cyber Conflict is the CCD COE's annual event that brings together strategic, technical and legal experts to discuss current key aspects of cyber conflicts (see http://www.ccdcoe.org/ICCC). In 2011 the conference will focus on combination of defensive and offensive aspects of Cyber Forces and will combine different views on cyber defence and operations in the current and envisaged threat environments. This shall not be limited to military perspective. Legal, strategic and tec


2018 13th International Conference on Malicious and Unwanted Software (MALWARE)

Computer Security, Malware Analysis, Deception Platforms, Anti-Virus Products, Anti-Malware Solutions

  • 2017 12th International Conference on Malicious and Unwanted Software (MALWARE)

    The Focus of the conference this year is twofold - (1) Evolving threat landscape, and (2) innovative system defense approaches. The topics are described in the paragraphs below.Evolving threat landscape: The Malware Criminal EcoSystem has become a vibrant sector of the dark economy in recent years. Innovation in this ecosystem is rampant at all levels - from the discovery of new vulnerabilities, to the introduction of new deployment mechanisms. This division of labor in the Malware Ecosystem has accelerated the deployment of new threats which often are deployed by multiple entities across platforms (often sloppily), but which certainly meet the business objectives. Current security approaches are often ineffective, since attackers quickly field test prototype attacks that dodge current defenses.

  • 2016 11th International Conference on Malicious and Unwanted Software (MALWARE)

    The Focus of the conference this year is twofold - (1) Security architectures & reformulated solutions, and (2) The demise of traditional end-point protection. The topics are described in the paragraphs below.In the past, the security protection model that most organizations applied to protect their infrastructure was simply the "Everything but the Kitchen Sink" model—meaning, add devices that protect the enterprise network perimeter (Trusted Zone), add devices that protect your mobile device, add devices that protect your data base., and on, and on.... In essence, this model simply amounted to the accumulation of security devices. Given the increased number, scope, and frequency of breaches in the last few years, it is clear that this model has failed.Security products are no longer about single or even multiple independent security devices each providing close-as-we-can-get-to-perfect standalone protection. MALCON will explore alternative architectures and solutions.

  • 2015 10th International Conference on Malicious and Unwanted Software (MALWARE)

    The Malware 2015 conference has adopted as its main theme "The Fabric of Security: A billion Sensors but no serious threat analysis and decision support" in recognition of a major paradigm shift that will transformed the security industry in the next 10 years. The fundamental premise to be addressed at the conference is the difference between point security solutions, their contribution to the overall protection of an organization, and the lack of integration amongst many solutions. Manuscripts addressing both new architectural solutions to build a "Fabric of Security", reference implementations, as well as effectiveness measurement methodologies are welcomed.

  • 2014 9th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE)

    The Malware 2014 conference has adopted as its main theme "The Malware Threat in the era of Unlimited Computing Power" in recognition of a major paradigm shift that has transformed the computer industry as a whole, and created major challenges to the Security Community in particular. Specifically, the scope of attacks being delivered in 2014 takes on a completely new magnitude when the attacker has at its disposal unlimited computing resources through the use of Cloud Based Services. Given such a threat, we in the Security industry have a pressing needs for solutions that can handle such a threat.

  • 2013 8th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE)

    The Malware 2013 conference has adopted as its main theme "Malware in the Era of Cloud Services and Mobile Endpoints" in recognition of a major paradigm shift that has transformed the computer industry as a whole, and created major challenges to the Security Community in particular.

  • 2012 7th International Conference on Malicious and Unwanted Software (MALWARE)

    This years conference will pay particular attention to (and will also be extensively discussed in several panel sessions) the pressing topic of Defending the Extended Network What happened to the walls As Smartphones become the preferred access device, while applications and data reside at multiple locations in the Cloud, the idea of protecting the network and the end-point (a Windows device) is no longer practical. A paradigm shift is upon us, and protecting both application and data in a world of billions of Smartphone devices is intriguing and challenging. Clearly, there is no longer a network to protect. Further, the concept of an extended network has significant limitations. In the new paradigm what is emerging is the concept a Trusted Domains with no physical boundaries. Thus, the organizers of Malware 2012 Asia Pacific solicit original written contributions addressing these issues and research questions. Manuscripts focusing on the security properties of Trusted Domains, Cloud Computing.

