Difference between revisions of "Xygh Offense vs Defense"
From CyberSecurity
(Preliminary ideas) |
|||
Line 10: | Line 10: | ||
*Legal issues | *Legal issues | ||
− | **Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? | + | **Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? (Also, military ideas such as rules of engagement, proportional response?) |
**Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions? | **Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions? | ||
**See Karnow's [http://www.blackhat.com/presentations/win-usa-03/bh-win-03-karnow-notes.pdf notes] | **See Karnow's [http://www.blackhat.com/presentations/win-usa-03/bh-win-03-karnow-notes.pdf notes] |
Revision as of 06:59, 11 November 2005
Going on the offensive in response to a cyber-attack
- General questions: What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response?
- What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:
- Trace-back to identify the source of an attack (requires hacking into third-party machines)
- White worms to neutralize compromised hosts, e.g., Tim Mullen's strikeback idea
- DDOS for retaliation (is this ever a good idea?)
- Other possibilities...?
- Legal issues
- Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? (Also, military ideas such as rules of engagement, proportional response?)
- Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions?
- See Karnow's notes