ITU Annual Regional Human Capacity Building Workshop on "Strengthening Capacities in Internet Governance in Africa”, Abuja, 27-29 August, 2018. Programme.
Monday, August 27, 2018
Sunday, August 26, 2018
#IslamicState: An Analysis of Tweets in Support of ISIS After the November 2015 Attacks In Paris
"#IslamicState: An Analysis of Tweets in Support of ISIS After the November 2015 AttacksIn Paris", thesis by Amanda R. Guthrie, Faculty of
Auburn University, August 2018, 102 pages.
This study is based on content analysis of 16,891 Tweets posted after
the 2015 Attacks in Paris.
Saturday, August 25, 2018
China-U.S. Trade Issues - Congressional Research Service
Wayne M. Morrison, "China-U.S. Trade Issues" - Congressional Research Service, July 30, 2018, 91 pages, Washington.
Read the chapter on Cybersecurity Issues (pp.45-49)
Friday, August 24, 2018
The internet of things: applications and challenges for the RSAF
"The internet of things: applications and challenges for the RSAF", by ME6(DR) Reuben Lim Chi Keong, MAJ Pek Wee Kian & ME5 David Bey. Pointer, Journal of the Singapore Armed Forces, Vol. 44, n°2, 2018, pp.24-34, Singapore.
"What is this IoT? Is it just about wearable smartwatches, or does it hold more potential? More importantly,
how can it be applied in a military context to the Republic of Singapore Air Force (RSAF), enabling a shift in
non real-time, human-centric operations, to real-time, machine-centric operations? This essay explores how
IoT will quicken and broaden the traditional Observe-Orient-Decide-Act (OODA) loop, and investigates how IoT
can be applied to improve operations in a ‘smart airbase’..."
From Digital Traces to Algorithmic Projections
"From Digital Traces to Algorithmic Projections", by Thierry Berthier and Bruno Teboul, ISTE Press - Elsevier, 184 pages, October 2018.
"From Digital Traces to Algorithmic Projections describes individual digital fingerprints in interaction with the different algorithms they encounter throughout life. Centered on the human user, this formalism makes it possible to distinguish the voluntary projections of an individual and their systemic projections (suffered, metadata), both open (public) and closed. As the global algorithmic projection of an individual is now the focus of attention (Big Data, neuromarketing, targeted advertising, sentiment analysis, cybermonitoring, etc.) and is used to define new concepts, this resource discusses the ubiquity of place and the algorithmic consent of a user."
Reading Thieves’ Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces
"Reading Thieves’ Cant: Automatically Identifying and Understanding Dark Jargons from Cybercrime Marketplaces", by Kan Yuan, Haoran Lu, Xiaojing Liao, and XiaoFeng Wang, Indiana University Bloomington, Proceedings of the
27th USENIX Security Symposium.
August 15–17, 2018 • Baltimore, MD, USA.
"Underground communication is invaluable for understanding
cybercrimes. However, it is often obfuscated
by the extensive use of dark jargons, innocently-looking
terms like “popcorn” that serves sinister purposes (buying/selling
drug, seeking crimeware, etc.). Discovery and
understanding of these jargons have so far relied on manual
effort, which is error-prone and cannot catch up with
the fast evolving underground ecosystem. In this paper,
we present the first technique, called Cantreader, to automatically
detect and understand dark jargon..."
Foreign Economic Espionage in Cyberspace - NSCS - July 2018
Foreign Economic Espionage in Cyberspace - NSCS - July 2018, 20 pages. The National Counterintelligence and Security Center (NCSC) "released its 2018 Foreign
Economic Espionage in Cyberspace report, which highlights current threats and future trends in
foreign intelligence efforts to steal U.S. intellectual property, trade secrets, and proprietary
information via cyberspace".
Chinese Cyberespionage Originating From Tsinghua University Infrastructure
Chinese Cyberespionage Originating From Tsinghua University Infrastructure, By Sanil Chohan, Winnona DeSombre, and Justin Grosfelt, 26 pages, 2018.