  • 2011 6th International Conference on Malicious and Unwanted Software (MALWARE)

    Malware 2011 is designed to bring together experts from industry, academia, and government to present and discuss, in an open environment, the latest advances and discoveries in the field of malicious and unwanted software. Techniques, economics and legal issues surrounding the topic of Malware, and the methods to detect and control them will be discussed.

  • 2010 5th International Conference on Malicious and Unwanted Software (MALWARE)

    The 5th IEEE International Conference on Malicious and Unwanted Software is designed to bring together experts from industry, academia, and government to present and discuss, in an open environment, the latest advances and discoveries in the field of malicious and unwanted software. Techniques, economics and legal issues surrounding the topic of Malware, and the methods to detect and control them will be discussed.

  • 2009 4th International Conference on Malicious and Unwanted Software (MALWARE)

    An ounce of prevention is worth a pound of cure . Arguably, many of the current solutions for fighting Malware fall within the cure category. However, efficacy of current solutions are in question. Malware 2009 will focus on preventative measures such as software white listing and tighter models of access control at the O/S level.

  • 2008 3rd International Conference on Malicious and Unwanted Software (MALWARE)

    The conference is designed to bring together experts from industry, academia, and government to present and discuss, in an open environment, the latest advances and discoveries in the field malicious and unwanted software, the techniques, economics and legal issues behind their use, and the methods to detect and control them.


2018 European Intelligence and Security Informatics Conference (EISIC)

Intelligence and Security Informatics (ISI) is an interdisciplinary field of research that focuses onthe development, use, and evaluation of advanced information technologies, includingmethodologies, models and algorithms, systems, and tools, for local, national, and internationalsecurity related applications.

  • 2017 European Intelligence and Security Informatics Conference (EISIC)

    Intelligence and Security Informatics (ISI) is an interdisciplinary field of research that focuses onthe development, use, and evaluation of advanced information technologies, includingmethodologies, models and algorithms, systems, and tools, for local, national, and internationalsecurity related applications.

  • 2016 European Intelligence and Security Informatics Conference (EISIC)

    Intelligence and Security Informatics (ISI) is an interdisciplinary field of research that focuses on the development, use, and evaluation of advanced information technologies, including methodologies, models and algorithms, systems, and tools, for local, national, and international security related applications.

  • 2015 European Intelligence and Security Informatics Conference (EISIC)

    Intelligence and Security Informatics (ISI) is an interdisciplinary field of research that focuses on the development, use, and evaluation of advanced information technologies, including methodologies, models and algorithms, systems, and tools, for local, national, and international security related applications.

  • 2013 European Intelligence and Security Informatics Conference (EISIC)

    Intelligence and Security Informatics (ISI) research is an interdisciplinary research field involving academic researchers in information technologies, computer science, public policy, bioinformatics, medical informatics, and social behavior studies as well as local, state, and federal law enforcement and intelligence experts, and information technology industry consultants and practitioners to support counterterrorism and homeland security missions of anticipation, interdiction, prevention, preparedness and response to terrorist acts.

  • 2012 European Intelligence and Security Informatics Conference (EISIC)

    We invite academic researchers (in information technologies, computer science, public policy, and social and behavioral studies), law enforcement and intelligence experts, as well as information technology companies, industry consultants and practitioners in the fields involved.

  • 2011 European Intelligence and Security Informatics Conference (EISIC)

    Intelligence and Security Informatics (ISI) research is an interdisciplinary research field involving academic researchers in information technologies, computer science, public policy, bioinformatics, medical informatics, and social and behavior studies as well as local, state, and federal law enforcement and intelligence experts, and information technology industry consultants and practitioners to support counterterrorism and homeland security missions of anticipation, interdiction, and prevention.


2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)

IEEE Cybermatics 2018 aims to provide a high-profile platform for researchers and engineers to exchange and explore state-of-art innovations in cyber technology and their applications in physical, social and mental worlds.


2016 International Conference On Communication Problem-Solving (ICCP)

International Conference on Communications Problem -Solving (ICCP) is focus on solutions to problems and challenges arising in the areas of modern communications, radar and sensor areas technologies. The conference will feature keynote speeches, tutorials, regular papers, invited and special sessions, industrial exhibitions, as well as the best student paper competition.

