Program‎ > ‎

6.1 Cyber Security - General



Class Outline 
   Definiton of cybersecurity
   History on cybersecurity
   Network security
   Data security
   Computer security
   Introduction to various aspects of cybersecurity
          - CERT/CSIRT:            general; private and public sectors
          - Cyber Crime:             law enforcement
          - Cyber Surveillance:   intelligence
          - Cyber Warfare:          military   
   cybersecurity governance
         - general
         - stakeholders
         - multistakeholder practice

Class Description (by Susan Landau): [ppt]

    Abstract: Even before the 1988 Morris Worm, the network has been
    provided a vector for attack. But early attacks, while disturbing to
    the military, were largely treated lightly by the civilian sector
    until the early 2000s. Even though some security measures were put in
    place, our cybersecurity remains poor.  Surveying the history of
    attacks over the last three decades, this talk will discuss why, what
    did we learn, and what might the future bring us.

Class Descriptoin (by Eneken Takk)
    
   This class explains the emergence of the ‘cyber security’ discourse through the advances and proliferation in information and communication technologies, and the 
   accompanying convergence of personal, corporate and political risk. The class will position cybersecurity vis-a-vis related themes like information security, network and data
    security, international cyber security and cybersecurity governance. The class will discuss the implications of cyber security concerns on development and decision-making.
Class Description (Internet Society; Online)

    Introduction to cybersecurity and resilience
    Importance of risk management
    Collaboration and coordination
    Building cyber response capability
    Technology building blocks for security
    Cyberwar and peace

Class/Session Description (by Onno Purbo)
   Main objectives: (1) hands-on experience  how hacker works, and 
                               (2) obtain a practical overview on how to secure servers from cyber attacks.
 
                                Teaching Cybersecurity

Class Description (by Chester Soong)

  Part I: Fundamentals
    - Internet topology and the underlying technology (just a 15 mins thing to set the stage and gets everyone to begin on the same page)
    - Network security (Internet) IPv4 and IPv6 
    - Data security (various kinds of encryption applications such as VPN, SSL, HTTPS, etc.)
    - Internet Application security (this section should mainly cover security topics from design to application development to application firewall (or intrusion prevention at 
      application layer)
  Part II: Hot topics
   - Cyber surveillance
   - Cyber Crime (only covers the common and latest cyber crime types without going into the investigation and detection in details as it should be covered 
     in the Cyber Crime module)
   - Incident Response (For this class, I believe the content should be more "internal" to the organisation with the aim for the audience to learn how to 
     handle an Internet Security incident when his/her organisation is under attack or suffered from an attack. For the issues of the bigger picture such as 
     incident response at the Internet infrastructure level, it should belong to the class covered by CERT people)




Lecture Pool: Susan Landau
Additional Candidate Lecturers: Yurie Ito, Koichiro Komiyama, Onno Purbo, Ronald Deibolt, Eneken Tikk

References: 
   
   APRICOT, IoT - Next Wave of DDoS; Mirai,..., 2017.2.
  Manlio De Domenico y Alex Arenas: “Modeling Structure and Resilience of the Dark Network”. Physical Review E. DOI: 10.1103/PhysRevE.95.022313
   Asia Internet History - Book 3 (2000s) Chapter 5 Cybersecurity, 2015.
   Harald Bauer, et al., Security in IoT, McKinsey, 2017.5
   Blackhat, Annual Conference.
   Brookings Institution, Cybersecurity and Cyberwar, 2014. (with Singer, Sanger,...)
   Ben Buchanan, Cybersecurity dilemma, 2018. [youtube]
   Budapest Convention 
   XinhuaNet, Cybersecurity Law, 2017.5.31.
   Center for New American Security, Strategic Competition in Era of AI, Series on AI and International Security, 2018.7.
   China-US Track 2 Bilaterial on Cybersecurity, Frank communications and sensible cooperation to stem harmful hacking, 2013.
   CLTC, Cybersecurity Futures 2020, UC Berkeley, 2016.
   Kilnam Chon, Cyberspace - What is it?, 2013. [paper], [ppt] 
   Kilnam Chon, Cyber Security Governance, 2016. [draft ppt]
   CyberEdge, 2018 Cyberthreat Defence Report, 2018.
   Cyber Norms Workshop,
 A Call to Cyber Norms, Discussions at Harvard-MIT-Toronto, 2011 and 2012, March 2015.
   Cyber Security Oxford, Workshop: Cybersecurity and Internet Governance, 2017.6/2. 
   Cymetria, Introduction to Cyber Deception, 2018.
   Defcon, Annual Conference. 
   
