38 resources related to Cyber Espionage
- Topics related to Cyber Espionage
- IEEE Organizations related to Cyber Espionage
- Conferences related to Cyber Espionage
- Periodicals related to Cyber Espionage
- Most published Xplore authors for Cyber Espionage
Conflict and actors in cyberspaceCyber capabilitiesTechnical challenges, innovations and requirementsInternet of thingsInternational law and normsInternational cooperation
Computer Security, Malware Analysis, Deception Platforms, Anti-Virus Products, Anti-Malware Solutions
Intelligence and Security Informatics (ISI) is an interdisciplinary field of research that focuses onthe development, use, and evaluation of advanced information technologies, includingmethodologies, models and algorithms, systems, and tools, for local, national, and internationalsecurity related applications.
2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
IEEE Cybermatics 2018 aims to provide a high-profile platform for researchers and engineers to exchange and explore state-of-art innovations in cyber technology and their applications in physical, social and mental worlds.
2016 International Conference On Communication Problem-Solving (ICCP)
International Conference on Communications Problem -Solving (ICCP) is focus on solutions to problems and challenges arising in the areas of modern communications, radar and sensor areas technologies. The conference will feature keynote speeches, tutorials, regular papers, invited and special sessions, industrial exhibitions, as well as the best student paper competition.
This IEEE Computer Society periodical covers the many rapidly emerging issues facing information technology professionals, developers, and managers of enterprise information systems. IT Professional's coverage areas include: Web services, Internet security, data management; enterprise architectures and infrastructures; organizing and utilizing data; instituting cross-functional systems; using IT for competitive breakthroughs; integrating systems and capitalizing on IT advances; emerging technologies like electronic ...
IEEE Security & Privacy seeks to stimulate and track advances in security, privacy, and dependability and present these advances for a broad cross-section of academic researchers and industry practitioners. IEEE Security & Privacy aims to provide a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of security and dependability of computer-based systems, including legal ...
This publication provides a systems-level, focused forum for application-oriented manuscripts that address complex systems and system-of-systems of national and global significance.
2017 9th International Conference on Cyber Conflict (CyCon), 2017
The proposition that cyber espionage is acceptable state behavior, even as cyber attack is unacceptable, is in question. The United States has raised objections to certain types of cyber espionage activity, notably: (1) Chinese economically-motivated cyber espionage; (2) the (feared) transfer of data taken from the US Office of Personnel Management (OPM) and provided to criminals; and (3) Russian doxing ...
2018 10th International Conference on Cyber Conflict (CyCon), 2018
To survive a confrontation, it helps to understand other side's capabilities and intensions. Estimates of opposing capabilities rest on an empirical basis but understanding the other side's intentions is inferred from words and deeds. Therein lies a dilemma common across all military domains: acts to alter the balance of a confrontation can also shape the inferences that the other side ...
2018 6th International Conference on Cyber and IT Service Management (CITSM), 2018
Online theft of trade secrets and commercial cyber espionage are growing threats to businesses and national economy in this digital economy. This global phenomenon of targeting trade secrets of corporation has caused the loss of billions of dollars in the UK, US, Japan and some others. These crimes are committed by rivals and in most cases with the help of ...
You'll see this message when it is too late: The Legal and Economic Aftermath of Cybersecurity Breaches, None
2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace, 2015
Cyber espionage campaigns and cyber attacks make use of data exfiltration on a regular basis causing damages for billions of dollars. Nowadays, they represent one of the primary threats, and they are performed by criminals, companies and states. Normally, data exfiltration uses classic application- layer protocols (e.g. FTP or HTTP) in combination with very basic obfuscation mechanisms. Even though in ...
