FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation

Pages:     | 1 |   ...   | 4 | 5 ||

«Untangling Attribution David D. Clark* and Susan Landau** I. Introduction In February 2010, former Director of the National Security Agency Mike ...»

-- [ Page 6 ] --

This problem can be confronted in a number of ways, including by making hosts more secure (a long-term effort) and by making it harder for an infested machine to launch a subsequent attack. If this problem could be resolved, it would eliminate many uncertainties in attribution. Since it is not now resolved, it imposes limits on the utility of attribution, no matter how it is structured. Thus a prime problem for the research community is the issue of dealing with multi-stage attacks. This should be of 44 This right is not unqualified. For example., in Stanley v. Georgia, 394 U.S. 557 (1969), the Supreme Court ruled that states could not criminalize private possession of obscene materials. For a thoughtful discussion of First Amendment protection on the right to read anonymously, see Julie Cohen, A Right to Read Anonymously: A Closer Look at "Copyight Management" in Cyberspace, 28 CONN. L. REV 981 (1996).

2011 / UntanglingAttribution central attention to network researchers, rather than (for example) the problem of designing highly robust top-down identity schemes. Long term, we should look at what sorts of attribution would be of value if the multi-stage attack problem had been mitigated, as well as what is useful now.

Any attempts to deal with multi-stage attacks by tracing back the chain of machines involved will depend more on machine-level attribution at the intermediate steps, rather than personal-level attribution. Since the intermediate machines are normally being used without the permission (or knowledge) of their owners, knowing the identity of those owners is not very useful in trace-back. While one might imagine holding those owners accountable for some sort of secondary responsibility, the primary goal is to find the primary actor responsible for the attack, which involves following a chain of connections between machines.

D. Conclusion 4

We believe that pragmatically, the most important barriers to deterrence today are not poor technical tools for attribution, but issues that arise due to cross-jurisdictional attacks, especially multi-stage attacks. In other words, deterrence must be achieved through the governmental tools of state and not by engineering design.

Shifting the national security problem of attribution to its proper domain, namely from the tools of technology to the tools of state, means several changes in thinking about how tackle the problem. Rather than seeking solutions to the broad "attribution problem," networking researchers should move to considering the more narrowly focused problem of multistage attacks. Instead of seeking a purely technical fix, the U.S. government should move to diplomatic tools, including possibly treaties on cybercrime and cyberattack, to handle the multi-stage, multi-jurisdictional challenges of cyberexploitation and cyberattack. The efforts for top-down control of user identity and attribution, while appropriate and valid for criticalinfrastructure domains such as those of energy, financial, and government services, have little role to play in the broader public network. Such efforts can be avoided, leading ultimately to better public safety, security, and privacy.

Pages:     | 1 |   ...   | 4 | 5 ||

Similar works:

«Joseph Bummer, Jordan Walters, Kurt Carrasquilla, Lawrence Lo HOW WE WORK WITH YOU Attached below, you will find a description of our philosophies and processes, analyses, structure, and many of our organizational capabilities. We invite you to ask us any questions that may come to mind. Thank you for your interest and we look forward to speaking with you.JORDAN WALTERS KURT CARRASQUILLA Senior Vice President Wealth Management Vice President Wealth Management Financial Advisor Financial Advisor...»

«TRUE COLORS® INTERNATIONAL 3605 West MacArthur Blvd., Suite 702 Santa Ana, CA 92704 800-422-4686 www.true-colors.com The simple, user‐friendly personality assessment and  communication system that stimulates personal and  professional development.  Its the most effective  personality self‐assessment tool for supporting ANY organizational transformation.    Scientific – It’s a research based personality temperament model. ...»

«19 BACTERIAS Los alimentos son alterados por diferentes géneros bacterianos y a su vez, pueden servir como vehículo de patógenos o sus toxinas. Se conoce como microbiota dominante a los microorganismos que causan la descomposición bajo las condiciones normales de almacenamiento. Identificar al organismo que ha producido una infección o intoxicación alimentaria o generado el deterioro del alimento, es una tarea laboriosa y compleja (1). CUADRO 1. Bacterias frecuentemente halladas en los...»

«Home insurance terms and conditions We want our Home Insurance to be of benefit to you and give you peace of mind in unexpected turn of events. Home insurance terms and conditions No. MA 0311 Approved by Resolution of the Board of Swedbank P&C Insurance AS In force from 1 March 2010 Together with Real Estate Insurance, you can select Home Contents Insurance and/or homeowner’s Liability Insurance. The selected insurance products are shown on the Insurance Policy. Please carefully read the Home...»

<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.