5 Year Base Period - MIT Computer Science and Artificial

MRI Topic 5: ECIR - Explorations in Cyber International Relations
PI: Professor Nazli Choucri, Political Science Department, Massachusetts Institute of Technology (MIT)
Participating Universities: Harvard University, MIT
5 Year Base Period: $8,322,070
5 Year Option Period: $9,636,248 Total Cost: $17, 958,318
With Option 1 (2008-2013): $9,585,254 With Option 2 (2008-2013): $10,380,352
Abstract: This project creates a multidisciplinary, policy relevant research program to investigate the
threats and opportunities arising in cyberspace for our national security, welfare and influence. The
program will develop new tools and methods to identify, measure, interpret, and analyze their critical
features, and new frameworks to formulate and evaluate responses. Research will also focus on the
implications of challenges and potential responses for international systems’ stability and instability.
Given the prodigious growth and penetration of cyberspace, the program takes a long-range view and
frames issues as broad modules of international systems, e.g., economic interactions, as well as specific
activities, e.g., exfiltration for industrial espionage. Research will involve personnel at MIT and Harvard in
the social sciences, computer science, public policy and legal studies and close collaborations among
them will enable the integration of their perspectives. Methods will include the reformulation of
international relations theories to link interactions in the ‘real’ and cyber domains; the specification,
collection, fusion and advanced analysis of data sets for incidents and events in cyberspace; new work
in game theory to analyze interdependence of risks and to facilitate cooperative international agreements
on cyberspace issues; simulations of policy consequences over time; the analysis of broad strategic
approaches to cyber defense and their limitations; the identification of legal and institutional conditions
and constraints on efforts to secure and govern the Internet, and analysis of economic and
organizational barriers to uptake by industry of high assurance hardware and software.
The expected results include capabilities for projecting systemic effects of international conflict
(cooperation) in cyberspace; protocols and tools for cyber and real world data that enable better warning
and alerts; enhanced knowledge of threat actors’ capabilities, intentions and motivations; protocols for
negotiating agreements on cyberspace and discrimination of those issues more conducive to such
agreements; suggested legal frameworks for cyber defense; robust principles for Internet governance;
models of cyber conflict escalation and de-escalation as a basis for limited deterrence strategies, and
the integration of soft power approaches into cyber defense. We aim to produce a field of international
cyber relations that includes research methodologies, demonstrated analytical tools and trained
personnel who can formulate and implement effective policies for cyber defense and management of
cyberspace.
Cyber defense is already a top national security priority and the most critical and extensive technical
problem facing the US military, intelligence services, critical civilian sectors and even the general
population. During the next decade while technical solutions are developed, partial measures must be
deployed to slow exponential rises in cyber crime, to suppress nascent cyber terrorism, to reverse
trends in industrial espionage, and to mitigate cyber threats to the military, intelligence services and
critical infrastructures. These measures will likely include technical patches, strategic policies and
communications, international agreements, and new laws. In this context, our research methods and
results, disseminated through students, publications, workshops, briefings and mid-career refreshers
that help national defense and other officials:
• Understand cyberspace as an environment and means for international conflict and cooperation;
• Understand transformations in international orders as consequent contexts for cyber defense
and security;
• Identify emergent cyber threats and opportunities for effective responses;
• Anticipate limits, gaps and unintended consequences in policies;
and provide to them:
• Frameworks for rigorous risk and impact analyses of cyber defense policies and initiatives.
• Conceptual tools to study and enable cooperation in a potentially adversarial strategic
interaction;
• Theories and decision frameworks to grasp the technical, political and strategic dimensions of
cyberspace and to evaluate proposed strategies and agreements.
BAA Number: W911NF-08-R-0007
Topic Number: 5
Topic Title: New Approaches to Understanding Dimensions of National Security, Conflict and
Cooperation
ECIR - Explorations in Cyber International Relations
Nazli Choucri (PI), David D. Clark, Roger Hurwitz, Stuart Madnick,
John C. Mallery, Silvio Micali, Patrick H. Winston
Massachusetts Institute of Technology!
Ashton Carter, Jack Goldsmith, Joseph S. Nye, Jr., Eric Rosenbach
Harvard University
September 28, 2008
Principal Investigator:
Professor Nazli Choucri
Department of Political Science, E53-470!
Massachusetts Institute of Technology!
77 Massachusetts Avenue!
Cambridge, MA 02139-4307
Email: [email protected]
Phone: 617-253-6198!