Opening Chat: Rod Beckstrom and Xiaodong Lee - ETAP Beijing 2016
Toward Cyber-Physical/Human Systems that are Responsive and Scalable - Jing Li - IEEE Sarnoff Symposium, 2019
Cyber-Physical ICT for Smart Cities: Emerging Requirements in Control and Communications - Ryogo Kubo
Abstraction and Modeling of Cyber Security tutorial, Part 2
Keynote Isaac Ben-Israel - ETAP Forum Tel Aviv 2016
Abstraction and Modeling of Cyber Security tutorial, Part 1
Cyber Security Awareness (CSA) in Africa: Basie von Solms - ETAP Forum Namibia, Africa 2017
Hausi Muller: Models At Runtime and Networked Control for Smart Cyber Physical Systems: WF IoT 2016
Keynote: Greg Austin - ETAP Beijing 2016
Cyber Security: Why It’s Everyone’s Business - Panel at IEEE WIE Forum USA East 2017
CommunicAsia 2017 - Cyber Security (Collaboration with IEEE ComSoc)
Parry Aftab of Cybersafety India at Internet Inclusion: Advancing Solutions, Delhi, 2016
Achieving a Secure and Resilient Cyber Ecosystem - Homeland Security's Tom Ruoff
Risk Prevention for Industrial Controls: IECON 2018
IEEE Summit on Internet Governance 2014: Panel III - The Future of Internet Governance
Managing Risks of the Future IoT - Kayne McGladrey - VIC Summit 2019
Ivan Ruchkin: Challenges in Physical Modeling for Adaptation of Cyber-Physical Systems: WF IoT 2016
Industrial Standards and IoT Use Cases - Talk One: IECON 2018
Norha Villegas: The Role of Models at Runtime in Smart Cyber Physical Systems: WF IoT 2016
The proposition that cyber espionage is acceptable state behavior, even as cyber attack is unacceptable, is in question. The United States has raised objections to certain types of cyber espionage activity, notably: (1) Chinese economically-motivated cyber espionage; (2) the (feared) transfer of data taken from the US Office of Personnel Management (OPM) and provided to criminals; and (3) Russian doxing attacks, particularly against the Democratic National Committee (DNC). In effect, the United States has been edging towards advocating a new class of norms for cyber espionage - countries may carry it out, but not use the results for other than traditional intelligence purposes, that is for informing national security decisionmaking. Other forms of cyber espionage may come to be viewed as unacceptable, notably the uses of cyber espionage to enable cyber attacks on critical infrastructure. Establishing a norm that holds some forms of cyber espionage to be acceptable and others not would raise issues. First, can the United States and its friends define such norms in ways that render unacceptable (many of) those practices it finds objectionable, but do not prevent its own practices from being deemed unacceptable? In particular, can there be norms expressed in ways that allow all targets and methods to be used but restrict only what can be done with the information collected? Second, can monitoring regimes be developed to distinguish acceptable from unacceptable cyber espionage and attribute such actions - not only correctly, but in ways that are accepted widely enough to dissuade further such activity?
To survive a confrontation, it helps to understand other side's capabilities and intensions. Estimates of opposing capabilities rest on an empirical basis but understanding the other side's intentions is inferred from words and deeds. Therein lies a dilemma common across all military domains: acts to alter the balance of a confrontation can also shape the inferences that the other side draws about one's intentions. The dilemma also operates in cyberspace, but in unique ways. First, efforts by one side to acquire information on the other can be read by the other side as preparations for a cyber attack prefatory to a military attack. Second, others may draw inferences from the fact of cyber espionage alone, even though the basis for believing in a cyber security dilemma is weak. Third, there are ways of carrying out cyber espionage that can mitigate inferences that others draw about the imminence of cyber attack by, for example, limiting which components within a network are targeted for eavesdropping or by using penetration methods that do not leave arbitrary code behind. Fourth, defenders themselves can also modulate their reactions in ways that limit drawing unnecessary inferences. Fifth, expectations of how well modulating cyber espionage can convey peaceful intentions should be very modest. All these are complicated by difficulties in the target's ascertaining a penetration's date, characterization, and authorship. We conclude with a call for those who would penetrate military-related systems to think about the inferences that the other side may draw if such penetrations are discovered.
Online theft of trade secrets and commercial cyber espionage are growing threats to businesses and national economy in this digital economy. This global phenomenon of targeting trade secrets of corporation has caused the loss of billions of dollars in the UK, US, Japan and some others. These crimes are committed by rivals and in most cases with the help of an insider who is normally an employee of the organization. In the US the prosecution of a Chinese national who disclosed a company trade secret in China while working in US indicated the cross border nature of the crimes. Responding to the threat, the US regards theft of trade secret and economic espionage in whatever form as crime against the state under the Economic Espionage Act 1996. In Japan such crimes are regarded as threats to the business industry that are penalized under the Unfair Competition Law of Japan. Although such decision broke the tradition of allowing mobility of workers and protecting the loyalty of workers in Japan, such law was introduced to protect the industry from unethical business practice and also to protect research and development to boost the Japanese economy. In contrast Malaysia like the UK has no specific law criminalizing economic espionage and theft of trade secrets even though the threats are growing. Without such laws the business community particularly the small business enterprises are exposed to this digital risks. However in relation to online theft of trade secrets and cyber espionage, the Communication and Multimedia Act 1998(CMA) and Computer Crimes Act 1997 (CCA) may be relied on to criminalized online theft of trade secrets and cyber espionage. By adopting SWOT and comparative analysis, this paper examines the administrative policy by the Malaysian Government and the current regulatory framework governing cyber espionage and online theft of trade secret in Malaysia. This paper concludes that both administrative policy and regulatory framework should complement each other to give better protection against online theft of trade secrets and commercial cyber espionage in Malaysia.
Cyber espionage campaigns and cyber attacks make use of data exfiltration on a regular basis causing damages for billions of dollars. Nowadays, they represent one of the primary threats, and they are performed by criminals, companies and states. Normally, data exfiltration uses classic application- layer protocols (e.g. FTP or HTTP) in combination with very basic obfuscation mechanisms. Even though in most cases these techniques are effective enough, this paper describes how instead they can be detected using properly configured IDSs. Moreover, we introduce a novel approach named polymorphic blending exfiltration that serves to avoid detection from signature-based as well as anomaly-based IDSs. This technique permits to blend the exfiltrated data in the normal and legitimate traffic. We show how IDSs can be easily improved in order to be able to detect such exfiltration. Finally, we conclude presenting different evasion techniques that can be included in the polymorphic blending exfiltration to keep providing a safe undetectable exfiltration.
