Abstract
This chapter presents a comparison and positioning of several national cyber-doctrines, and an overview of the technological changes that are shaping national policies and national defense systems. In particular, the chapter questions radical changes in technology that are lagging in both comprehension and implementation into cyber-doctrines and national cyber-defense systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Baumard (1994).
- 2.
- 3.
Parxson (1999), Sterbenz et al. (2010).
- 4.
- 5.
- 6.
Majorczyk et al. (2007), Manqui et al. (2010).
- 7.
- 8.
- 9.
Kushner (2013), Lagner (2011).
- 10.
- 11.
- 12.
Markou and Singh (2003).
- 13.
Marsland (2003).
- 14.
Roberts and Tarassenko (1994).
- 15.
- 16.
- 17.
Roberts and Tarassenko (1994).
- 18.
Yeung and Ding (2002).
- 19.
Markou and Singh (2003).
- 20.
Freud (1905): pp. 147–149.
- 21.
Yap and Calonzo (2016).
- 22.
“The hackers chose the weekend in four countries as the opportune moment to break into the BB system. The weekly two-day bank holiday starts in Bangladesh at Thursday midnight and a day later in the US, the Philippines and Sri Lanka. Knowing that there would be no mutual correspondence immediately, around the midnight on February 4, a Thursday, the hackers sent the fake payment orders.”, Asian News, R.K. Byron and Md F. Rahman, “Hackers bugged Bangladesh Bank system in Jan”, March 11, 2016.
- 23.
“Because it was a Friday—a weekend in Muslim-majority Bangladesh—Huda left the office around 11.15 am and asked colleagues to help fix the problem. It took them more than 24 h before they could manually print the receipts, which revealed dozens of questionable transactions that sent the bank racing to stop cash from leaving its account with the Federal Reserve Bank of New York to the Philippines, Sri Lanka and beyond”, C. Yap and A. Calonzo, op. cit.
- 24.
Byron (2016).
- 25.
According to Byron, op. cit., “The funds were converted into pesos in various tranches to the bank accounts of Chinese national Weikang Xu, Eastern Hawaii Leisure Co and Bloomberry Hotels Inc (Solaire Resorts)”.
- 26.
Such a preparation would consist of designing and crafting signals or behaviors so that they contrive a higher relative congruity value that intrinsic incongruous value to the receiver.
- 27.
Garfinkel and Dinolt (2011).
- 28.
- 29.
- 30.
Ou et al. (2009).
- 31.
Following Jones (1975) elaboration of the relativity of congruity and incongruity.
- 32.
Juels and Yen (2012).
- 33.
Jones (1978).
- 34.
Cheung et al. (2003).
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
“ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms”, Kapersky Secure List, August 8, 2016.
- 41.
“Once installed, the main ProjectSauron modules start working as ‘sleeper cells’, displaying no activity of their own and waiting for ‘wake-up’ commands in the incoming network traffic. This method of operation ensures ProjectSauron’s extended persistence on the servers of targeted organizations” (Kapersky Secure List, op. cit.).
- 42.
“Predictions for 2017: Indicators of compromise are dead”, Kapersky Lab annual report, https://kasperskycontenthub.com/securelist/files/2016/11/KL_Predictions_2017.pdf.
- 43.
- 44.
Cuppens and Miège (2002).
- 45.
Almgren et al. (2008).
References
Al-Jarrah O, Arafat A (2014) Network intrusion detection system using attack behavior classification. In: 5th international conference on Information and communication systems (ICICS), 2014 pp 1–6, 1–3
Almgren M, Lindqvist U, Jonsson E (2008) A multi-sensor model to improve automated attack detection. In: 11th international symposium on recent advances in intrusion detection, RAID
Baumard P (1994) From noticing to making sense: using intelligence to develop strategy. Int J Intell Counterintelligence 7(1)
Bierly PE, Gallagher S, Spender JC (2008) Innovation and learning in high-reliability organizations: a case study of united states and russian nuclear attack submarines, 1970–2000. IEEE Trans Eng manag 55(3):393–408. doi:10.1109/TEM.2008.922643
Bourrier M (1996) Organizing maintenance work at two American nuclear power plants. J Contingencies Crisis Manag 4(2):104–112
Byron RK (2016) Hackers’ bid to steal $870 m more from Bangladesh central bank foiled. Asian News
Cheung S, Lindqvist U, Fong MW (2003) Modeling multistep cyber attacks for scenario recognition. In: DARPA information survivability conference and exposition (DISCEX III), Washington, D.C, pp 284–292
Chow CK (1970) On optimum recognition error and reject tradeoff. IEEE Trans Inf Theor IT-16(1):41–46
Cuppens F, Miège A (2002) Alert correlation in a cooperative intrusion detection framework. In: IEEE symposium on security and privacy
Freud S (1905) Jokes and their relation to the unconscious, (trans: Strachey J). Routledge and Kegan Paul, New York
Fry M, Fischer M, Smith P (2010) Challenge identification for network resilience, 65th EURO-NF conference next generation internet (NGI 10). IEEE Press, pp. 1–8
Garfinkel SL, Dinolt G (2011) Operations with degraded security. IEEE Secur Priv 9(6):43–48
Hansen LK, Liisberg C, Salamon P (1997) The error-reject tradeoff. Open Syst Inf Dyn 4:159–184
Jones RV (1975) The theory of practical joking–an elaboration. Inst Math its Appl 11(2):10–17
Jones RV (1978) Most secret war: british scientific intelligence 1939–1945. Hamish Hamilton, London
Juels A, Yen T-F (2012) Sherlock holmes and the case of the advanced persistent threat. In: 5th USENIX workshop on large-scale exploits and emergent threats (LEET)
Kloft M, Laskov P (2011) Online anomaly detection under adversarial impact. In: JMLR workshop and conference proceedings 9 (AISTATS 2010), 12 May–14 May 2010, Sardinia, Italy.
