Singapore Academic Cybersecurity R&D

Harnessing R&D to Secure our Nation

Deterring Cybersecurity Threats through Internet Topology, Law Enforcement and Technical Mitigation
 

• Lead PIs : Wang Qiuhong, Assistant Professor, SMU ( qiuhongwang@smu.edu.sg ) and Yuval Shavitt, Professor, Tel Aviv University ( shavitt@eng.tau.ac.il )
• Host Institution : School of Information Systems, SMU
• Partner Institution : Tel Aviv University

I. Goal

Cybersecurity is as much a technical issues as a critical policy and business issue. International collaboration has been recognized as a general direction in the technical and legal strategies to tackle the globalized cybersecurity threats. Critical questions are still pending in the practices of international collaboration.

To address these issues, in this project we link the interdependency of cyber-attacks back to the underlying Internet topology – the fundamental network infrastructure that underpins the data forwarding across the Internet. We then propose a cyber-attack deterrence framework integrating the interaction among the Internet topology, law enforcement and technical countermeasures.

Our approach is rooted on the behavioural impacts of Internet topology, law enforcement and technical countermeasures imposed on attackers’ cost, risk, and feasibility in committing cyber-attacks. By linking this framework with the comprehensive and unique cyber-attack traffic data, we can model the dynamics of interdependence of cyber-attacks across regions, quantify the relative effectiveness of domestic law vs. international law in deterring cyber-attacks, and evaluate the impact of the extent of information disclosure by the cybersecurity emergency response agencies in alleviating cybersecurity threats.

Our project aims to make three important contributions by investigating the following specific questions:

• To disclose the mechanisms underlying cyber-attack interdependency with
  aspect to the Internet topology
• Does the probability of a country as victims of cyber-attacks increase with its global connectivity in the Internet topology?
• Is the interdependence in cyber-attacks between two countries positively or negatively associated with their direct connectivity in the Internet topology?
• Is the interdependence in cyber-attacks between two countries positively or negatively associated with their relative importance as an intermediary to
  each other’s global connectivity?

To evaluate the relative effectiveness of domestic legislation vs. international legislation in deterring cyber criminals

• Is international legislation more effective than domestic legislation in deterring cyber-attacks? How does the relative effectiveness vary with a country’s topological location?
• How do the other countries’ legislations against cybercrimes affect a country’s cybersecurity threats? How do the possible externalities vary with a country’s topological location?

To manage the information disclosure of technical countermeasures in resolving cybersecurity threats

• Do the establishment and the information disclosure of the cybersecurity emergency response authorities reduce cyber-attacks targeting a country? How do the effects vary with a country’s topological location?
• How does the other countries’ activeness in the cybersecurity emergency response affect a country’s cybersecurity threats? How do the possible externalities vary with a country’s topological location?