Ronald Deibolt, Black Code.
   B. Egan, Remarks on International Law and Stability in Cyberspace, 2016.11.10.
   EC, Cybersecurity, 2015.
   Farsight Security
   FIRST, www.FIRST.org.
   Ed Gent, Battle of bots, Singularity Hub, 2016.11.
   
Andy Greenberg, How an entire nation became Russia's test lab for cyberwar, 2017.6.20.
   Andy Greenburg, Biohackers encoded malware in a strand of DNA, Wired, 2017.8.10.
   Robert Hacket, Google's elite hacker SWAT team vs everyone, Fortune, 2017.6.25. [Project Zero]
   Michael Hayden, Why cybersecurity is so hard?(youtube), 2016.
   Harvard Extension School, Lecture 6: Security - CSCI E-1 2011, YouTube  
   Melissa Hathaway, Future of cybersecurity (youtube), 2017.
   Kenny Huang, Cybersecurity and Internet Governance, 2017. [ppt]   
   Geoff Huston, Forensic Tracing in the Internet - An Update, Network Security Session, APRICOT, 2017. [video
   Information Security Policy Council (of Japan), Cybersecurity Strategy, 2013.6.10.
  
   International Cyberspace Conference, 2011~.
   International Watch and Warning Network (IWWN)
   IGP, IGP Workshop: Who Governs, States or Multistakeholders?, 2017.5.12-13
   Internet Society, Collaborative Security, 2015.  
   ITU, International stakeholders for cybersecurity ecosystem.   
   Nadia Khadam, Cybersecurity, PKSIG, 2017.
   KG Kim, Blockchain; hacking and security, krIGF, 2017. (in Korean) 
   Alexander Klimberg (Ed.), National  Cyber Security Framework Manual, 2012.
   Anja Kovacs, Addressing India's Global Cybersecurity Concerns, Internet Democracy Project, 2015.
   Susan Landau, Surveillance or Security, MIT Press, 2011.
   Angela McKay, Cyber Security - Internet of Risks, Raisina Dialogue 2017, New Delhi, 2017.1.17-19.
   Medium, Current Digital Security Resources, 2016.12.
   MIT Technology Review, Patching the electric grid, 2017.5.18.
   MIT Technology Review, With this tool, AI could identify malware,...., 2018.4.
   PBS, Rise of Hackers, Nova. (also througth Netflix)
   Radia Perlman, et al., Network Security, 1995.
   Onno Purbo, Teaching Cybersecurity, 2017.9
   Onno Purbo, Bio, Wikipedia, 2017. [translated]
   Open University, Introduction to Cybersecurity (MOOC).
   Shreedeep Rayamajhi, A synopsis of cyber warfare and terrorism, Diplo Foundation, 2009.
   Reuter, Russian expose breakthrough US spying program , 2018.2.
   J. Schiller, Strong security requirements for IETF standard protocols, RFC3365, 2002.
   Bruce Schneier, Data and Goliath, 2015.
   Bruce Schneier, Security Economics of IoT, Schenier on Security, 2016.10.10. 
   Bruce Schneier, Secuirty and privacy guidelines for IoT, Schneier on Security, 2017.2.9.
   Bruce Schneier, Keynote Speech: Security and Privacy, Cycon, 2018.
   Tom Simonite, Do we need a Digital Geneva Convention?, MIT Technical Review, 2017.2.15.
   Internet Society, Cybersecurity and Resilience, in Shaping the Internet, 2015.
   Eneken Tikk, Bio, 2018.1.
   Joe Weiss, Cybersecurity and Industrial Control Systems, Stanford, 2012.[youtube]
   
UN, 2015 UN GGE Report: Major Players Recommending Norms of Behaviour, Highlighting Aspects of International Law.
   USA (DHS),Cybersecurity Strategy, 2018.5.15.
   White House, Fact Sheet: National Cybersecurity Action Plan, 2016.2.9.
   World Federation of Scientists,  Erice Declaration on Principles for Cyber Security and Cyber Peace, 2009.