Difference between revisions of "Xygh Offense vs Defense"

Revision as of 20:35, 11 November 2005

Going on the offensive in response to a cyber-attack

General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response? (Cases where traditional law enforcement methods are ineffective?)

What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:
- Trace-back to identify the source of an attack (requires hacking into third-party machines)
- White worms to neutralize compromised hosts, e.g., Tim Mullen's strikeback idea
- DDOS for retaliation (is this ever a good idea?)
- Other possibilities...?

Legal issues
- Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? (Also, military ideas such as rules of engagement, proportional response?)
- Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions?
- See Karnow's notes

Revision as of 18:13, 11 November 2005 (view source) Hiatus (talk \| contribs) ← Older edit		Revision as of 20:35, 11 November 2005 (view source) Yi-Kai (talk \| contribs) Newer edit →
Line 2:		Line 2:


−	*General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response?	+	*General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response? (Cases where traditional law enforcement methods are ineffective?)

	*What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:		*What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples: