Vliv kybernetických kapacit na vztah mezi Izraelem a Íránem / The Impact of Cyber Capabilities on the Israeli - Iranian Relationship

Losa, Luca

January 2020

In the last decade or so, Iran and Israel have found a new domain where to translate and protract their conflictual relationship: the cyberspace. Since the discovery of Stuxnet both countries have embarked on a significant cyber capabilities build-up, in accordance with their resources, and driven as well by mutual threat and perception of threat they pose to each other. Following their own cyber strategies embedded in their respective broader foreign policy agendas, the two foes confronted each other several times in a cyber feud which lasts to present days. Through the use of Event Data methodology, it is examined quantitatively the impact of cyber conflict on the Iranian- Israeli relationship, when cyber capabilities are utilized as a foreign policy tool vis-à-vis each other. The results of the quantitative study show no significant alteration of the conflict-cooperation dynamics between the dyad of interest due to the utilization of cyber capabilities. Furthermore, the qualitative assessment of the cyber feud shows that the balance of power between the two sides is not affected by increasing cyber capabilities, since Israel has the clear upper hand in the cyberspace. Keywords Iran, Israel, Foreign Policy, Cyber Capabilities, Cyber Conflict, Event Data

Automated Learning of Event Coding Dictionaries for Novel Domains with an Application to Cyberspace

Radford, Benjamin James

January 2016

<p>Event data provide high-resolution and high-volume information about political events. From COPDAB to KEDS, GDELT, ICEWS, and PHOENIX, event datasets and the frameworks that produce them have supported a variety of research efforts across fields and including political science. While these datasets are machine-coded from vast amounts of raw text input, they nonetheless require substantial human effort to produce and update sets of required dictionaries. I introduce a novel method for generating large dictionaries appropriate for event-coding given only a small sample dictionary. This technique leverages recent advances in natural language processing and deep learning to greatly reduce the researcher-hours required to go from defining a new domain-of-interest to producing structured event data that describes that domain. An application to cybersecurity is described and both the generated dictionaries and resultant event data are examined. The cybersecurity event data are also examined in relation to existing datasets in related domains.</p> / Dissertation

Political science

Cyber Conflict

Cybersecurity

Event Data

International Relations

Machine Learning

Natural Language Processing

Cyberkonflikten i Ukraina : Cyberattacker som instrument i tvingande diplomati

Kolli, Johanna

January 2018

This paper aims to describe and explain the Russian use of cyberattacks in the Ukrainian conflict. Two major cyber events, BlackEnergy in 2015 and NotPetya in 2017, are analysed by the theoretical framework of coercive diplomacy developed by Daniel Byman and Matthew Waxman, as well as the theory of cyber coercion made by Daniel R. Flemming and Neil C. Rowe. This paper concludes that the Russian use of cyberattacks could be understood as an extension of their already widespread practice of coercive diplomacy as a foreign policy tool. The cyberattacks were developed to pressure the Ukrainian energy and economic sector, through destabilisation of the economic powerbase and the country as a whole. The cyber offenses are developed to push the Ukrainian politics from western influence back towards the Russian political orbit. This due to the political, economic, and power interests Russia finds in the post-soviet state of Ukraine.

cyber attack

cyber conflict

cyber coercion

coercive diplomacy

BlackEnergy

NotPetya

Ukraine

Russia

Political Science

Statsvetenskap

Minimator: A Serious Game on Zero-Day Markets

Cseresnyes, Ehud, Sharma, Hans

January 2022

Zero-days are vulnerabilities that the software vendor does not know about and thus cannot provide a patch for. Their value has caused markets to develop, divided by the purchase intention. This thesis focuses on the white and grey markets, that is those buying to patch and those buying to exploit. While states generally have an interest in both, they currently spend money to exploit zerodays, keeping software insecure. The lack of knowledge and awareness surrounding this practice is the problem targeted in this thesis. Serious games, aiming to be both entertaining and educational, represent one opportunity to create awareness. They fit our circumstances particularly well because understanding the problem space requires adversarial thinking and lots of different concepts. Our research goal has thus been to create a serious game that accurately illuminates the dilemma experienced by states. Design science was the research strategy employed to reach the stated goal. Our main contribution is Minimator, a multiplayer, web-based game in which players, acting as states, have to protect their infrastructure and deal with zero-day markets. Additionally, we present a formal model of states’ treatment of zero-day markets developed using game theory and shown to resemble the n-players prisoners’ dilemma. An expert evaluation was conducted, delivering promising results in terms of gameplay appeal, and accuracy. A naturalistic evaluation remains, but is suggested in detail for future endeavours. Minimator is original as, to our knowledge, no similar artefact exists. It provides value by potentially creating a starting point for and encouraging an informed, public debate about the trade-off between national and infrastructure security, which is inherently political.

serious games

zero-days

zero-day markets

exploits

vulnerabilities

game theory

design science

cyber warfare

cyber conflict

national security

software security

Computer Sciences

Datavetenskap (datalogi)