Class Outline
Definiton of cybersecurity
History on cybersecurity
Network security
Data security
Computer security
Introduction to various aspects of cybersecurity
- CERT/CSIRT: general; private and public sectors
- Cyber Crime: law enforcement
- Cyber Surveillance: intelligence
- Cyber Warfare: military
cybersecurity governance
- general
- stakeholders
- multistakeholder practice
Class Description (by Susan Landau): [ppt]
Abstract: Even before the 1988 Morris Worm, the network has been
provided a vector for attack. But early attacks, while disturbing to
the military, were largely treated lightly by the civilian sector
until the early 2000s. Even though some security measures were put in
place, our cybersecurity remains poor. Surveying the history of
attacks over the last three decades, this talk will discuss why, what
did we learn, and what might the future bring us.
provided a vector for attack. But early attacks, while disturbing to
the military, were largely treated lightly by the civilian sector
until the early 2000s. Even though some security measures were put in
place, our cybersecurity remains poor. Surveying the history of
attacks over the last three decades, this talk will discuss why, what
did we learn, and what might the future bring us.
Class Descriptoin (by Eneken Takk)
This
class explains the emergence of the ‘cyber security’ discourse through the
advances and proliferation in information and communication technologies, and
the
accompanying convergence of personal, corporate and political risk. The
class will position cybersecurity vis-a-vis related themes like information
security, network and data
security, international cyber security and cybersecurity
governance. The class will discuss the implications of cyber security concerns
on development and decision-making.
Class Description (Internet Society; Online)
Introduction to cybersecurity and resilience
Importance of risk management
Collaboration and coordination
Building cyber response capability
Technology building blocks for security
Cyberwar and peace
Class/Session Description (by Onno Purbo)
Main objectives: (1) hands-on experience how hacker
works, and
(2) obtain a practical overview on how to secure servers from cyber
attacks.
Class Description (by Chester Soong)
Part I: Fundamentals
- Internet topology and the underlying technology (just a 15 mins thing to set the stage and gets everyone to begin on the same page)
- Network security (Internet) IPv4 and IPv6
- Data security (various kinds of encryption applications such as VPN, SSL, HTTPS, etc.)
- Internet Application security (this section should mainly cover security topics from design to application development to application firewall (or intrusion prevention at
application layer)
application layer)
Part II: Hot topics
- Cyber surveillance
- Cyber Crime (only covers the common and latest cyber crime types without going into the investigation and detection in details as it should be covered
in the Cyber Crime module)
in the Cyber Crime module)
- Incident Response (For this class, I believe the content should be more "internal" to the organisation with the aim for the audience to learn how to
handle an Internet Security incident when his/her organisation is under attack or suffered from an attack. For the issues of the bigger picture such as
incident response at the Internet infrastructure level, it should belong to the class covered by CERT people)
handle an Internet Security incident when his/her organisation is under attack or suffered from an attack. For the issues of the bigger picture such as
incident response at the Internet infrastructure level, it should belong to the class covered by CERT people)
Video: 2017 APSIG by Susan Landau
Lecture Pool: Susan Landau
Additional Candidate Lecturers: Yurie Ito, Koichiro Komiyama, Onno Purbo, Ronald Deibolt, Eneken Tikk
References:
APRICOT, IoT - Next Wave of DDoS; Mirai,..., 2017.2.
Manlio De Domenico y Alex Arenas: “Modeling Structure and Resilience of the Dark Network”. Physical Review E. DOI: 10.1103/PhysRevE.95.022313
Asia Internet History - Book 3 (2000s) Chapter 5 Cybersecurity, 2015.
Harald Bauer, et al., Security in IoT, McKinsey, 2017.5
Harald Bauer, et al., Security in IoT, McKinsey, 2017.5
Blackhat, Annual Conference.
Brookings Institution, Cybersecurity and Cyberwar, 2014. (with Singer, Sanger,...)
Brookings Institution, Cybersecurity and Cyberwar, 2014. (with Singer, Sanger,...)
Brookings.edu, Next Russian attack will be far worse than bots and trolls, 2018.3.22
Ben Buchanan, Cybersecurity dilemma, 2018. [youtube]
Budapest Convention
Budapest Convention
XinhuaNet, Cybersecurity Law, 2017.5.31.
Center for New American Security, Strategic Competition in Era of AI, Series on AI and International Security, 2018.7.
China-US Track 2 Bilaterial on Cybersecurity, Frank communications and sensible cooperation to stem harmful hacking, 2013.
CLTC, Cybersecurity Futures 2020, UC Berkeley, 2016.
Kilnam Chon, Cyberspace - What is it?, 2013. [paper], [ppt]
Kilnam Chon, Cyber Security Governance, 2016. [draft ppt]
China-US Track 2 Bilaterial on Cybersecurity, Frank communications and sensible cooperation to stem harmful hacking, 2013.
CLTC, Cybersecurity Futures 2020, UC Berkeley, 2016.
Kilnam Chon, Cyberspace - What is it?, 2013. [paper], [ppt]
Kilnam Chon, Cyber Security Governance, 2016. [draft ppt]
CyberEdge, 2018 Cyberthreat Defence Report, 2018.
Cyber Norms Workshop, A Call to Cyber Norms, Discussions at Harvard-MIT-Toronto, 2011 and 2012, March 2015.
Cyber Security Oxford, Workshop: Cybersecurity and Internet Governance, 2017.6/2.
Cyber Norms Workshop, A Call to Cyber Norms, Discussions at Harvard-MIT-Toronto, 2011 and 2012, March 2015.