1st Annual Conference on the Human Factor in Cybercrime
1st Annual Conference on the Human Factor in Cybercrime. Mt. Scopus, The Hebrew University of Jerusalem. 14-15 october, 2018. Program, registration
The European Society of Criminology Working Group on Cybercrime
The European Society of Criminology Working Group on Cybercrime aims at "creating a network for information exchange and international collaboration between leading scholars, starting scholars, graduate students, government agencies, and private organizations involved in cybercrime research".
The state of Canadian cybersecurity workshop
"The state of Canadian cybersecurity workshop ", October 24-25, 2018. Gatineau (Quebec). SERENE-RISC Annual Workshop. Confirmed speakers
Politicas pùblicas para el acceso a Internet en Venezuela
Raisa Urribarrí y Marianne Díaz, "Politicas pùblicas para el acceso a Internet en Venezuela", Julio 2018, 48 paginas.
"El deterioro de las telecomunicaciones en Venezuela,
conjuntamente con las restricciones al flujo de información digital
y las acciones de violencia contra periodistas y ciudadanos a
causa de sus actividades en línea, construyen un panorama de
control efectivo de las comunicaciones en internet. Este estudio
describe los últimos dieciocho años de un complejo fenómeno,
tomando en consideración el contexto histórico, político y social
a través del análisis de un conjunto de indicadores e hitos,
resumidos en esta infografía, que nos permiten trazar la historia
de la infraestructura de las telecomunicaciones y las restricciones
del acceso a internet en Venezuela."
I Simposium Nacional sobre Cibercriminalidad y Amenazas Tecnológicas Globales. Sevilla, 6 Oct 2018
I Simposium Nacional sobre Cibercriminalidad y Amenazas Tecnológicas Globales. Sevilla, 6 Oct 2018. Programa.
Plug and Prey? Measuring the Commoditization of Cybercrime via Online Anonymous Markets
"Plug and Prey? Measuring the Commoditization of Cybercrime viaOnline Anonymous Markets", Rolf van Wegberg and alt., Proceedings of the
27th USENIX Security Symposium.
August 15–17, 2018 • Baltimore, MD, USA, 19 pages.
"Researchers have observed the increasing commoditization
of cybercrime, that is, the offering of capabilities,
services, and resources as commodities by specialized
suppliers in the underground economy. Commoditization
enables outsourcing, thus lowering entry barriers for
aspiring criminals, and potentially driving further growth
in cybercrime. While there is evidence in the literature
of specific examples of cybercrime commoditization, the
overall phenomenon is much less understood. Which
parts of cybercrime value chains are successfully commoditized,
and which are not? What kind of revenue
do criminal business-to-business (B2B) services generate
and how fast are they growing?..."
FY2019 - Federal cybersecurity R&D strategic plan implementation roadmap - USA
FY2019 - Federal cybersecurity R&D strategic plan implementation roadmap - Executive Office of the President of the United States. August 2018. 6 pages.
This document "lists key Federal
projects and programs that directly contribute to solving the cybersecurity challenges outlined in the 2016 Federal
Cybersecurity R&D Strategic Plan. This document accompanies the NITRD Supplement to the President’s FY2019 Budget
Request, available at https://www.nitrd.gov/pubs/FY2019-NITRD-Supplement.pdf."
Four defensive areas have been defined: Deter, Protect, Detect, Adapt. R&D programs are listed in alphabetical order by agency (page 2-4)
Kensho Cyber Security Index GTR
Kensho Cyber Security Index GTR - 23.08.2018. (index published by Solactive)
Monday, August 20, 2018
"Surface d'attaque" - article revue MISC août 2018
Article: "La surface d'attaque", Daniel Ventre, revue MISC n°98, juillet-août 2018, pp.78-82.
DoD Annual Report - Military Power of China - 201
Publication of the new Annual Report to Congress - Department of Defense (USA) - "Military and Security Developmens Involving the People's Republic of China 2018". 145 pages.
