第1页 / 共205页
第2页 / 共205页
第3页 / 共205页
第4页 / 共205页
第5页 / 共205页
第6页 / 共205页
第7页 / 共205页
第8页 / 共205页
Strategic Cyber Defense : A Multidisciplinary Perspective.pdf
Title Page
Foreword
Preface
Contents
Strategic Approach to a Fierce Domain: Findings from the Advanced Research Workshop
Part I. Critical Infrastructure Protection and Situational Awareness
Architecture for Community-Scale Critical Infrastructure Coordination for Security and Resilience
Analysis of National Cyber Situational Awareness Practices
Cyberspace Situational Awareness Framework
From the National Cyber Maturity to the Cyber Resilience: An Assessment of the Strategic Efforts of Turkey
Understanding the Vulnerabilities of Critical Energy Infrastructure to Cyber Terrorism and Threats: How to Secure Our Energy Systems
Commercial Satellites, Critical Information Infrastructure Protection, and Preventing Today's Threat Actors from Becoming Tomorrow's Captain Midnight
Part II. Policy and Legal Aspects of Cyber Warfare and Security
Cyber War: An Expected Apocalypse or a Hyped Threat?
Strategic, Legal and Doctrinal Consideration for a Better Cyber Defense in the Region of South-East Europe
Active Cyber Defense as a Preemptive Self-Defense Measure
Risk Analysis of Internet Censorship Circumvention: Case Study of Anonymization Tools and Effects
Part III. Emerging Issues in Cyber Security: Maritime Cyber Security, Big Data and Exercises
The Need for a Maritime Cyber Risk Management Framework
Maritime Cyber Security: System Analysis and Evolution of AIS
Big Data Analysis with LDA for Cybersecurity in Organizations
Cyber Security Exercises: A Comparison of Participant Evaluation Metrics and Scoring Systems
Subject Index
Author Index
STRATEGIC CYBER DEFENSE
NATO Science for Peace and Security Series
This Series presents the results of scientific meetings supported under the NATO Programme:
Science for Peace and Security (SPS).
The NATO SPS Programme supports meetings in the following Key Priority areas: (1) Defence
Against Terrorism; (2) Countering other Threats to Security and (3) NATO, Partner and
Mediterranean Dialogue Country Priorities. The types of meeting supported are generally
“Advanced Study Institutes” and “Advanced Research Workshops”. The NATO SPS Series
collects together the results of these meetings. The meetings are co-organized by scientists from
NATO countries and scientists from NATO’s “Partner” or “Mediterranean Dialogue” countries.
The observations and recommendations made at the meetings, as well as the contents of the
volumes in the Series, reflect those of participants and contributors only; they should not
necessarily be regarded as reflecting NATO views or policy.
Advanced Study Institutes (ASI) are high-level tutorial courses to convey the latest
developments in a subject to an advanced-level audience.
Advanced Research Workshops (ARW) are expert meetings where an intense but informal
exchange of views at the frontiers of a subject aims at identifying directions for future action.
Following a transformation of the programme in 2006 the Series has been re-named and re-
organised. Recent volumes on topics not related to security, which result from meetings
supported under the programme earlier, may be found in the NATO Science Series.
The Series is published by IOS Press, Amsterdam, and Springer Science and Business Media,
Dordrecht, in cooperation with NATO Emerging Security Challenges Division.
Sub-Series
A. Chemistry and Biology
Springer Science and Business Media
B.
Physics and Biophysics
Springer Science and Business Media
C.
Environmental Security
Springer Science and Business Media
D.
Information and Communication Security
IOS Press
E. Human and Societal Dynamics
IOS Press
http://www.nato.int/science
http://www.springer.com
http://www.iospress.nl
Sub-Series D: Information and Communication Security – Vol. 48
ISSN 1874-6268 (print)
ISSN 1879-8292 (online)
Strategic Cyber Defense
A Multidisciplinary Perspective
Edited by
Unal Tatar
Old Dominion University, Norfolk, VA, USA
Yasir Gokce
Harvard University, Cambridge, MA, USA
and
Adrian V. Gheorghe
Old Dominion University, Norfolk, VA, USA
Amsterdam • Berlin • Washington, DC
Published in cooperation with NATO Emerging Security Challenges Division
Proceedings of the NATO Advanced Research Workshop on A Framework for a Military Cyber
Defense Strategy
Norfolk, VA, USA
11–13 April 2016
© 2017 The authors and IOS Press.
All rights reserved. No part of this book may be reproduced, stored in a retrieval system,
or transmitted, in any form or by any means, without prior written permission from the publisher.
ISBN 978-1-61499-770-2 (print)
ISBN 978-1-61499-771-9 (online)
Library of Congress Control Number: 2017946581
Publisher
IOS Press BV
Nieuwe Hemweg 6B
1013 BG Amsterdam
Netherlands
fax: +31 20 687 0019
e-mail: order@iospress.nl
For book sales in the USA and Canada:
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel.: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
LEGAL NOTICE
The author(s) of this publication is/are solely responsible for its content. This
publication does not reflect the opinion of the publisher. The publisher cannot be held
liable for any loss or damage that may occur because of this publication.
PRINTED IN THE NETHERLANDS
v
Foreword
1
Ambassador Sorin DUCARU
NATO Assistant Secretary General
A Framework for a Military Cyber Defence Strategy Workshop had a wide participation
of experts from allied and partner countries. The efforts of the experts that have been
involved in the organization of the event and in particular the NATO and partner country
project co-directors Mr. Unal Tatar and Dr. Kenneth Geers as well as all the contributors
of the workshop, deserve high appreciation.