Cyber Security Oxford, Workshop: Cybersecurity and Internet Governance, 2017.6/2.
Cymetria, Introduction to Cyber Deception, 2018.
Defcon, Annual Conference.
Ronald Deibolt, Black Code.
B. Egan, Remarks on International Law and Stability in Cyberspace, 2016.11.10.
Ronald Deibolt, Black Code.
B. Egan, Remarks on International Law and Stability in Cyberspace, 2016.11.10.
EFF, Security education comparison, 2017.11.
Farsight Security
FIRST, www.FIRST.org.
Ed Gent, Battle of bots, Singularity Hub, 2016.11.
Andy Greenberg, How an entire nation became Russia's test lab for cyberwar, 2017.6.20.
Andy Greenburg, Biohackers encoded malware in a strand of DNA, Wired, 2017.8.10.
Robert Hacket, Google's elite hacker SWAT team vs everyone, Fortune, 2017.6.25. [Project Zero]
Michael Hayden, Why cybersecurity is so hard?(youtube), 2016.
Ed Gent, Battle of bots, Singularity Hub, 2016.11.
Andy Greenberg, How an entire nation became Russia's test lab for cyberwar, 2017.6.20.
Andy Greenburg, Biohackers encoded malware in a strand of DNA, Wired, 2017.8.10.
Robert Hacket, Google's elite hacker SWAT team vs everyone, Fortune, 2017.6.25. [Project Zero]
Michael Hayden, Why cybersecurity is so hard?(youtube), 2016.
Harvard Extension School, Lecture 6: Security - CSCI E-1 2011, YouTube
Melissa Hathaway, Future of cybersecurity (youtube), 2017.
Melissa Hathaway, Future of cybersecurity (youtube), 2017.
Neil Hughes, How AI and machine learning redefines cybersecurity?, 2018.4.
Kenny Huang, Cybersecurity and Internet Governance, 2017. [ppt]
Geoff Huston, Forensic Tracing in the Internet - An Update, Network Security Session, APRICOT, 2017. [video]
Information Security Policy Council (of Japan), Cybersecurity Strategy, 2013.6.10.
Information Security Policy Council (of Japan), Cybersecurity Strategy, 2013.6.10.
International Cyberspace Conference, 2011~.
International Watch and Warning Network (IWWN)
IGP, IGP Workshop: Who Governs, States or Multistakeholders?, 2017.5.12-13
Internet Society, Collaborative Security, 2015.
Internet Society, Collaborative Security, 2015.
ITU, International stakeholders for cybersecurity ecosystem.
Nadia Khadam, Cybersecurity, PKSIG, 2017.
Anja Kovacs, Addressing India's Global Cybersecurity Concerns, Internet Democracy Project, 2015.
Susan Landau, Surveillance or Security, MIT Press, 2011.
Susan Landau, Brief History of the Internet-based Attacks and Why Security is So Hard, 2016. [ppt]
Rebecca MacKinnon, The Internet has a dark side, and we need a plan for taming it, WEF, 2017.
Angela McKay, Cyber Security - Internet of Risks, Raisina Dialogue 2017, New Delhi, 2017.1.17-19.
Medium, Current Digital Security Resources, 2016.12.
Microsoft (Ciglic, McKay,..), Building on experience: a framework for cybersecurity policy – Microsoft Secure, 2018.8.
Necessary and Proportionate, International principles on application of human rights to communications surveillance, 2013.
NIST, Cybersecurity Framework, 2017.
NIST, Cybersecurity Framework, 2017.
PBS, Rise of Hackers, Nova. (also througth Netflix)
Radia Perlman, et al., Network Security, 1995.
Onno Purbo, Beginner's guide to hacking and practical net security, 2016.
Onno Purbo, Teaching Cybersecurity, 2017.9
Onno Purbo, Bio, Wikipedia, 2017. [translated]
Open University, Introduction to Cybersecurity (MOOC).
Reuter, China draft cyber law mandates security assessment for outbound data, 2017.4.11
Reuter, Russian expose breakthrough US spying program , 2018.2.
J. Schiller, Strong security requirements for IETF standard protocols, RFC3365, 2002.
J. Schiller, Strong security requirements for IETF standard protocols, RFC3365, 2002.
Bruce Schneier, Data and Goliath, 2015.
Bruce Schneier, Keynote Speech: Security and Privacy, Cycon, 2018.
Tom Simonite, Do we need a Digital Geneva Convention?, MIT Technical Review, 2017.2.15.
Internet Society, Cybersecurity and Resilience, in Shaping the Internet, 2015.
Eneken Tikk, Bio, 2018.1.
Joe Weiss, Cybersecurity and Industrial Control Systems, Stanford, 2012.[youtube]
UN, 2015 UN GGE Report: Major Players Recommending Norms of Behaviour, Highlighting Aspects of International Law.
Joe Weiss, Cybersecurity and Industrial Control Systems, Stanford, 2012.[youtube]
UN, 2015 UN GGE Report: Major Players Recommending Norms of Behaviour, Highlighting Aspects of International Law.
USA (DHS),Cybersecurity Strategy, 2018.5.15.
YouTube, Internet Hackers in 2017 Documentary, 2017.
White House, Fact Sheet: National Cybersecurity Action Plan, 2016.2.9.
WEF, 2018 Global Risk Report (and Video), 2018.
World Federation of Scientists, Erice Declaration on Principles for Cyber Security and Cyber Peace, 2009.
