connects cybersecurity knowledge
The objective Fewer Attacks is going to play a vital role in the next edition of the National Cyber Security Research Agenda.
Where classical texts on security simply position security at the intersection of confidentiality, integrity, and availability —all positive properties—experience has shown that deep knowledge of attack techniques is essential to guarantee any of them. Phrased differently, if we do not know the enemy’s (potential) weapons, we cannot defend ourselves against them. Thus, research is needed on novel attack vectors and automated exploitation. In addition, this objective covers technical and non-technical attacks on malicious activities and infrastructures. Non-technical aspects comprise all manner of disruption, be they legal interventions or interventions by the private sector. Examples of the latter include interventions by the financial service providers and platform owners (e.g., Microsoft, Apple, and Google). Most subfields of criminology, victimization studies, and aggressor studies that relate to ICT security also will contribute to this objective. Challenges in the technical/ICT domain include malware analysis and reverse engineering, as well as the methodology to take down botnets and other malicious infrastructures. In addition, we envision that much of the research under this objective will be neither exclusively technical, nor exclusively non-technical, but rather strongly multi-disciplinary in nature. Attack attribution, and law enforcement operations against cyber-criminal activities, are good examples of topics under this objective that encompass multiple disciplines.
This objective covers attacks on the bad guys.
During the event you have the opportunity to contribute to this objective with ideas, comments and opinions.
If you want to leave a comment now, please use our contact form with NCSRA-III (Fewer Attacks) in the title