Kushner D (2013) The real story of stuxnet. IEEE Spectr 50(3):48–53
Langner R (2011) Stuxnet: dissecting a cyberwarfare weapon. Secur Priv IEEE 9(3):49–51
Li F, Lai A (2011) Evidence of advanced persistent threat: a case study of malware for political espionage. In: 6th international conference on malicious and unwanted software proceedings, pp 102–109
Liu S-T, Chen Y-M, Hung H-C (2012) N-Victims: an approach to determine N-victims for APT investigations. In: Information security applications. (Lecture notes in computer science), vol 7690, pp 226-240
Majorczyk F, Totel E, Mé L, (2007) Monitoring a network service without knowing the threats?. RNSA conference proceedings
Markou M, Singh S (2003) Novelty detection: a review—part1: statistical approaches. Sig process 83:2481–2497
Marsland S (2003) Novelty detection in learning systems. Neural comput surv 3(2):157–195
Miller GA, Galanter E, Pribram KH (1960) Plans and the structure of behavior. Holt, Rinehart & Winston, New York
Morreall, J (1987) Funny ha-ha, funny strange, and other reactions to incongruity. In: Morreall J (ed) The philosophy of laughter and humor. State University of New York Press, Albany
Nelson B (2010) Behavior of Machine Learning Algorithms in Adversarial Environments. (PhD dissertation). University of California, Berkeley, Department of EECS technical report UCB/EECS-2010-140. November 23
Olsavsky VL (2005) Implementing a patternless intrusion detection system a methodology for Zippo. Ph Dissertation, Monterey, California. Naval Postgraduate School
Ou, X, Rajagopalan SR, Sakthivelmurugan S (2009) An empirical approach to modeling uncertainty in intrusion analysis.In: 2009 annual computer security applications conference proceedings pp 494–503
Rauterberg M (1995) About a framework for information and information processing of learning systems. In: Proceedings of the IFIP international working conference on information system concepts: towards a consolidation of views. Chapman & Hall, Ltd. London, UK, pp 54–69
Roberts S, Tarassenko L (1994) A probabilistic resource allocating network for novelty detection. Neural Comput 6:270–284
Roschlin GI, Meier AV (1994) Nuclear Power Operations: A Cross-Cultural Perspective.Annu Rev Energ Env 19(1): 153–187
Shultz TR (1972) The role of incongruity and resolution in children’s appreciation of jokes and cartoons: an information-processing analysis. J Exp Child Psychol 13:456–477
Sood AK., Enbody R (2012) Targeted cyber attacks—a superset of advanced persistent threats, IEEE Secur Priv 99
Sterbenz JPG et al (2010) Resilience and survivability in communication networks: strategies, principles, and survey of disciplines. Comput Netw 54(8):1245–1265
Virvilis N, Gritzalis D, Apostolopoulos T (2013) Trusted computing vs. advanced persistent threats: can a defender win this game? In: Ubiquitous intelligence and computing, 2013 IEEE 10th international conference on and 10th international conference on autonomic and trusted computing (uic/atc), pp 396–403, 18–21
Yap C, Calonzo A (2016) Printer error foiled billion-dollar bank heist. Sydney Morning Herald
Yeung DY, Ding Y (2002) Host-based intrusion detection using dynamic and static behavioral models. Pattern Recognition 36:229–243
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2017 The Author(s)
About this chapter
Cite this chapter
Baumard, P. (2017). National Cyber-Doctrines: Forthcoming Strategic Shifts. In: Cybersecurity in France. SpringerBriefs in Cybersecurity. Springer, Cham. https://doi.org/10.1007/978-3-319-54308-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-54308-6_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54306-2
Online ISBN: 978-3-319-54308-6
eBook Packages: Computer ScienceComputer Science (R0)