With the rapid development of information technology, people more and more dependent on cyberspace, cyberspace connects billions of users all over the world. It offers great convenience to people; but it also provides a lot of opportunities for criminals to commit crime using the new information tools. Cyberspace has been faced many security challenges like identity tracing, identity theft, cyberspace terrorism and cyberspace warfare. In this paper, we focus on analysis these security challenges, and give some possible solutions offered by law and technology.
Cyber-attacks are damaging and disruptive when orchestrated by criminals and hacktivists with a point to prove, but they take on a more sinister and potentially catastrophic significance when carried out or supported by government-funded military or intelligence units. State-sponsored cyber espionage and cyber terrorism have been steadily growing in frequency and diversity over the last decade as national authorities become increasingly reliant on digital information and expansive networks. The situation is considered so serious in some circles that calls to establish agreed rules on the use of cyber weapons against the critical national infrastructure (CNI) of individual countries are getting louder. Yet, as befitting the murky world of spies, it is hard to assess exactly how much progress has been made on any cyber warfare proliferation deals to date. Some question whether digital arms controls that restrict the use of specific types of cyber weapon, such as advanced persistent threats, distributed denial of service (DDoS) attacks or malware, are feasible in the first place.
A paradigmatic shift in thinking on cyber security in the 21st century is gaining momentum. This turn in thinking is rooted in a widening acknowledgement that conventional cyber security solutions no longer offer adequate protection in the face of threats posed by role players such as nation states, criminal syndicates, corporate spies, terrorists, hacktivists and rogue individuals. It is clear that securing cyber space depends not only on raising the bar in respect of existing measures, but also on taking proactive action focussing on threat agents. Views are, however, not so clear on what such proactive action should entail and how this should be integrated with conventional cyber security measures. Similarly, conceptual clarity is lacking on the configuration of an integrated response congruent with the challenges posed by the fast changing threatscape. The paper examines firstly the cyber threatscape and the challenges this poses. It proceeds with advancing cyber counterintelligence as a conceptual and practicable option to meeting cyber security challenges coherently and proactively. Although cyber counterintelligence is not a novel concept, it is academically under-explored as open-source literature on this subject is relatively sparse. In particular, the quest for an integrated conceptual model for cyber counterintelligence is still in its infancy. This paper does not purport to offer a refined model, but endeavours to propose a few contours useful to its construction. Compiled for a wide target audience that includes business professionals and academia, the paper is underpinned by principles and constructs derived from statutory counterintelligence theory and practice.
Dirt Jumper is a powerful distributed denial of service (DDoS) family of toolkits (e.g., includes Drive version x, Dirt Jumper version x, and Pandora) sold in online black markets. The buyers are typically individuals who seek to infect computers globally and incite them to collectively emit crippling unsolicited network traffic to unsuspecting targets, often for criminal purposes. The Dirt Jumper Family (DJF) of botnets is not new; however, new variants have made the family more destructive and more relevant. The DJF has caused millions of dollars of damage across several different business sectors. Notably in 2014, a European media company was attacked with a 10-hour, 200 gigabit per second DDoS campaign with an estimated impact of $20M. Traditional defensive measures, like firewalls, intrusion prevention systems, and defense-in-depth, are not always effective. The threat may hasten the emergence of active defenses to protect Internet-based revenue streams or intellectual property. In practice, some companies have either found legal loopholes that provide immunity, or have decided to leverage the budding relationship between the government and the private sector to Hack Back with implied immunity. Either way, tools are currently being used to defend against hacking. This paper provides: (1) an overview of the present threat posed by the Dirt Jumper family of DDoS toolkits, (2) an overview of the Hacking Back debate and clear examples of the use of legal loopholes or implied immunity, and (3) novel offensive campaigns that could be used to stop active DDoS attacks by exploiting vulnerabilities in the botnet's command and control (C&C). Our work could be the first steps toward a cyber-deterrence strategy for hacking and cyber espionage, which is a National Security imperative.
Cyberspace is a network of networks connecting billions of users round the globe with the help of networked gadgets that include computers, mobile phones, palmtops, iPods, etc. Internet, though offers great benefit to society, it also presents opportunities for criminals using new and highly sophisticated technology tools. It both poses and suffers from various security challenges as it is used to commit crime and is itself target of crime. It has unveiled many unique challenges like cyber espionage, cyber warfare, cyber terrorism that were not known previously in real space. The technology is constantly evolving which gives birth to a newer crime and a new generation of crimes has come on the horizon. It is in this backdrop that an attempt is made to analyze different facets of cybercrimes together with possible solutions offered by law and technology.
No standards are currently tagged "Cyber Espionage"