FAX: 617-258-6164
Other universities involved in the MRI team: Harvard University
Performing Organization:
Massachusetts Institute of Technology
CAGE Number: 80230
DUNS Number: 00-142-5594
Contracting Point of Contact:
William Barrett, Assistant Director
Office of Sponsored Programs
Massachusetts Institute of Technology
77 Massachusetts Avenue
Cambridge, MA 02139-4307
Email: [email protected]
Phone: 617-253-0460
FAX: 617-253-4734
2
Table
of
Contents
1
Project Description .....................................................................................................5
1.1
International Relations Theory & Cyberspace (Task A) - Choucri, Hurwitz, Mallery, Nye .............. 5
1.2
Case Studies and Area Studies (Task B) - Carter, Hurwitz, Nye .................................................... 7
1.2.1
Estonia ..................................................................................................................................... 7
1.2.2
Other Cases ............................................................................................................................. 8
1.3
Cyber Threat Analysis (Task C) - Clark, Mallery, Rosenbach ......................................................... 8
1.3.1
Threat Actors............................................................................................................................ 8
1.3.2
Cyber Targets .......................................................................................................................... 8
1.3.3
Technical Bases for Vulnerabilities .......................................................................................... 8
1.4
Data Development (Task D) - Choucri, Hurwitz, Madnick, Mallery, Winston ................................. 9
1.4.1
Data Ontology, Requirements and Limitations ........................................................................ 9
1.4.2
Data Theories ......................................................................................................................... 11
1.4.3
Data Collection and Integration ............................................................................................. 12
1.4.4
Data Analysis & Interpretation................................................................................................ 12
1.5
Methods........................................................................................................................................ 12
1.5.1
Game Theory and Dynamic Simulations (Task E) .................................................................. 12
1.5.2
Resilient Incentives as a Secure Mechanism Alternative to Deterrence - Micali ................... 13
1.5.3
Game Theoretic Modeling And Interdependent Risk Analysis - Ortiz ................................... 14
1.5.4
Simulations and System Dynamics Modeling – D. Goldsmith............................................... 15
1.6
Institutional Constraints on Strategic Cyber Defense (Task F) ..................................................... 16
1.6.1
International Law on Cyber Defense - J. Goldsmith .............................................................. 16
1.6.2
Global Internet Governance - Clark ....................................................................................... 17
1.7
International Strategies for Cyber Threat Mitigation (Task G) Choucri, full team ......................... 18
1.8
Policy Analysis And Recommendations (Task H) – Carter, Choucri, Nye, Rosenbach ................ 19
1.8.1
The Role of Soft Power in Cyber Defense (Nye) .................................................................... 19
1.8.2
The Objects of Policy ............................................................................................................. 20
1.9
Innovation, Industrial Organization & Sector Strategies (Task I) – Madnick, Mallery ................... 22
1.10
Related Research ....................................................................................................................... 22
1.11
Expected Results........................................................................................................................ 22
1.12
Relevance to Defense Missions and Requirements ................................................................... 23
1.13
Potential Implications For National Defense............................................................................... 23
1.14
Education and Training............................................................................................................... 23
1.15
Project Schedule, Milestones, and Deliverables ........................................................................ 24
1.16
Assertion of Data Rights ............................................................................................................. 25
1.17
Management Approach .............................................................................................................. 25
2
Facilities and Other Resources.................................................................................28
3
Equipment.................................................................................................................30
4
References................................................................................................................31
5
Curriculum Vitae .......................................................................................................35
5.1
Ashton B. Carter ........................................................................................................................... 35
5.2
Nazli Choucri (Principal Investigator) ............................................................................................ 37
5.3
David D. Clark............................................................................................................................... 40
5.4
Jack Goldsmith............................................................................................................................. 43
5.5
Roger Hurwitz ............................................................................................................................... 44
5.6
Stuart Elliot Madnick..................................................................................................................... 46
5.7
John C. Mallery............................................................................................................................. 49
5.8
Silvio Micali ................................................................................................................................... 50
5.9
Joseph S. Nye, Jr. ........................................................................................................................ 53
3
5.10
Luis E. Ortiz ................................................................................................................................ 55
5.11
Eric Rosenbach .......................................................................................................................... 57
5.12
Patrick H. Winston ...................................................................................................................... 58
4
1
Project Description
We shall develop a policy-relevant research program that investigates the near- and long-term threats
and opportunities in cyberspace for national security, welfare and influence. We understand cyberspace
as the ever-growing pervasive, international, digital networks that:
• Enable new strategic interactions among nation states and other actors that can affect national
security and well-being;
• Stimulate competition and collaboration among the actors concerning Internet management and
control;
• Transform social, economic, political, scientific and cultural activities in ways that change the
strategic capabilities of the actors;
• Call for innovative modes of management and offer varying potentials for “governance.”
In support of cyber strategy, this multidisciplinary project will create new theoretical frameworks and
develop tools to identify, measure, interpret, analyze and evaluate challenges and responses in
international cyber relations. Our research plan integrates social sciences, legal studies, computer
science and policy analysis. The research team will bring together personnel and institutional resources
from MIT and Harvard. Our research program aims to produce a technically-informed and practicallygrounded field of international cyber relations that includes research methodologies, demonstrations of
analytical tools and trained personnel who can formulate, evaluate and implement effective policies for
cyber defense and management of cyberspace.
This proposal incorporates some innovative steps to reach this goal. It will:
• Extend current descriptions and theories of international relations to include cyberspace as an
opportunity for the exercise of power by states and a source of vulnerability for them;
• Develop case studies that illustrate (a) ways nation states use cyberspace and (b) types of
problems cyber policies must address;
• Specify taxonomies for cyber threats, their technical bases, and target vulnerabilities and link
them these values of categories to specific state and non-state actors;
• Interface international relations theories to these taxonomies in the context of cyberspace
evolution;
• Develop theories that specify data collection requirements for theory testing and policymaking
regarding cyberspace;
• Analyze broad strategic approaches to cyber defense and their limitations;
• Model the problems and possible solutions for multilateral (and bilateral) approaches to
collective cyber security and cyber defense;
• Identify legal and institutional conditions and constraints for cyber security and Internet
governance;
• Analyze cyber policy objects and develop frameworks for policy choices and assessment of
impact on relations among state and non-state actors.
