Dialectics of cyber international relations and cyber defense towards a strategic research program
Download
1 / 20

Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program - PowerPoint PPT Presentation


  • 271 Views
  • Uploaded on

Explorations in Cyber International Relations (ECIR). Dialectics of Cyber International Relations and Cyber Defense:  Towards a Strategic Research Program. John C. Mallery ( [email protected] ) Computer Science & Artificial Intelligence Laboratory Massachusetts Institute of Technology.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program' - renata


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Dialectics of cyber international relations and cyber defense towards a strategic research program l.jpg

Explorations in

Cyber International Relations (ECIR)

Dialectics of Cyber International Relations and Cyber Defense: Towards a Strategic Research Program

John C. Mallery ([email protected])

Computer Science & Artificial Intelligence Laboratory

Massachusetts Institute of Technology

Presentation at theECIR Workshop onCyber International Relations: Emergent Realities of Conflict and Cooperation, MIT, Cambridge, October 14, 2010.

OSD Minerva Research Project at Harvard & MIT

Explorations in Cyber International Relations


Overview l.jpg
Overview

  • Activities Under ECIR

  • Strategic IR Research Program

  • Cyber Defense Strategy

  • Meta-power As IR Leverage Criteria

  • High-leverage Research Areas

  • Dialectics

  • Computational Politics

  • Selected Leverage Vignettes


Activities under ecir l.jpg
Activities Under ECIR

  • Stanley Cyber Monitoring & Analysis System

    • 5 document streams

    • Over 4k documents

  • Cross-organization Cyber Data Study

    • 5 themes: international interactions, crime, economics, defensive coordination, long-term transformations

    • Recommendations for cyber data collection

    • Over a dozen organizations

  • Cyber Defense Strategy

    • Work factor concept

    • Technology strategy

  • Today: Linking IR to Cyber Defense


Strategic research program l.jpg
Strategic Research Program

  • How can we prioritize research on cyber international relations to focus on the highest leverage problems?

    • Exhaustive enumeration is slow

    • Recycling pre-existing disciplinary concepts may lack relevance or leverage

  • Approach

    • Link to cyber defense strategy

    • Identify cyber fueled processes that drive strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare

    • Elucidate those processes


What is cyberspace l.jpg
What is cyberspace?

  • Interdependent network of information technology infrastructures (NSPD54/HSPD23)

    • Internet

    • Telecommunications networks

    • Computer systems

    • Embedded processors

    • Controllers in critical industries

  • Virtual environment of information and interactions between people (NSPD54/HSPD23)

  • US Military:

    • Electro-magnetic spectrum

    • Information operations

    • C4ISR, space

  • Supply chains for IT

    • Computers, networks, software, crypto, id mgt., etc.


Big elephant high cognitive difficulty due vast cross cuts l.jpg
Big Elephant: High Cognitive DifficultyDue Vast Cross-Cuts

  • Cyber insecurity has manifestations across the range of human activities where there is value

    • Business

    • Defense

    • Society

  • Technological basis of crisis is difficult to apprehend

    • Current COTs failures

    • 40 years of traditional computer security

    • Future: transformational computing & networking

  • Policy and legal responses are difficult

    • Cyber spans most traditional policy domains

    • Received legal concepts and categories are blurred

    • Best organizational modes unclear

  • Responses often reflectdisjointed incrementalism

    • Analytical reductions based onreceiveddisciplinary lenses (analogies)

    • Proposed solutions based on repurposed concepts

  • Creation of integrative frameworks) is essential

    • Enables cumulation across disciplines and knowledge areas


Dod cyber strategy l.jpg
DoD Cyber Strategy

  • William J. Lynn, Deputy Secretary, DoD

    • Foreign Affairs, August, 2010

    • NATO, September, 15

    • CFR, September 30

  • Vast vulnerabilities & critical reliance

    • Military/Intel

    • Critical infrastructure

    • Private sector

  • Five pillars

    • Domain of warfare

    • Active & timely defense

    • Protection of critical infrastructure

    • Collective defense with allies

    • Technological leverage


Strategic approach l.jpg
Strategic Approach

  • Transform US cyber-infrastructures to:

    • Resist attacks and continue to function under adversity

    • Enhance confidence in computation and communications

    • Enable rapid adoption of new technological advances

    • Strength competiveness via improved agility, effectiveness, and learning

  • Vision

    • Trustworthy systems and resilient society

    • Articulation of roles and responsibilities

    • Alignment of guiding images

  • Integrative Framework

    • Effective application of resources

    • Coordinated division of labor

    • Common language

    • Dynamic refinement

  • Objectives

    • Prioritized

    • Risk adjusted

    • Time horizons

  • Implementing strategies

    • High leverage

    • Synergistic moves


Defensive complexity analysis l.jpg
Defensive Complexity Analysis

  • Response to cyber asymmetries requires high leverage solutions

    • Application to the entire attack value cycle (financial, political-military)

    • Time frames: Short-term (0-2 yrs), medium-term (2-5 yrs), long-term (5-10 yrs)

  • Security meta-metrics focus on difficulty of attacker or defender tasks

    • Work factor (WF) is the difficulty of executing tasks

    • Analogous to computational difficulty in cryptography

    • Extends beyond the technical designs to domain embeddings (cyber operations research)

  • Dimensions of work factors

    • Resources

      • Computational complexity (mathematical leverage)

      • Cost (often related to complexity)

      • Expertise and Knowledge (technical specialties, domain knowledge)

    • Planning, execution and information management

      • Cognitive difficulty (model as formulation of non-linear plans and counter plans)

      • Learning difficulty (reversing obfuscation, devising new tactics or approaches)

      • Organizational effectiveness/dysfunction (integration, learning, structure, psychology)

    • Risk

      • Uncertainty (confidence, incomplete information)

      • Culture (risk acceptance or aversion)

      • Information differential gain/loss (innovation, leakage by insider, espionage, diffusion)

  • Make technical or policy moves that cumulatively

    • Impose hard problems on attackers (prefer geometric impact)

    • Facilitate coordinated defense (eliminate multipliers)


Defensive strategy decomposition planes of action l.jpg
Defensive Strategy Decomposition:Planes of Action

  • Leadership organization

    • Policy community

    • Technology visionaries

    • Domain architects

  • Cyber technology base

    • IT capital goods industry

    • Telecommunications operators

    • Identity management & crypto sectors

    • Standards bodies and certification/accreditation authorities

  • Public sector domains

    • Military & intelligence systems

    • Government systems

    • Defense industrial base

  • Private sector domains

    • Critical infrastructure

    • Research and education infrastructure

    • Supply chain

    • Major enterprise

    • Smaller enterprise

    • Consumer

  • International cooperation

    • Allies

    • Trading partners

    • Regional or issue groups

    • Global

  • International competition

    • Mutual understandings

    • Declaratory policies

    • Norms


Solutions vs mitigations l.jpg
Solutions vs. Mitigations

  • Solution Domains (10-30 years)

    • Science, technology, engineering

    • R&D infrastructure

    • Human capital

    • IT capital goods industrial organization

    • Critical infrastructures

  • Threat mitigation domains

    • Information assurance management

    • International cyber crime law enforcement

    • Cooperative engagement (like minded)

    • International norms (agreements 10+ yrs)

    • Deterrence (cross domain responses)


Meta power bbb as leverage framework l.jpg
Meta-power (BBB) As Leverage Framework

  • Power: Set of action possibilities and payoffs for actors within an interaction framework

  • Meta-power: Action possibilities that change the distribution of power resources among actors (Deutsch: Nth order power)

  • Strategic Competition: Contention over meta-power resources

  • Leverage: Impact of cyber-fueled international processes on national strategies


High leverage research areas l.jpg
High-leverage Research Areas

  • Information Diffusion

    • Economic strategy based on knowledge activities becomes problematic

  • Globalization

    • National location of key industries (and spread effects) more difficult

  • Cyber-enabled organizational learning => higher adaptive capacities

    • Race for more effective organizations as a basis for national advantage

  • Computational support for cyber decision-making and understanding

    • Modeling, mechanism design, precedent reasoning, game theory, grammars of action

  • Cultural interpenetration

    • Global digital ecumene -> clash of civilizations or transcendence?

  • Empowerment of small groups

    • Ability of “terrorists” to organize and cause trouble


Dialectics l.jpg
Dialectics

  • Information assurance is slippery with many potentially self-defeating moves

    • Centralization -> aggregation of threat

    • Standardization -> low diversity -> scale economies of attack

    • Conservation of threat -> attacks move to weaker surfaces

  • Two definitions of dialectics:

    • Process and complement process

    • Action and reaction


Examples of cyber dialectics l.jpg
Examples of Cyber Dialectics

  • Ready access to S&T knowledge

    • Faster research cycle within countries

    • Unprecedented rates of global knowledge diffusion

  • Empowers global business operations (e.g., IT sector)

    • More efficient resource utilization

    • More conflict over loci of production

  • Virtual concentration of dispersed groups

    • Critical mass to articulate knowledge interests

    • Critical mass to organize insurgencies or nihilistic actions

  • Informationalized militaries (e.g., GIG)

    • Global power projection (Gulf War 1 forward)

    • Asymmetric power projection (cyber war)

  • More effective bureaucracy

    • Improved domestic operations, law enforcement, transparency

    • Reduced autonomy of the state (via network interpenetration, higher scrutiny)


Computational theories of politics and ir l.jpg
Computational Theories of Politics and IR

  • Karl Deutsch

    • Political cybernetics and systems dynamics

    • Integration theory

  • Hayward Alker

    • Mathematical politics (limits – degrees of freedom, structural change)

    • Systems dynamics (limits – structural transformation)

    • Generative grammars (limits – descriptive)

    • AI and text-interpretive theories of IR (learning, meaning)

    • Dialectics of world order

  • Herbert Simon

    • AI and political science (search paradigm)

    • Computational search in organizations (“bounded rationality”)

  • Lloyd Etheredge

    • Government learning (1985) (psychology and structure)

  • John Mallery

    • Computational politics (1988)

    • Application of computational models of cognition to IR


Cyber social systems l.jpg
CyberSocial Systems

  • Networking and computation spread ubiquitously 1992-2010

    • Cyberphysical systems

  • Now:

    • Computers provide cognitive prosthetics

    • Networks link human-computer cognitive systems

  • Speed -> gain in systems

    • Faster rates of interaction

    • Global immediacy

    • Co-evolution and interpenetration of cyber systems and biological cognition

  • Computational analytical frameworks needed

    • Individual => social network => organization


Digital noosphere tailard desjardins l.jpg
Digital Noosphere(Tailard Desjardins)

  • Collective knowledge of humanity

    • Under active assembly on the Web today

  • Culture becomes digital

    • Expectation of increasing cultural gain

  • Organizational adaptation requires increased rates of learning

    • Faster interactions (digital diplomacy)

    • More informationmarshaled

    • Better knowledge: Conflict vs. homogenization

  • Major challenge of modernity

    • Networked global ecumene

    • Opportunities for broader international integration

    • Clash of cultures: West, Islam, South Asia, East Asia


Globalization world system analysis l.jpg
Globalization (World System Analysis)

  • Reinforces and extends ability of transnational firms to coordinateglobalproduction

    • Increases centripal impact on loci of production

    • Reduces state sovereignty, but some states can influence firms’ locationalcalculi (e.g., China)

  • New Neo-mercantilism (world order threat)

    • Competition for future industries

    • Lock-in of raw materials and new markets (e.g., Africa)

    • “Currency wars”

  • Refocus on developmental economics

    • “Conditioned development” (Cardoso)

    • “Spread effects” (Myrdal), “staple theory” (Innis)

    • Industrial policy helps understand emerging powers

    • Necessary strategy for national economic renewal


Strategic research program20 l.jpg
Strategic Research Program

  • How can we prioritize research on cyber international relations to focus on the highest leverage problems?

    • Exhaustive enumeration is slow

    • Recycling pre-existing disciplinary concepts may lack relevance or leverage

  • Approach

    • Link to cyber defense strategy

    • Identify cyber fueled processes that drive strategy-relevant reallocations power, wealth, knowledge, cultural attractiveness, welfare

    • Elucidate those processes


ad