Towards Reversible Cyberattacks

Thumbnail Image
Files
Rowe_Towards_Reversible_Cyberattacks.pdf (135.01 KB)
Authors
Rowe, Neil C.
Subjects
cyberweapons
cyberattacks
reversibility
damage
cryptography
deception
Advisors
Date of Issue
2010-07
Date
July 2010
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Warfare without damage has always been a dream of military planners. Traditional warfare usually leaves persistent side effects in the form of dead and injured people and damaged infrastructure. An appealing feature of cyberwarfare is that it could be more ethical than traditional warfare because its damage could be less and more easily repairable. Damage to data and programs (albeit not physical hardware) can be repaired by rewriting over damaged bits with correct data. However, there are practical difficulties in ensuring that cyberattacks minimize unreversible collateral damage while still being easily repairable by the attacker and not by the victim. We discuss four techniques by which cyberattacks can be potentially reversible. One technique is reversible cryptography, where the attacker encrypts data or programs to prevent their use, then decrypts them after hostilities have ceased. A second technique is to obfuscate the victim's computer systems in a reversible way. A third technique to withhold key data from the victim, while caching it to enable quick restoration on cessation of hostilities. A fourth technique is to deceive the victim so that think they mistakenly think they are being hurt, then reveal the deception at the conclusion of hostilities. We also discuss incentives to use reversible attacks such as legality, better proportionality, lower reparations, and easier ability to use third parties. As an example, we discuss aspects of the recent cyberattacks on Georgia.
Type
Conference Paper
Description
This paper appeared in the Proceedings of the 9th European Conference on Information Warfare and Security, July 2010, Thessaloniki, Greece.
URI
https://hdl.handle.net/10945/36830
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
Citation
Proceedings of the 9th European Conference on Information Warfare and Security, July 2010, Thessaloniki, Greece.
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections
Publications