Difference between revisions of "Xygh Offense vs Defense"
From CyberSecurity
| Line 2: | Line 2: | ||
| − | *General questions: How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? What can a counter-attack accomplish? | + | *General questions: |
| + | **How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information? | ||
| + | **What can a counter-attack accomplish? Are there ways to reduce the collateral damage? | ||
| + | **Why do we need this capability? In what situations is this an appropriate response? (Resort to warfare in cases where traditional law enforcement methods are ineffective?) Also, can offense be more cost-effective than defense? | ||
*What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples: | *What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples: | ||
Revision as of 20:47, 11 November 2005
Going on the offensive in response to a cyber-attack
- General questions:
- How do we define "offensive counter-attack?" Is a cyber-investigation followed by legal action included in this? How about posing as a hacker to get information?
- What can a counter-attack accomplish? Are there ways to reduce the collateral damage?
- Why do we need this capability? In what situations is this an appropriate response? (Resort to warfare in cases where traditional law enforcement methods are ineffective?) Also, can offense be more cost-effective than defense?
- What kinds of offensive measures are available? Are they feasible? What are the effects of these attacks? Examples:
- Trace-back to identify the source of an attack (requires hacking into third-party machines)
- White worms to neutralize compromised hosts, e.g., Tim Mullen's strikeback idea
- DDOS for retaliation (is this ever a good idea?)
- Other possibilities...?
- Legal issues
- Are there legal principles or precedents (e.g., self-defense) that could justify a counter-attack? (Also, military ideas such as rules of engagement, proportional response?)
- Legal framework: When is a counter-attack permissible? Who is allowed to do it? Do they need to collect evidence or document their actions?
- See Karnow's notes