1.1 International Relations Theory & Cyberspace (Task A) - Choucri, Hurwitz, Mallery, Nye
Pervasive Vulnerability: Ubiquitous networking and computing have become indispensable for
communication, coordination and control in the modern world, but they introduce numerous
vulnerabilities at all levels of analysis – from the individual to the national levels and even the
international and global. Given widespread availability of tools to disrupt networks and to access linked
computers surreptitiously, people, organizations and states that rely on networked computing face grave
threats to their security and prosperity the full nature of which remains ambiguous at best. In the United
States, the current administration and the major presidential candidates have proposals to enhance
cyber defense. They view the threats mostly in terms of Information Warfare (IW) targeting military
resources (C4ISR) and critical civilian infrastructures, e.g., power grids, financial flows, Computer
Network Attack (CNA) Information Exploitation (IE), industrial espionage, Information Operations (IO)
against civilians, cyber crime and cyber terrorism. They also acknowledge that no quick technological
fixes are guaranteed. So, in the near- and medium-term future, partial technological measures must be
combined with deterrence and international cooperation to address these very serious threats.
Salience of Broader Context: These and other cyber threats arise in a wider international context
characterized by shifts in the distribution of economic and technological power, by cyber-enabled
5
transformations in production, distribution, knowledge building, knowledge networking, social interaction
and political participation, and, finally, the emergence of Internet governance as a contentious issue
among nation states and other international actors. These global features will lead to emergent
challenges that will inevitably call for evolving efficacy of response strategies. Consequently, cyber
defense is best supported by a broad research program, specifically one that formulates and evaluates
policy in the context of wider long-term trends. This program needs to integrate methods and theories
drawn from social sciences, international studies, policy and risk analysis, communication studies,
economics, computer science and law. The program must also be empirically grounded. It will collect
and analyze data bearing on the characteristics, rate, extent and potential losses of cyber attacks, the
impact of incremental technological solutions, the mechanisms and effectiveness of international
cooperation and deterrence, the impacts of cyber penetration on state power and content control at
national and international levels.
Cyberspace and State Power: The Internet and globe spanning intranets both enable and challenge
the nation’s security, economy and authority. They enable military and national security organizations to
manage complex operations, exchange information, monitor communications, integrate sensor data and
guide remote robots, but at the price of increased vulnerability to penetration of their own embedded
applications, networks and supply chains. Networking critical infrastructures for power, communication
and finance has created greater risks of disruption. As they become global with electronically mediated
distributed operations, corporations may also lose control of their intellectual property, technological
advantages, and internal hierarchical control. Undoubtedly the Internet is a vital vehicle for American
soft power, but it may also erode the government’s control over the images, discourse and language to
which its citizens attend and amplifies citizens’ political demands. Furthermore, it may erode nations’
command of their loyalties, identities and aspirations, by exposing them to competing, foreign influences
and including them in international conversations about global challenges. Under these conditions a
government cannot assume unquestioned public support for security policies or military actions.
Therefore, the research program will generate scenarios for the long-term economic, social and cultural
impact of the Internet.
International Relations Theories: These challenges to state power arising in cyberspace also suggest a
need to move beyond traditional state centric theories of international relations toward theories that
accommodate the consequences of the digital revolution, including new dimensions of power,
transnational social networking, global industrial organization and an international digital divide with
accompanying asymmetries in reliance on cyber infrastructures. On that view, four current theories of
international relations are useful for relating the uses of cyberspace to major changes in global systems:
• Lateral Pressure Theory (Choucri & North, 1975) points to increased contention among state
actors for economic resources and external influence as a consequence of their growth in
population and technological capabilities;
• Soft Power (Nye 2004, 2007a, 2007b, 2007c) notes that a state can project its cultural prestige
and values to attract other states and people to support its interests;
• Dialectics Of World Order (Alker & Biersteker, 1984) observes that the economic rise of China
and India are moving the international order toward multi-polarity, while the spread of
transnational cultures, the global diffusion of skills and capabilities and the emergence of
transnational virtual organizations suggest a decline in a nation state’s power to mobilize and
control activities of its citizens, much less other states.
• Global System for Strategic Decisions (GSSD) (Choucri, 2001; Wickboldt & Choucri, 2006;
Choucri, et al., 2007) offers an ontology of actions, problems and solution strategies, pertaining
to factors threatening system stability and to mechanisms reinforcing security and sustainability.
It thus provides the framework and rule-structure for addressing and integrating cyber-based
attributes and events into our understandings of ‘real’ strategic contexts.
These four theoretical perspectives are empirically grounded in data and responsive to changing
realities. Events and actions in cyberspace have distinct properties. Data on events in cyberspace,
discussed below, can test hypotheses based on these theories. Lateral Pressure Theory, for example,
suggests that states might turn to cyber space instead of the physical world to increase their resources
and influence, even to the point of cyber attacks on other states. Soft Power and Lateral Pressure
Theory together suggest that governance of the Internet and practices like filtering its flows will become
6
increasingly contentious issues, with rising states like China challenging US approaches. Theories
positing declines in state power would predict (a) an increasing percent of cyber attacks that could not
be attributed to state sponsorship and (b) the increasing, sometimes clandestine, use of the Internet to
create transnational consciousness, based on particularistic identities or beliefs. The possibility of
aligning data about uses and abuses of cyberspace with IR theories highlights the significance of the
data themselves and supports extrapolations of the trends.
1.2
Case Studies and Area Studies (Task B) - Carter, Hurwitz, Nye
We shall develop internally consistent and externally comparable case studies in order to illustrate
different cyber postures of actors, and the ways in which state and non-state actors may challenge one
another or respond to opportunities and threats in cyberspace. We shall also use the case studies to
highlight problems for effective cyberspace policymaking and possible for ways of overcoming them.
The following vignette on the denial of service attacks in Estonia, 2007, gives a sense of this task.
