From NATO’s Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) website:
After many rounds of peer review, 14 articles were accepted for this proceedings book, which formed the ‘backbone’ of the conference’s sessions and workshops. CyCon’s interdisciplinary nature is reflected in this collection of articles, which can be broadly categorised into three sections: strategy, law and technology.
The publication starts with a focus on strategic cyber security issues, as Martin Libicki provides his perspective on how states can establish effective international norms to limit cyber espionage. This is followed by Max Smeets, who analyses the possible benefits and risks of organisational integration of national offensive cyber capabilities. When discussing the challenges stemming from NATO’s decision to recognise cyberspace as an operational domain, Brad Bigelow highlights the importance of mission assurance and advocates for a clear role for the NATO Command Structure. The strategy section ends with Kenneth Geers, who emphasises the importance and often underestimated value of traffic analysis in cyberspace.
Articles devoted to legal issues start with Ido Sivan-Sevilla’s study of the dynamics of United States federal law with regard to the privacy and security debate. Privacy is also addressed by Eliza Watt, who writes about the role of international human rights law in the protection of online privacy, focusing on the extraterritorial application of human rights treaties. Jeffrey Biller’s contribution then looks at a topical issue in international humanitarian law: the misuse of protected indicators in cyberspace. International humanitarian law is also represented by the following article by Tassilo V. P. Singer, who examines the possible extension of the period of direct participation in hostilities due to autonomous cyber weapons. Emerging international law is discussed in the last two legal articles. Kubo Mačák provides his view of how general international law is influenced by the development of the cyber law of war; and finally, Peter Z. Stockburger observes that there may be arising a new lex specialis governing state responsibility for third party cyber incidents: a ‘control and capabilities’ test.
The third section of the book covers technical cyber security matters. Focussing on the defence of core infrastructure, Robert Koch and Teo Kühn begin by introducing their concept of building an effective intrusion detection system, based on voltage levels and current drain, to protect unsecure industrial control systems. Continuing with the subject of defending cyber-physical systems, Martin Strohmeier et al. propose the establishment of a separate verification layer for sensitive wireless data, powered by crowdsourced sensors connected to the Internet. Fabio Pierazzi et al. then tackle the detection of advanced cyber attacks as they introduce a novel online approach for identifying intrusions, providing an alternative to existing frameworks. Last but not least, Riccardo Longo et al. look at the resilience of certification authorities in a scenario of a large-scale cyber attack and propose a solution by analysing the security of a blockchain-based Public Key Infrastructure protocol.
The full document can be downloaded from NATO CCD COE at this link.