Challenges in Monitoring Cyberarms Compliance

Challenges in Monitoring Cyberarms Compliance

Neil C. Rowe (U.S. Naval Postgraduate School, USA), Simson L. Garfinkel (U.S. Naval Postgraduate School, USA), Robert Beverly (U.S. Naval Postgraduate School, USA) and Panayotis Yannakogeorgos (Air Force Research Institute, USA)
Copyright: © 2011 |Pages: 14
DOI: 10.4018/ijcwt.2011040104

Abstract

A cyberweapon can be as dangerous as any weapon. Fortunately, recent technology now provides some tools for cyberweapons control. Digital forensics can be done on computers seized during or after hostilities. Cyberweapons differ significantly from other software, especially during development, and recent advances in summarizing the contents of storage media can locate possible cyberweapons quickly. Use of cyberweapons can be distinguished in the usual malicious Internet traffic by being aimed at targets associated with political, social, and cultural issues that are often known in advance, and those targets can then be monitored. Cyberweapons are relatively unreliable compared to other kinds of weapons because they are susceptible to flaws in software; therefore, cyberweapons require considerable testing, preferably against live targets. Thus, international “cyberarms agreements” could provide for forensics on cyberweapons and usage monitoring. Agreements also encourage more responsible cyberweapons use by stipulating attribution and reversibility. The authors discuss the kinds of international agreements that are desirable, and examine the recent interest of the U.S. government in such agreements.
Article Preview

2. Approach

What can be done against such threats then? We believe that countries must negotiate international agreements similar to those for nuclear, chemical, and biological weapons. Such agreements (treaties, conventions, protocols, and memoranda of understanding) (Croft, 1996) can stipulate the ways in which cyberweapons can be used, as for instance stipulating that countries use cyberweapons only in a counterattack to a cyberattack. Agreements can also stipulate policing of citizens such as “hacker” groups within a country, so that a nation cannot shift blame for cyberattacks and cyberweapons onto them. A few such agreements are in place today for cybercrime, but the growing threat suggests that it is time to plan out what such agreements will entail and how they should be enforced. As an example, the EastWest Institute in the U.S. recently proposed a cyberwar “Geneva Convention” (Rooney, 2011). Deterrence, a key aspect of nuclear weapons control, is not possible with cyberweapons because revealing capabilities significantly impedes their effectiveness.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 8: 4 Issues (2018): 2 Released, 2 Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing