Difference between revisions of "Xygh Offense vs Defense"
From CyberSecurity
Line 2: | Line 2: | ||
− | *General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response? | + | *General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response? (Cases where traditional law enforcement methods are ineffective?) |
*What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples: | *What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples: |
Revision as of 20:35, 11 November 2005
Going on the offensive in response to a cyber-attack
- General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? Are there ways to reduce the collateral damage? In what situations is this an appropriate response? (Cases where traditional law enforcement methods are ineffective?)
- What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:
- Trace-back to identify the source of an attack (requires hacking into third-party machines)
- White worms to neutralize compromised hosts, e.g., Tim Mullen's strikeback idea
- DDOS for retaliation (is this ever a good idea?)
- Other possibilities...?
- Legal issues
- Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? (Also, military ideas such as rules of engagement, proportional response?)
- Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions?
- See Karnow's notes