William Casey, Jose Andre Morales, Evan Wright, Quanyan Zhu, Bud Mishra The authors form a signaling game model to address the controllable risks acting within an organization whether they are expressed from malicious, unwitting, or benign insiders who are trusted to operate within an organization.
Author: Julia Solomon-Strauss (Julia Solomon-Strauss)
Post
Educating Tomorrow's Lawyers to Handle New Digital Problems
Zachary K. Goldman Tomorrow’s lawyers—today’s law students—need to be better equipped to understand the underlying technical systems that will push the law in new directions. In no area of law is this dynamic more apparent than cyber security.
Post
Characterizing Long-tail SEO Spam on Cloud Web Hosting Services
Xiaojing Liao, Chang Liu, Damon McCoy, Elaine Shi, Shuang Hao. Raheem Beyah In this paper, the authors take the first step toward understanding how long-tail SEO spam is implemented on cloud hosting platforms.
Post
Diplomat: Using Delegations to Protect Community Repositories
Trishank Karthik Kuppusamy, Santiago Torres-Arias, Vladimir Diaz, and Justin Cappos The authors demonstrate that community repositories can offer compromise-resilience and real-time project registration by employing mechanisms that disambiguate trust delegations.
Post
Law Enforcement Online: Innovative Doesn’t Mean Illegal
Judith H. Germano Criminal actors have an increasing ability to commit serious crimes remotely via computers, while concealing their identity and location through the use of various means, including Tor hidden service protocols. To effectively identify and apprehend these criminals, law enforcement must be nimble and technologically savvy, and must employ regularly updated investigative tools.
Post
BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks
Vinayaka Jyothi, Xueyang Wang, Sateesh K. Addepalli, Ramesh Karri This work proposes a host based DDoS detection framework called BRAIN: BehavioR based Adaptive Intrusion detection in Networks.
Post
Differing outlooks impede Sino-US cooperation to enhance cybersecurity
Zachary K. Goldman and Jerome A. Cohen China and the US both talk about “cybersecurity”, but mean different things. In Washington, cybersecurity is fundamentally about preventing unauthorised access to digital systems and, notwithstanding massive foreign hacking of US government databases, mainly focuses on protecting private-sector data as well as critical infrastructure.
Post
From the War Room to the Board Room? Effectively Managing Cyber Risk without Joining the Front Lines
Randal Milch and Zachary K. Goldman Corporations seeking to manage the asymmetric cyber threat environment face a range of pressures. T e current unstable legal landscape makes management’s day-to-day approach to the persistent and mounting challenge all the more difficult. Companies face an increase in activity by the plaintiffs’ bar and inconsistent regulatory attention by...
Post
One More Reason for Companies to Report Data Breaches
Judith H. Germano Do companies and their legal advisors trust the government enough to reach out for help in the event of a breach, and do they perceive sufficient benefits from doing so? One major stumbling block in that assessment is the dichotomous role of government toward corporate data breach victims on the cybersecurity stage: that...
Post
Sanctioning Cyber Crime: The New Face of Deterrence
Zachary K. Goldman Deterrence is fundamentally about manipulating an adversary’s cost/benefit calculations to dissuade him from doing something you want to prevent. Over the last several years, strategists have struggled to adapt venerable Cold War concepts like deterrence to the information age. But deterring financially-motivated cyber criminals—the kinds of people that attacked Target, Anthem Health,...