Academic Updates
Regent University participates in NATO Cybersecurity Workshop
On 10-11 October, Professor Joe Saur participated in a NATO-sponsored workshop conducted on the campus of Norfolk State University.
The first day focused on aspects of human behavior, including:
- Sandia National Labs: efforts to model adversarial individuals, groups, and societies using a family of disparate models: psychological, social, cultural, political, and others. The goal is to identify motivations behind observed online behavior.
- The University of Texas at El Paso: a study of correlations between types of observed attacks, and when possible, the attackers’ motivations.
- The Army Research Labs: The impact of national culture on behavioral norms, both online and in person. Basically, a recognition that Red thinks differently, and this leads to attacks and strategies that surprise us.
- The Institute of Art, Design and Technology, Ireland: How trust gets established online, and how higher levels of trust often lead to lower concerns about privacy.
- Virginia Modeling, Analysis and Simulation Center (VMASC): Most (~91%) of all recent online attacks have started with phishing, and we must recognize that people are the weakest link (and the easiest broken).
The second day was all about Blockchains as a possible means to establish trust in environments where military networks are being established with groups, organizations, and national forces who are not considered fully trustworthy (i.e., ad-hoc networks between groups coordinating actions in Syria).
- Old Dominion University: provided a technical explanation of Blockchain, how it works, what it can and cannot do, and how public validation works.
- Norfolk State University: demonstrated an information exchange model that they are working on; this uses Blockchain technology to connect online buyers and sellers in the presence of adversaries.
- University of Central Florida: gave an enlightening list of the multiple ways (both observed and theoretical) that Blockchain can be successfully attacked, and provided instances where such attacks have been successful in the past.
- Air Force Research Labs: provided much of the context for the problem, such as the need for the US and Russia to coordinate activities in Syria without either side actually allowing the other into a national network.
- IBM: provided an explanation of ‘permissioned’ Blockchain technology that they are offering for use by businesses in a closed network environment.
- The Business Continuity Institute: argued that permissioned Blockchains (like IBM’s) are inherently weaker as they rely on ‘Proof of Stake’ rather than ‘Proof of Work’
Bottom line: The purpose of the workshop, and the reason for the inclusion of Blockchain on Day 2, was to try to identify a possible short-term project that NATO would/might be willing to fund, and there was apparently some thought that Blockchain could be a good starting place. Based on the various presentations today, it would appear than nothing currently emerging actually fits that bill.