  • 2015 IEEE International Conference on Communication Problem-Solving (ICCP)

    RF Circuit and SubsystemSmall Antenna, Planar/reflect antenna array, MCM, LCP/LTCC technologies, System on package, Subsystem integration, Passive device/circuits design and modeling, Active device/circuits design and modeling, RFIC & MMIC based on GaN/SiGe/RFCMOS, PLL technologies, High speed/high bits ADC/DAC, broadband/high power amplifier, etc.Signal Process TechnologyChannel modeling, Signal Processing technologies for link/access Communication Systems, Signal Processing for Radar and sensor Systems, Compressive Sensing, Sparse Signal Processing, Waveform Diversity and Design, Adaptive Antennas and Beamforming, MIMO or SAR imaging signal processing, 2D/3D image/video signal processingNetworksAd hoc, Body Area, Sensor and Mesh Networks, Wireless Multimedia Networks, Internet of Things, Network Measurement and Monitoring Techniques, Multimode Wireless Networks, Next-generation Networking Architectures, Network Design

  • 2014 IEEE International Conference on Communication Problem-Solving (ICCP)

    Building on the its previous successes , the International Conference on Computational Problem-Solving (ICCP) is now renamed as the International Conference on Communications Problem -Solving (ICCP) to focus on solutions to problems and challenges arising in the areas of modern communications, radar and sensor areas technologies. In conjunction with the 2014 High Speed Intelligent Communication Forum (HSIC2014), ICCP2014 will be held in October, 2014 at Huairou, Beijing, China. The conference will feature keynote speeches, tutorials, regular papers, invited and special sessions, industrial exhibitions, as well as the best student paper competition.The conference would cover the following areas:RF circuit and subsystemDigital signal process technologiesNetworksApplicationInvited and special sessions

  • 2013 International Conference on Computational Problem-solving (ICCP)

    Circuits and Systems; Computational Electromagnetics; Computational Intelligence; General Computation; Networks; Signal Processing and Its Applications; Wireless Communications and Multimedia.

  • 2012 International Conference on Computational Problem-Solving (ICCP)

    Circuits and Systems; Computational Electromagnetics; Computational Intelligence; General Computation; Networks; Signal Processing and Its Applications; Wireless Communications and Multimedia.

  • 2011 International Conference on Computational Problem-Solving (ICCP)

    Circuits and Systems; Computational Electromagnetics; Computational Intelligence; General Computation; Networks; Signal Processing and Its Applications; Wireless Communications and Multimedia.

  • 2010 International Conference on Computational Problem-Solving (ICCP)

    Goal of this conference is to identify prominent ideas in this plethora of research domains, capable of envisioning the next-generation computation and internet technologies.


More Conferences

Periodicals related to Cyber Espionage

Back to Top

IT Professional

This IEEE Computer Society periodical covers the many rapidly emerging issues facing information technology professionals, developers, and managers of enterprise information systems. IT Professional's coverage areas include: Web services, Internet security, data management; enterprise architectures and infrastructures; organizing and utilizing data; instituting cross-functional systems; using IT for competitive breakthroughs; integrating systems and capitalizing on IT advances; emerging technologies like electronic ...


Security & Privacy, IEEE

IEEE Security & Privacy seeks to stimulate and track advances in security, privacy, and dependability and present these advances for a broad cross-section of academic researchers and industry practitioners. IEEE Security & Privacy aims to provide a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of security and dependability of computer-based systems, including legal ...


Systems Journal, IEEE

This publication provides a systems-level, focused forum for application-oriented manuscripts that address complex systems and system-of-systems of national and global significance.



Most published Xplore authors for Cyber Espionage

Back to Top

Xplore Articles related to Cyber Espionage

Back to Top

The coming of cyber espionage norms

2017 9th International Conference on Cyber Conflict (CyCon), 2017

The proposition that cyber espionage is acceptable state behavior, even as cyber attack is unacceptable, is in question. The United States has raised objections to certain types of cyber espionage activity, notably: (1) Chinese economically-motivated cyber espionage; (2) the (feared) transfer of data taken from the US Office of Personnel Management (OPM) and provided to criminals; and (3) Russian doxing ...


Drawing inferences from cyber espionage

2018 10th International Conference on Cyber Conflict (CyCon), 2018

To survive a confrontation, it helps to understand other side's capabilities and intensions. Estimates of opposing capabilities rest on an empirical basis but understanding the other side's intentions is inferred from words and deeds. Therein lies a dilemma common across all military domains: acts to alter the balance of a confrontation can also shape the inferences that the other side ...