1.2.1 Estonia
The concern for cyber defense was greatly stimulated by, among other things, a set of recent cyber
events. A salient example is the distributed denial of service (DDOS) and web-site defacement attacks
on Estonia during Spring 2007. These attacks lasted several weeks and gravely disrupted activities of
the country’s government, media and financial system. The attacks occurred during a dispute between
the Estonian and Russian governments over Estonia’s relocation of a memorial to World War II Russian
soldiers. Estonian officials charged the Russian government with having organized the attacks, but
acknowledged a lack of conclusive evidence. Russian officials denied the charges and European
experts, who investigated the attacks, were unable to confirm involvement by the Russian government.
Many observers, however, believe the attacks were perpetrated by either Russian nationalists or a cyber
crime organization and coordinated by the Russian military or security service (FSB). As a consequence
of these attacks, the attention they drew and the experience gained by Estonians, NATO has established
a center of excellence for cyber security in Estonia.
A closer view of these events reveals some of the complex conditions in cyber international relations
that effective cyber defense policies will need to address. First, cyber attacks are becoming standard
features of rhetorically heated or armed conflicts between technologically advanced states or groups, as
evidenced, in addition to the Estonian case, Palestinian and Israeli attacks at the beginning of the
Second Intifada (2001-2002) and the Russian attacks on Georgian sites during the recent conflict over
South Ossetia. Second, cyber attacks might be highly asymmetrical with respect to attacker and target,
such that even limited capabilities and effort can wreak considerable havoc. Estonia was particularly
devastated by the attacks, because its institutions had become highly net-centric. It was arguably the
most wired country in Europe, in result of its government having promoted Internet and new media
penetration to enhance its population’s technical skills and build their position in the new global
economy (as Lateral Pressure Theory might have predicted). Third, the difficulties of timely attribution of
cyber attacks, as noted in the Estonian case, limit the credibility of deterrence strategies in cyberspace.
Can an announced policy of graduated retaliation be sufficiently credible to deter another state’s attack,
absent a demonstrated means for quick and sure attribution of the attack? If the attacks are attributed to
private citizens, is it credible or legal to hold their government responsible for their behavior and target
them for retaliation? Fourth, there may be little legal recourse for victims of cyber attack under current
conventions and treaties. Estonian officials formally requested Russian assistance in investigating
several suspected attackers who were under Russian jurisdiction, but the Russian government declined
to help. Against the Estonian interpretation, Russia claimed that the requested procedures were not
covered by the Mutual Legal Assistance Treaty between the states. Fifth, even friends and allies might
be reluctant to share information about cyber offensive and defensive capabilities. Apparently, Italy,
Spain and some other NATO countries with limited cyber strategy or cyber warfare capabilities have
joined the work at the Center of Excellence in Estonia, while the US and the UK, which have greater
capabilities, have not. Governments have been generally reluctant to disclose their capabilities to attack
or to detect attack. According to observers who believe the Russian military organized the attacks in
Estonia and Georgia, attacks were kept at a low technological level to avoid disclosing the full extent of
Russian cyber capabilities.
7
1.2.2 Other Cases
Other candidates for case studies include China’s policy of Internet filtering and doctrine of information
security and Islamic militants use of the Internet for public relations, fund raising and recruitment. Like
the Estonian case, we believe each study will reveal its own, perhaps unique, set of conditions with
which efforts to secure cyberspace must deal. We shall also develop broad overviews of how different
areas, regions and cultures of the world respond to the threats and opportunities in cyberspace.
1.3
Cyber Threat Analysis (Task C) - Clark, Mallery, Rosenbach
We shall track and analyze the evolving cyber threat landscape, including actors, capabilities,
vulnerabilities and the corresponding technical requirements for cyber attack and defense.
1.3.1 Threat Actors
Our initial taxonomy of bad actors will link them to targets according to their intent and capabilities.
• Military Organizations: Information Warfare (IW), or attacks on an opponent’s ability to process
information, and Information Operations (IO), or attacks on an opponent’s ability to think clearly, can
be expected from peer opponents in any major armed conflict.
• Intelligence Services: Intelligence agencies employ full-spectrum methods, including cyber
espionage and sabotage (Gosler, 2005). Known practitioners include China, Russia and the US.
• Cyber Criminals: The scale of criminal activities with a cyber component, such as identity theft and
email-initiated scams, is hard to estimate. Some estimates put direct and indirect costs art over
$100 billion per year, with growth between 35% and 100% per year. Cyber crime’s impact on
national security requires understanding the consequences and costs of different activities and the
organizations responsible for them.
• Political Activists: Political groups have employed cyber operations to distress their opponents.
These events include exchanges of cyber attacks between Israelis and Palestinians, and attacks on
former Soviet republic website presumably by Russian nationalists or “patriots.”
• Terrorists: Terrorists have yet to emerge as a critical cyber threat at the information warfare or cyber
espionage level, but they have used the Internet for recruitment, propaganda and fundraising.
• Script Kiddies: Random 15-year olds, who have downloaded cyber attack tools readily available on
the Internet, can cause considerable damage to isolated computer systems. Fortunately, most are
unlikely to sustain a long-term focus on their objectives.
1.3.2 Cyber Targets
Although there is concern about cyber attacks across a full range of sectors, major targets include:
• Military and Intelligence Systems: Doctrines of Net-centric warfare – linking military networks
together to create massive informational support for command decisions – can also increase
vulnerability of the decision cycle to denial of service attacks and data corruption. Because military
infrastructure is not cleanly separated from civilian infrastructure, an adversary may attack civilian
cyber targets to achieve a desired degradation of military systems.
