Optimizing Lawful Responses to Cyber Intrusions

Abstract

Cyber intrusions are rarely met with the most effective possible response, less for technical than legal reasons. Different rogue actors (terrorists, criminals, spies, etc.) are governed by overlapping but separate domestic and international legal regimes. Each of these regimes has unique limitations, but also offers unique opportunities for evidence collection, intelligence gathering, and use of force. We propose a framework which automates the mechanistic aspects of the decision-making process, with human intervention for only those legal judgments that necessitate human judgment and official responsibility. The basis of our framework is a pair of decision trees, one executable solely by the threatened system, the other by the attorneys responsible for the lawful pursuit of the intruders. These parallel decision trees are interconnected, and contain pre-distilled legal resources for making an objective, principled determination at each decision point. We offer an open-source development strategy for realizing and maintaining the framework.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2005
Accession Number
ADA464203

Entities

People

  • Duminda Wijesekera
  • James Bret Michael
  • Thomas C. Wingfield

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Computer Networks
  • Computer Programs
  • Computers
  • Cyberattacks
  • Cyberspace
  • Governments
  • Information Operations
  • Information Warfare
  • Intelligence Collection
  • Intrusion
  • Law
  • Law Enforcement
  • Military Operations
  • National Governments
  • National Security
  • Operating Systems
  • Security

Readers

  • Criminal Law
  • Strategic Security Studies
  • Team-Based Human-Centered Cognitive Task Decision Making and Information Performance.

Technology Areas

  • Cyber
  • Cyber - Legality in Cyberspace