Addressing the Threats of Online Theft of Trade Secret and Cyber Espionage in Malaysia: The Legal Landscape

2018 6th International Conference on Cyber and IT Service Management (CITSM), 2018

Online theft of trade secrets and commercial cyber espionage are growing threats to businesses and national economy in this digital economy. This global phenomenon of targeting trade secrets of corporation has caused the loss of billions of dollars in the UK, US, Japan and some others. These crimes are committed by rivals and in most cases with the help of ...


II Lessons from Cyberespionage

You'll see this message when it is too late: The Legal and Economic Aftermath of Cybersecurity Breaches, None

None


Exfiltrations using polymorphic blending techniques: Analysis and countermeasures

2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace, 2015

Cyber espionage campaigns and cyber attacks make use of data exfiltration on a regular basis causing damages for billions of dollars. Nowadays, they represent one of the primary threats, and they are performed by criminals, companies and states. Normally, data exfiltration uses classic application- layer protocols (e.g. FTP or HTTP) in combination with very basic obfuscation mechanisms. Even though in ...


More Xplore Articles

Educational Resources on Cyber Espionage

Back to Top

IEEE.tv Videos

Fragility of Interconnected Cyber-Physical Systems - Marios M. Polycarpou - WCCI 2016
Opening Chat: Rod Beckstrom and Xiaodong Lee - ETAP Beijing 2016
Toward Cyber-Physical/Human Systems that are Responsive and Scalable - Jing Li - IEEE Sarnoff Symposium, 2019
Cyber-Physical ICT for Smart Cities: Emerging Requirements in Control and Communications - Ryogo Kubo
Abstraction and Modeling of Cyber Security tutorial, Part 2
Keynote Isaac Ben-Israel - ETAP Forum Tel Aviv 2016
Abstraction and Modeling of Cyber Security tutorial, Part 1
Cyber Security Awareness (CSA) in Africa: Basie von Solms - ETAP Forum Namibia, Africa 2017
Hausi Muller: Models At Runtime and Networked Control for Smart Cyber Physical Systems: WF IoT 2016
Keynote: Greg Austin - ETAP Beijing 2016
Cyber Security: Why It’s Everyone’s Business - Panel at IEEE WIE Forum USA East 2017
CommunicAsia 2017 - Cyber Security (Collaboration with IEEE ComSoc)
Parry Aftab of Cybersafety India at Internet Inclusion: Advancing Solutions, Delhi, 2016
Achieving a Secure and Resilient Cyber Ecosystem - Homeland Security's Tom Ruoff
Risk Prevention for Industrial Controls: IECON 2018
IEEE Summit on Internet Governance 2014: Panel III - The Future of Internet Governance
Managing Risks of the Future IoT - Kayne McGladrey - VIC Summit 2019
Ivan Ruchkin: Challenges in Physical Modeling for Adaptation of Cyber-Physical Systems: WF IoT 2016
Industrial Standards and IoT Use Cases - Talk One: IECON 2018
Norha Villegas: The Role of Models at Runtime in Smart Cyber Physical Systems: WF IoT 2016

IEEE-USA E-Books

  • The coming of cyber espionage norms

    The proposition that cyber espionage is acceptable state behavior, even as cyber attack is unacceptable, is in question. The United States has raised objections to certain types of cyber espionage activity, notably: (1) Chinese economically-motivated cyber espionage; (2) the (feared) transfer of data taken from the US Office of Personnel Management (OPM) and provided to criminals; and (3) Russian doxing attacks, particularly against the Democratic National Committee (DNC). In effect, the United States has been edging towards advocating a new class of norms for cyber espionage - countries may carry it out, but not use the results for other than traditional intelligence purposes, that is for informing national security decisionmaking. Other forms of cyber espionage may come to be viewed as unacceptable, notably the uses of cyber espionage to enable cyber attacks on critical infrastructure. Establishing a norm that holds some forms of cyber espionage to be acceptable and others not would raise issues. First, can the United States and its friends define such norms in ways that render unacceptable (many of) those practices it finds objectionable, but do not prevent its own practices from being deemed unacceptable? In particular, can there be norms expressed in ways that allow all targets and methods to be used but restrict only what can be done with the information collected? Second, can monitoring regimes be developed to distinguish acceptable from unacceptable cyber espionage and attribute such actions - not only correctly, but in ways that are accepted widely enough to dissuade further such activity?