Où on apprend finalement peu de choses à propos de la cybersécurité/défense chinoise et du regard que portent sur elle l'armée américaine. Ce qui est dit là, l'a déjà été à maintes reprises par le passé: capacités défensives et offensives, organisation militaire, etc.
Wednesday, May 23, 2018
Defense Information Systems Network (DISN)
Defense Information Systems Network (DISN), An Essential Weapon for the Nation’s Defense, Charles Osborn, 16 May 2018. 18 pages.
De par sa forme, ce document nous rappelle que la génération Power Point n'a pas fini de sévir. Ni celle des adeptes de l'abréviation: DISN, FY, A-ISR, JFHQ, SIPR, JWICS, MiFi, SDN, JRSS, VNF, NFV, LSTDM...
Critique de la cybersécurité des sites publics du DoD
Courrier adressé par le sénateur américain Ron Wyden à Dana Deasy (Chief Information Officer. US DoD). 22 Mai 2018. Critique le niveau de cybersécurité du DoD concernant ses sites publics, et demande la mise en oeuvre de meilleures pratiques en la matière.
Wednesday, May 16, 2018
New DHS Cybersecurity Strategy - May 15, 2018
U.S.
Department of Homeland Security, Cybersecurity Strategy, May 15, 2018, Washington,
35 pages, https://www.dhs.gov/sites/default/files/publications/DHS-Cybersecurity-Strategy_0.pdf
Le DHS vient de publier sa nouvelle stratégie de cybersécurité en se fixant des objectifs à 6 ans. Le Département veut avoir d'ici là amélioré la gestion des risques de cybersécurité, en renforçant la résilience et la sécurité des systèmes gouvernementaux et des infrastructures critiques, mais aussi en ayant réduit la cybercriminalité, amélioré les réponses apportées aux cyber-incidents, et renforcé l'écosystème de cybersécurité. Les objectifs sont déclinés en 6 piliers (voir page 3 du rapport).
Le rapport décline des objectifs, des principes, des menaces, mais se garde de nommer les adversaires, les sources des attaques. Il n'est ainsi jamais question explicitement de la Russie, de l'Iran, de la Chine... Il n'est fait mention que d'Etats, d'acteurs non étatiques, du crime, etc. L'annexe, page 28 et suiv. est d'autre part intéressante en ce qu'elle illustre, bien que partiellement, le socle juridique qu'ont construit les Etats-Unis au fil des ans et sur lesquels peut désormais reposer leur action, tant au niveau national qu'international.
Soulignons que cette publication arrive au moment même où Donald Trump annonce la disparition du poste de coordinateur de la cybersécurité à la Maison Blanche (fonction créée par B.Obama en 2009). L'objectif serait une réduction de la bureaucratie. Les détracteurs s'étonnent quant à eux de cette décision, alors que les Etats-Unis semblent exposés à des cybermenaces plus pesantes que jamais.
Monday, April 16, 2018
Speech at CyberUK18 - Director GCHQ
Speech at CyberUK18 - Director GCHQ, 12 April 2018, 10 pages.
"Thankfully, I’ve always been an optimist where technology is concerned [...] Like many of my staff, I like to see the wider societal promise in technology not the threat".
[...]
"Of course, there are dangers and pitfalls in this progress [...] Hostile states, terrorists and criminals are emboldened and assisted by technology [...] Al Qaeda and Daesh have used online platforms to spread propaganda [...] criminal groups have built massive online spoofing schemes [...] paedophiles use both the Dark and Open parts of the Web..."
Full Scope Cybersecurity, Dr. Robert Templeman, SSTM
"Harnessing the power of tech fnologyor the warfighter. Full Scope Cybersecurity", Dr. Robert Templeman, SSTM, PPT Presentation, 27 slides, April 2018.
Cyber Operations Today: Preparing for 21st Century Challenges in an InformationEnabled Society
Michael Chertoff (Former Secretary of Homeland Security 2005-2009), Hearing before the
House Armed Services Committee
“Cyber Operations Today: Preparing for 21st Century Challenges in an InformationEnabledSociety”
April 11
th 2018, 9 pages.
Subscribe to:
Posts (Atom)