The interest in the workshop reflects the timeliness, the importance, and impact of
the main topic and the related ones. The workshop covered issues of primary interest for
NATO, such as critical infrastructure protection, developing cyber defense capabilities,
and construction of IT infrastructure as well as cyber defense situational awareness. The
workshop discussed options for integrating cyber defense in the military as the way to
build an effective military cyber defense strategy. Cyber defense policies, strategies, and
specific taxonomy focused on education, training, and exercises are areas of work where
there is considerable expertise both within Allied Nations and Partner Nations as well as
at the level of international organizations. As far as NATO is concerned, the tasking
received from the Wales Summit – imperative of protecting the Allied communications
information systems as well as the speed with which the sophistication and skill of cyber-
attacks increases – required a fast pace in policy development. This has led to the adop-
tion of cyber defense excessive policies and of technical measures regarding the protec-
tion of information and communication systems of NATO and Allied Countries. Within
the policy development process, the first NATO cyber defense policy was approved in
2008 at the Bucharest summit, and the Wales summit in September 2014 endorsed the
third update or upgrade over NATO policy on cyber defense. The last NATO policy on
cyber underlines that cyber defense is a part of NATO's core task of collective defense,
connecting the area of cyber defense with Article 5 of the Washington treaty.
Some of the most relevant topics that have been discussed within NATO in the cyber
defense area are increasing resilience against cyber-attack, NATO cooperation with in-
dustry in the cyber domain, updating the framework of technical cooperation between
member states and the Alliance, the introduction of cyber defense capability targets into
the NATO defense planning process, the inclusion of cyber defense in training, exercises
and in the operational planning at NATO level and also the cyber dimension of hybrid
warfare. Regarding the cyber dimension of hybrid warfare, although cyber-attacks occur
in a virtual environment they affect the real world irrespective of the civilian or military
domain. A novelty during the Wales summit was the cyber dimension of hybrid warfare
even though hybrid itself is not a new phenomenon. Such attacks include distributed
denial of service, defacement of state government websites, the hacking of data systems
and malicious traffic rerouting, cyber-espionage through computer malware as well as
1
Adapted from the opening speech (in a video message) delivered by Ambassador Sorin Ducaru, NATO As-
sistant Secretary General.
vi
propaganda and information manipulation. Recent examples of cyber-attacks reflect the
fact that various entities are already subject to the effective use of cyber capabilities in
hybrid operational context and recent events have shown that cyber-attacks can generate
significant disruptions, such as those of electricity grids (as the case in Ukraine at the
end of 2015 showed). The commitment to prioritize and accelerate national investment
in cyber defense, the expansion of the centralized protection by the NATO computer
incidents response capabilities to the six NATO force integration units in the Baltic coun-
tries in Poland, Romania, and Bulgaria, the delivery of the NATO cyber range capability,
the development of the partnerships with the partner nations, international organizations,
and with the industry, the NATO industry cyber partnership, and last but not least the
focus to expand cyber defense training education and exercises were the main compo-
nents of our work before the Warsaw Summit.
The expertise and the contributions to the workshop by each participant are reflected
in the conclusions of this important event. The outcome of this workshop which is best
represented in this book will provide a valuable input to the ongoing work in NATO.
vii
Preface
Unal TATAR, Yasir GOKCE and Adrian V. GHEORGHE
As the world becomes more digitalized and dependent on internet technologies, cyber
security has increasingly been regarded as a national security issue. For the last six years,
the number of countries having published cyber security strategies has been on the rise.
However, due to the cross-cutting character of cyber security, national cyber security
strategies often run the risk of failing to address all cyber security requirements of the
institutions within a country. Therefore, many national cyber security strategies highlight
the importance of generating institution-based cyber security strategies which specifi-
cally envision precautions for the existing problems and provide guidance on how to
tackle future challenges.
The NATO Advanced Research Workshop (ARW), entitled “A Framework for a
Military Cyber Defense Strategy” was held from 11 to 13 April 2016 in Norfolk, Vir-
ginia, USA. It was organized by the Old Dominion University and the Taras Shevchenko
National University of Kyiv. The workshop was enabled by NATO’s Science for Peace
and Security (SPS) Program and focused on SPS’s key priority areas for cyber defense
along with NATO’s cyber defense policy implementation. The ARW brought together
experts with an eclectic mix of backgrounds and specialties, from a group of NATO
Member States and partner countries that mirror the diversity of the Alliance and its
people. The participants considered not only technical implications of cyber security ef-
forts, but also legal, strategic, educational and organizational aspects, providing, in the
limited timeframe, for a surprisingly ample view of this field and its intricacies. The
discussions highlighted the complexity of cyber security and the numerous challenges
associated with the field, which will only be compounded by the formulation of a collec-
tive strategy on cyber security and its attendant activities. Key to cyber security efforts
is the diversity of the stakeholders involved, ranging from government institutions, the
militaries, private and public companies, academia and civil society groups, setting up a
vast web of relations whose complexity must be managed. Beginning with the different
interests and motivations of the participants, continuing with their differing resources,
visions and modes of operation, and ending with the monumental task of setting up a
system where these actors march in lock-step in the direction of mutually reinforcing
collective action for security gains is crucial.
Cyber security studies is almost two decades old, yet has become subject of not only
practitioners but also academics. Hitherto cyber security studies showed that cyber secu-
rity is not a discipline yet and requires an interdisciplinary approach. This book aims to
present state of the art approaches from a multidisciplinary view.
In this book, highlights from the discussions in the ARW are shared in 15 chapters
under three sections which are:
⎯
Critical Infrastructure Protection and Situational Awareness
⎯
Policy and Legal Aspects of Cyber Warfare and Security
⎯
Emerging Issues in Cyber Security: Maritime Cyber Security, Big Data and Ex-
ercises
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