  • Drawing inferences from cyber espionage

    To survive a confrontation, it helps to understand other side's capabilities and intensions. Estimates of opposing capabilities rest on an empirical basis but understanding the other side's intentions is inferred from words and deeds. Therein lies a dilemma common across all military domains: acts to alter the balance of a confrontation can also shape the inferences that the other side draws about one's intentions. The dilemma also operates in cyberspace, but in unique ways. First, efforts by one side to acquire information on the other can be read by the other side as preparations for a cyber attack prefatory to a military attack. Second, others may draw inferences from the fact of cyber espionage alone, even though the basis for believing in a cyber security dilemma is weak. Third, there are ways of carrying out cyber espionage that can mitigate inferences that others draw about the imminence of cyber attack by, for example, limiting which components within a network are targeted for eavesdropping or by using penetration methods that do not leave arbitrary code behind. Fourth, defenders themselves can also modulate their reactions in ways that limit drawing unnecessary inferences. Fifth, expectations of how well modulating cyber espionage can convey peaceful intentions should be very modest. All these are complicated by difficulties in the target's ascertaining a penetration's date, characterization, and authorship. We conclude with a call for those who would penetrate military-related systems to think about the inferences that the other side may draw if such penetrations are discovered.

  • Addressing the Threats of Online Theft of Trade Secret and Cyber Espionage in Malaysia: The Legal Landscape

    Online theft of trade secrets and commercial cyber espionage are growing threats to businesses and national economy in this digital economy. This global phenomenon of targeting trade secrets of corporation has caused the loss of billions of dollars in the UK, US, Japan and some others. These crimes are committed by rivals and in most cases with the help of an insider who is normally an employee of the organization. In the US the prosecution of a Chinese national who disclosed a company trade secret in China while working in US indicated the cross border nature of the crimes. Responding to the threat, the US regards theft of trade secret and economic espionage in whatever form as crime against the state under the Economic Espionage Act 1996. In Japan such crimes are regarded as threats to the business industry that are penalized under the Unfair Competition Law of Japan. Although such decision broke the tradition of allowing mobility of workers and protecting the loyalty of workers in Japan, such law was introduced to protect the industry from unethical business practice and also to protect research and development to boost the Japanese economy. In contrast Malaysia like the UK has no specific law criminalizing economic espionage and theft of trade secrets even though the threats are growing. Without such laws the business community particularly the small business enterprises are exposed to this digital risks. However in relation to online theft of trade secrets and cyber espionage, the Communication and Multimedia Act 1998(CMA) and Computer Crimes Act 1997 (CCA) may be relied on to criminalized online theft of trade secrets and cyber espionage. By adopting SWOT and comparative analysis, this paper examines the administrative policy by the Malaysian Government and the current regulatory framework governing cyber espionage and online theft of trade secret in Malaysia. This paper concludes that both administrative policy and regulatory framework should complement each other to give better protection against online theft of trade secrets and commercial cyber espionage in Malaysia.

  • II Lessons from Cyberespionage

    None

  • Exfiltrations using polymorphic blending techniques: Analysis and countermeasures

    Cyber espionage campaigns and cyber attacks make use of data exfiltration on a regular basis causing damages for billions of dollars. Nowadays, they represent one of the primary threats, and they are performed by criminals, companies and states. Normally, data exfiltration uses classic application- layer protocols (e.g. FTP or HTTP) in combination with very basic obfuscation mechanisms. Even though in most cases these techniques are effective enough, this paper describes how instead they can be detected using properly configured IDSs. Moreover, we introduce a novel approach named polymorphic blending exfiltration that serves to avoid detection from signature-based as well as anomaly-based IDSs. This technique permits to blend the exfiltrated data in the normal and legitimate traffic. We show how IDSs can be easily improved in order to be able to detect such exfiltration. Finally, we conclude presenting different evasion techniques that can be included in the polymorphic blending exfiltration to keep providing a safe undetectable exfiltration.

  • Security in cyberspace: Issues, challenges and suggestion

    With the rapid development of information technology, people more and more dependent on cyberspace, cyberspace connects billions of users all over the world. It offers great convenience to people; but it also provides a lot of opportunities for criminals to commit crime using the new information tools. Cyberspace has been faced many security challenges like identity tracing, identity theft, cyberspace terrorism and cyberspace warfare. In this paper, we focus on analysis these security challenges, and give some possible solutions offered by law and technology.

  • States of cyber warfare

    Cyber-attacks are damaging and disruptive when orchestrated by criminals and hacktivists with a point to prove, but they take on a more sinister and potentially catastrophic significance when carried out or supported by government-funded military or intelligence units. State-sponsored cyber espionage and cyber terrorism have been steadily growing in frequency and diversity over the last decade as national authorities become increasingly reliant on digital information and expansive networks. The situation is considered so serious in some circles that calls to establish agreed rules on the use of cyber weapons against the critical national infrastructure (CNI) of individual countries are getting louder. Yet, as befitting the murky world of spies, it is hard to assess exactly how much progress has been made on any cyber warfare proliferation deals to date. Some question whether digital arms controls that restrict the use of specific types of cyber weapon, such as advanced persistent threats, distributed denial of service (DDoS) attacks or malware, are feasible in the first place.

  • The case for cyber counterintelligence

    A paradigmatic shift in thinking on cyber security in the 21st century is gaining momentum. This turn in thinking is rooted in a widening acknowledgement that conventional cyber security solutions no longer offer adequate protection in the face of threats posed by role players such as nation states, criminal syndicates, corporate spies, terrorists, hacktivists and rogue individuals. It is clear that securing cyber space depends not only on raising the bar in respect of existing measures, but also on taking proactive action focussing on threat agents. Views are, however, not so clear on what such proactive action should entail and how this should be integrated with conventional cyber security measures. Similarly, conceptual clarity is lacking on the configuration of an integrated response congruent with the challenges posed by the fast changing threatscape. The paper examines firstly the cyber threatscape and the challenges this poses. It proceeds with advancing cyber counterintelligence as a conceptual and practicable option to meeting cyber security challenges coherently and proactively. Although cyber counterintelligence is not a novel concept, it is academically under-explored as open-source literature on this subject is relatively sparse. In particular, the quest for an integrated conceptual model for cyber counterintelligence is still in its infancy. This paper does not purport to offer a refined model, but endeavours to propose a few contours useful to its construction. Compiled for a wide target audience that includes business professionals and academia, the paper is underpinned by principles and constructs derived from statutory counterintelligence theory and practice.

  • Using inherent command and control vulnerabilities to halt DDoS attacks

    Dirt Jumper is a powerful distributed denial of service (DDoS) family of toolkits (e.g., includes Drive version x, Dirt Jumper version x, and Pandora) sold in online black markets. The buyers are typically individuals who seek to infect computers globally and incite them to collectively emit crippling unsolicited network traffic to unsuspecting targets, often for criminal purposes. The Dirt Jumper Family (DJF) of botnets is not new; however, new variants have made the family more destructive and more relevant. The DJF has caused millions of dollars of damage across several different business sectors. Notably in 2014, a European media company was attacked with a 10-hour, 200 gigabit per second DDoS campaign with an estimated impact of $20M. Traditional defensive measures, like firewalls, intrusion prevention systems, and defense-in-depth, are not always effective. The threat may hasten the emergence of active defenses to protect Internet-based revenue streams or intellectual property. In practice, some companies have either found legal loopholes that provide immunity, or have decided to leverage the budding relationship between the government and the private sector to Hack Back with implied immunity. Either way, tools are currently being used to defend against hacking. This paper provides: (1) an overview of the present threat posed by the Dirt Jumper family of DDoS toolkits, (2) an overview of the Hacking Back debate and clear examples of the use of legal loopholes or implied immunity, and (3) novel offensive campaigns that could be used to stop active DDoS attacks by exploiting vulnerabilities in the botnet's command and control (C&C). Our work could be the first steps toward a cyber-deterrence strategy for hacking and cyber espionage, which is a National Security imperative.

  • A study of Indian approach towards cyber security

    Cyberspace is a network of networks connecting billions of users round the globe with the help of networked gadgets that include computers, mobile phones, palmtops, iPods, etc. Internet, though offers great benefit to society, it also presents opportunities for criminals using new and highly sophisticated technology tools. It both poses and suffers from various security challenges as it is used to commit crime and is itself target of crime. It has unveiled many unique challenges like cyber espionage, cyber warfare, cyber terrorism that were not known previously in real space. The technology is constantly evolving which gives birth to a newer crime and a new generation of crimes has come on the horizon. It is in this backdrop that an attempt is made to analyze different facets of cybercrimes together with possible solutions offered by law and technology.



Standards related to Cyber Espionage

Back to Top

No standards are currently tagged "Cyber Espionage"


Jobs related to Cyber Espionage

Back to Top