• Critical Civilian Infrastructures: Power grids, major telecommunication systems and financials
systems can reportedly be taken down and kept off line by expert hackers for extended periods.
• Intellectual Property: US companies are ill equipped to prevent large-scale industrial espionage by
nation states that are intent on rapid technological development and enjoy full spectrum capabilities.
• Institutions and Individuals: With the emergence of professional Internet crime, individuals and
institutions have become increasingly vulnerable, due to higher criminal motivation, expanding
infrastructure for cyber crime, and skill sets approaching the level of state actors. Some international
cyber criminals do not fear prosecution, having reached an understanding with their local sheriffs.
1.3.3 Technical Bases for Vulnerabilities
Network: One class of network attack uses the Internet as a vehicle for attacks on hosts or services. The
other, less likely, class of attack targets the network infrastructure itself to deny overall service, may
occur when a state actor tries to degrade another country’s infrastructure as part of a larger campaign.
The main network level attacks are denial of service and man-in-the-middle attacks. Distributed denial of
service (DDOS) attacks flood a victim host or site with so much traffic that the site becomes inoperative.
But, they may attack network packet routers or host routing tables --the instructions for network paths
from one host to another -- to achieve the similar results. Man-in-the-middle attacks insert a malicious
host between a user and the end point host. These attacks can be executed by corrupting the domain
8
name system (DNS), which maps host names to IP addresses. Or an attack can advertise malicious
routes to a destination host via the Border Gateway Protocol (BGP) in order to intercept incoming
network traffic, such as voice-over-IP (VOIP) telephone calls.
Host: Experts estimate that over 80% of the vulnerability rests with the host computers and that less
than 20% is in the network. Within the host, 80% of the attack vectors leverage buffer overflow errors to
gain command of the operating system. The main objective is to subvert the operating system in order
to by-pass its security mechanisms and take full command of the victim’s computer.
Today, cyber criminals and intelligence services are cracking vast numbers of personal computers
(mostly those running Windows) and ganging them together into “Botnets,” that, according to crude
estimates, can range in size 1 and 50 million zombie computers. In a series of moves and counter
moves, botnets are becoming increasingly sophisticated, using peer-to-peer architectures and
encrypted command and control. The malefactors not only exploit these subverted computers for their
own purposes but also rent out botnet time. Botnets have been used in large-scale denial of service
attacks like Estonia in 2007, in emailing spam and malware, and in other criminal activities. Today, there
are even lively international black markets in malware, spy-ware, attack-ware and hijacked platforms.
Computer viruses are usually designed to propagate attack malware to breach host operating systems
before installing root kits. The viruses now have mutating footprints that render anti-virus techniques
ineffective. Web sites are now cracked for the purpose of distributing malware to their viewers, to the
extent that Google recently reported that 5% of 66 million Web sites examined were serving malware.
Weak Architectures: Even though today’s commercial (COTS) systems offer numerous entry points for
attackers, hardening our computers and networks by removing the major attack vectors will only
displace the threat to other less convenient or more expensive lines of attack. A huge problem with
current security architectures is that the overall system is only as strong as the weakest link in the trust
chain, and the attacker has the advantage of choosing the most inopportune time and weakest point to
strike. Future architectures will need to emphasize resilient security mechanisms based on redundant
and crosschecking approaches throughout the architecture from silicon to application and throughout
the life cycles from the design and development to deployment and operation. In the meantime, we will
develop an index to track trends by type and quantity of reported attacks and reflect impacts of
incremental security improvements.
1.4
Data Development (Task D) - Choucri, Hurwitz, Madnick, Mallery, Winston
Although the objective of our data theory research is to better understand cyber conflict and
cooperation, including its systemic impact, work in this area also significantly contributes to the
development of warnings and indications systems for cyber defense. We shall define types of attack,
exploitation and other aggressive behaviors in cyberspace that target the United States and its allies. We
will collect data on their incidence, analyze the trends and use the results to test relevant hypotheses
drawn from theories of international relations, including: Lateral Pressure Theory, Soft Power, Dialectics
of World Order and Global System for Strategies for Strategic Decisions (GSSD).
Note, however, perspectives on cyber defense vary across actors and domains. China’s leadership,
for example, considers state control of content part of its cyber security, whereas Western states are
more concerned with violation of digital rights. Potentials for cooperative actions to secure cyberspace
may therefore depend on the extent of shared norms and convergence on what should be protected.
Our research to address value questions will use secondary analysis on value surveys, content analysis
of discussions about information security, agent based models, as applied to the diffusion of ideas
(Hurwitz), and artificial intelligence models of belief systems and collective intelligence (Winston).
1.4.1 Data Ontology, Requirements and Limitations
Two broad classes of data are required for the study of international cyber relations. Foreground data
refers to explicitly cyber attributes, actions and processes, while background data refers to the noncyber characteristics of the international system, nations, actors and the social economic processes.
Within foreground cyber data, we distinguish the following categories:
• State-centric Data focus on transnational cyber conflict and cooperation among nation states.
It includes cyber defense as well as alliance or collective defense activities. Naturally, cyber
defense capabilities and vulnerabilities of actors are important actor attributes. More general
contextual data characterizes actors physically and ideationally as well as cyber related aspects
of national social, economic and political processes.
9
Critical Infrastructure Centric Data focus on cyber-mediated attacks, their impact and risks to
synergistic physical and economics systems.
• Cyber Crime Data characterizes criminal activities using cyber means, including black markets
for cyber crime, financial losses and impact, policing activities, and conviction rates.
• Cyber Activism refers to political activism broadly and terrorism-related cyber activities
spanning attacks, psychometrics of recruitment techniques and coordination and logistics.
• Cyber Scatter is registrations of anomalous behavior, which cannot be unambiguously tied to
specific actors, but may signal emerging disruptions or responses.
• Communications Patterns constitute the terrain of cyber interactions and include physical
connectivity, the IT supply chain, economic activity, e-commerce, social networks, and diffusion
of norms and culture.
We distinguish actor attributes from cyber incidents, where some noteworthy occurrence takes place.
On the offense side, cyber incidents range from port scanning to DDOS attacks and computer
penetrations to insider attacks or life cycle attacks. On the defense side, they would include detection,
remediation, recovery and reconstitution. Cyber incidents involve a precursor or material change, to
cyber systems that effect their security, integrity or availability and may affect functioning of social,
economic or military systems to which they are linked.
When cyber incidents can be attributed to an actor and the target is known, they become cyber
events. Cyber events capture who is doing what to whom, when, where and why. Data theories describe
categories of theoretically interesting cyber events and their range of values or qualia. Further, data
theories must anticipate the class and range of analytical modeling in order to capture information in
commensurate data formats. The range and richness of data collected make possible and contain the
potential range of results.
By segmenting the data collection into the following levels, it becomes possible to separate highly
technical cyber forensics from theory-based data requirements and provide a composable framework.
• Cyber Incidents: Detect incidents and populate incident records from log files and security
administrators automatically as feasible or via human reports.
• Cyber Events: Identify theory-relevant incidents and attribute them to an actor (or an
anonymous actor) directly or via signature-based methods. Again, these levels may be captured
by humans at first and later with increasing automation.
• Cyber Interactions: These are patterns or grammars of cyber events among international
actors. These patterns will include sequences of escalation and de-escalation as well as the
widening and narrowing of the scope of activity. Macro patterns of interactions may indicate
systemic cyber threats.
For cyber crime, data theories are somewhat different. The objectives are to measure:
• Criminal Activity: Estimates of the volume and breadth of cyber crime is important for
identifying trends as well as determining success of efforts to contain and reduce cyber crime.
Most of this data will be cyber incidents because perpetrators are often unknown even if victims
are identified. In some cases, criminal enterprises may be identified before or after the fact.
• Black Markets: Estimates of volume and quality of stolen data, tools and expertise traded by
criminals are an important predictor of the level and sophistication of cyber crime. Data on illegal
payment schemes can be particularly useful.
• Justice System and Law Enforcement: Rates at which cyber crime is detected, criminals
apprehended, and legal prosecutions pursued indicates the level and range of official response
to cyber crime as well as the effectiveness of law enforcement and policy measures.
Differentiating data on cyber crime is important from a state-centric view of IW, CNA and IE because
precursors and scatter from battlefield preparations may be registered as criminal activity before being
recognized as more serious threats. They are also important due to the economic costs of cyber crime.
Creating reliable datasets to characterize cyber phenomena is very challenging due to these problems:
• Covert Actions
o Adversarial cyber activities are often covert and undetected;
o When detected, victims are often unwilling to acknowledge covert activities;
o Refraining from certain conflictual activities and incomplete cooperation are negative
actions, which are indistinguishable from inaction;
•
10
Attribution
o Attribution of authorship is difficult, ambiguous, or impossible;
o Forensic analysis of attacks is time consuming and costly;
• Detection
o Operating system attacks (80%) may not leave a clear footprint like DDOS attacks.
• Obfuscation
o Volume of attack precursors is vast (e.g., spam, phishing, port scanning);
o Volume of system penetrations is large and growing rapidly.
• Ambiguity
o Attributes of the phenomenon itself may be unclear, ill-defined or emergent;
o Classification may not be possible without disambiguation based on correlated data.
Nevertheless, data collection is crucial for understanding and tracking cyber conflict and cooperation
and correlating it with other dimensions of international interaction. Over time, one can expect technical
systems to evolve towards higher assurance architectures, which are engineered to facilitate detection
of cyber incidents.
1.4.2 Data Theories
Before data can be collected, we need a data theory of categories that describes the form and
procedure for capturing data. The selection of data is motivated by the theoretical framework within
which specific analytical tools are used to learn new hypotheses and test them empirically. We intend to
integrate our proposed approaches (presented below) with existing conventions of data gathering,
development, reconciliation and analysis of data in international relations. This means that we must also
develop data theories customized to cyber ‘realities’ and cyber features.
Accordingly, we will develop codebooks for datasets that characterize countries and other relevant
entities according to the degree to which they depend on cyber systems for social, economic, and
military position. This information correlates with their vulnerability to cyber attacks as well as their ability
to project hard or soft power in cyberspace. We will develop codebooks for datasets that characterize
the general interactions of countries in cyber space, including cross boarder dimensions of social,
cultural, economic, political interactions, and codebooks for capturing the specific economic processes
that are linked by value chains in cyber space.
A fundamental challenge and an expected result of this project is integration and reconciliation of
‘real’ and cyber data about international relations. For example, we want to answer questions like where
on a hostility to friendship scale should we put a wide-spread denial of service attack by one country on
another, like the Estonian case. On the view of international law, this is unlikely to rise to the level of an
armed attack, but seems more hostile than a nasty rhetorical attack or economic sanctions. By
convincing answers to such questions, we will be able to extend with cyber events the traditional events
data sets (Merritt, et al., 1993; Schrodt, 1994, 2006) and enable analyses of how cyber actions relate to
international conflict and cooperation. In the years since the beginning of events data collection in the
1960s, the data code books and their categories have come to characterize disputes and quarrels
among states and non-state actors. For cyber actions, we will develop corresponding, compatible
categories of cyber conflict and cooperation actions and on their basis models of escalation and deescalation. Our data formats will include conventional feature vectors as well as phased-structured data
(Farris, Alker, Carley & Sherman, 1980; Sherman, 1987a, 1987b, 1988; Davies & McDaniel, 1993) suitable
for use in predicting escalation or de-escalation of hostilities (Mallery & Sherman, 1993a, 1993b).
We will also design strategies for harvesting data from structured and semi-structured sources,
including narrative text, e.g., news reports, blogs. These sources often usefully describe cases of cyber
conflict and cooperation, including the antecedents that led to various actions by participants. They may
also describe consequences of cyber events, for which data is needed if we want to make grounded
hypotheses about the impacts of cyber incidents on a system, by using precedent reasoning (Winston,
Alker) or another methodology suitable for a small sample size. Finally, our computer representations of
the sources as texts, i.e., syntactically and semantically interconnected words, are ideal for data and
knowledge fusion and also lend themselves to hierarchical abstraction. They thus, can support summary
reporting on cyber events with user-driven drill down based on question answering (Mallery, 1994).
•
11
1.4.3 Data Collection and Integration
Initial work in the project will involve identifying and collecting existing data sets relevant to cyber
international relations. The second step will involve proposing data theories. In the third step, the project
will make prioritized recommendations to OSD and other parties on data collection. It will also undertake
its own data collection efforts as academic research with outside collaborators. The project’s primary
data collection efforts will focus on event data, broadly understood as actor-action-target triples,
whether captured as feature vectors or structured graphs. Although the tasks recognizing cyber
incidents in log data and cyber events within cyber incidents will be framed by the program’s research,
these tasks are highly technical or costly and fall beyond our scope.
We will employ approaches to data collection and synthesis:
• Structured Reporting (Base): We will design Web-based interfaces for reporting cyber events
based on data codebooks. When automated systems exist, they will be able to enter data via a
programmatic version of these interfaces. Various data formats will be captured and generated.
• Contextual Data Fusion (Base): Given the importance of context for interpretation of data in
the physical as well as the cyber domains, we will identify existing datasets and integrate them
using interpolation technologies. (Madnick)
• Event Data Extraction (Option 1): We will explore the suitability and reliability of automated
methods for extracting event data from text (Gerner, et al., 1994; Schrodt & Gerner, 1994; Bond,
et al., 1997) for cyber related data.
• Machine Parsable Narratives (Option 1): We will specify rules for machine parsable English for
narrative descriptions of cyber interaction useful for language understanding systems capable of
precedent reasoning. Data will be captured or synthesized from structured sources.
• Content Analysis (Option 2): We will use computer-assisted textual analysis to extract meaning
from formal speeches, structured documents, and narratives about cyber attack and defense.
• Survey Research and Interview Schedules (Option 2): We will design instruments for
gathering semi-structured and open-ended reports on cyber incidents and events from experts.
1.4.4 Data Analysis & Interpretation
We will explore the suitability of these analytical techniques for pattern learning and recognition as well
as early warning and prediction:
• Machine Learning on Event Data (Base): Machine learning techniques, including entropy
based rule learning for non-rectangular data (Unseld & Mallery, 1992; Unseld, 1997) have been
productively applied to international relations data sets (Mallery, 1994). We will select and apply
the most promising algorithms and analytical tools in the area to the cyber conflict and
cooperation data assembled by the project.
• Text Modeling and Precedent Analysis (Option 1): Text modeling using natural language
systems (Alker & Mallery, 1988; Alker, et al., 1991) has been explored as an advanced
methodology for precedent reasoning (Alker, Bennet & Mefford, 1980; Winston 1975, 1980,
1992; Mallery, 1988, 1991; Mallery & Hurwitz, 1987). We will investigate precedent analysis of
text bases in machine parsable text for evaluating cascading effects of cyber disruptions as well
as explore representation and analysis of cyber conflict cases. This work will use CSAIL
research systems, like Winston’s cognitive representations for trajectories in time and space.
• Bayesian Pattern Recognition and Markov Modeling (Option 2): Bayesian pattern recognition
techniques (Alpert, 1975) and Markov modeling (Duncan & Siverson, 1975; Schrodt, 1976, 1998,
2000) have been applied to international event data. We will explore these techniques drawing
on local MIT CSAIL expertise and algorithms for Bayesian inference and Markov modeling.
1.5
Methods
1.5.1 Game Theory and Dynamic Simulations (Task E)
Risk analysis, game theoretic models and dynamic simulations will inform evaluation of policy proposals
and strategies. Beyond assessing how well proposals respond to the current and projected threats, risk
analysis also needs to estimate convincingly costs of future security failures and to identify the impact
on other key cyber issues, e.g., privacy, access, performance. As described below, a principal focus of
our research involves developing models for situations where actors face interdependent risks or need
to reach and abide by agreements against certain behaviors. We will use the results of this research and
12
other game theory models to analyze cyber defense proposals, involving two or more actors, as
problems of collective action, minimum coalitions or mutual deterrence, depending on the issue
involved, and to suggest incentive mechanisms for the desired behaviors.
Arguably, grounding our models in game theory and its assumptions of disinterested utility maximizing
players might be too pessimistic. Studies of “real world” collective actions find that extra rational factors,
such as belief in the “rule of law,” often motivate people to limit utility maximizing behavior, even in the
absence of sanctions. Consequently effective regimes for computer security might depend on the
diffusion and influence of norms for online behavior as well as capabilities for detecting and sanctioning
violations. Game theory may also be too simplifying in modeling players as individuals and economically
rational. In a broad international setting collusion is not easily punished, and irrationality should not be
excluded. Accordingly, we plan to develop game-theoretic mechanisms that are resilient to the presence
of both collusive and irrational players, i.e., Resilient Mechanism Design. Since model adequacy requires
the integration of such potential motivations and mechanisms, we will measure the prevalence and
diffusion of norms, values, laws and memes and their influence over different issues and domains of
cyber security and defense. System dynamics models will help ‘pull key pieces together’ taking into
account feedback, delays, and other inter-temporal processes. Because even powerful norms and/or
credible sanctions do not guarantee compliance with agreements, our modeling efforts will also simulate
different levels of violations and sanctioning to determine thresholds where parties find the costs
intolerable, then change the rules (more deterrence) or withdraw completely (unilateral, autarchic
strategies).
1.5.2 Resilient Incentives as a Secure Mechanism Alternative to Deterrence - Micali
In an international setting, the costs of detecting and punishing violators of agreements can be very high.
We propose to develop alternatives ways to analyze and design international interactions, so as to
lessen these difficulties and offer new and preferable policy recommendations and tools. In essence, we
propose to develop a new approach to Mechanism Design, with fundamental assumptions more aligned
with the needs and demands of strategic interactions in the international arena.
Mechanism Design, a crucial branch of Game Theory (Vickery, 1961; Osburn & Rubenstein, 1997),
enables the achievement of a desired social outcome, relying solely on individual incentives. A game is
designed so players by maximizing their individual utilities produce the socially valued outcome – in
effect, work for the common good. Although mechanism design ultimately is a mathematical concept, it
has influenced practical policies. However, it is traditionally based on two assumptions: (1) each player is
rational and (2) each player acts individually. In international settings it is often more appropriate to
assume players will act irrationally and two or more or them will collude. So even if a mechanism is
perfect from a traditional perspective (i.e., perfect with respect to individual players), it may offer no
guarantees whatsoever against collusive players.
We therefore propose to develop Resilient Mechanism Design (RMD), i.e., conceptual frameworks,
tools and techniques for designing mechanisms that are provably robust against the presence of
irrational or collusive players. The guarantees offered by RMD about their outcomes should continue to
hold even if groups of players secretly coordinate their actions in arbitrary ways, and have their own
internal enforcement methods to guarantee that each colluder stick to its secretly agreed upon action.
Since resilient mechanism design is also a mathematical discipline, we shall need to translate as
translate its abstract principles and techniques into realistic policies. But we shall have the advantage:
that the abstract framework and tools guiding the policies will be much closer to the reality of an
international setting. Thus, rather than having a policy modeled in too simplified a setting fail in practice,
we can be confident that a policy modeled for a very adversarial setting will work in an actual setting.
Collaboration among the team members will greatly help translate these mathematical ideas into
practical policies that take into account the constraints and structure of their application domains.
Incentives, Privacy, And Correctness In Perfect Negotiations: Sometimes parties with distinct
incentives can more easily reach agreement on a common policy when a mediator trusted by all of them
is present. Then each party can describe all its secret information and incentives to the mediator, who
will then correctly finds the agreement that maximizes the common good. Unfortunately, such mediators
are hard to find, even in the domestic, private sector. The possibility of such a mediator in international
negotiations is more remote. Consider, for example, the case of two countries, each of which has the
capability of conducting industrial espionage on some companies of the other. The first country is willing
13
to not spy on a particular subset of companies in the other country, as long as the other country agrees
not to spy on a subset of companies in the first country. To an external observer who knows the
preferences of each, mutually satisfactory agreement can be reached, but what if one or both countries
are reluctant to reveal which sets of companies it considers vital, unless the agreement is indeed
reached. They almost certainly would be reluctant to confide such secret to an external mediator.
We believe there might be a way to resolve such an impasse by building on techniques devised in
cryptography for multiple parties to correctly compute any function of their own secrets by themselves
(i.e., without relying on any external trusted party) and without revealing their secrets more than the final
desired result does. These techniques, however, rely on the honesty of the majority of the participants,
and honesty is probably not a realistic condition when the players are sovereign nations. Instead, we
plan to explore and design negotiation games that enable different players to reach agreement (or realize
that no agreement is reachable), without revealing their negotiating initial position, by relying on
incentives alone rather than honesty. In this case as with the resilient design mechanism, we will need
to ultimately face important questions about idealization, e.g., are the methods too complex to be
carried out by computationally or time bounded players? Does the specific structure of a domain limit
the applicability of the theoretic framework?
Related Work: Secure Mechanism Design and Secure Computation relate to the privacy and
correctness issues involved when players rely on a mediator. It aims at replacing the mediator with an
interaction among the players alone. As such, it bears on the ideal negotiating example, but not on the
design of resilient mechanisms. VCG (Clark, 1971; Groves, 1973) is a traditional mechanism that
achieves efficiency in general auctions. Ausubel and Milgrom (2006) have noted that it is not resilient at
all against collusion. Traditional (non-cooperative) game theory deals with how games will be played by
rational and individual players. The emphasis here is on what happens when we have not only individual
players, but also secretly colluding players that pose as acting independently.
1.5.3 Game Theoretic Modeling And Interdependent Risk Analysis - Ortiz
We will create a toolkit of novel computational game theoretic and economic models, and
correspondingly efficient algorithms, that will allow expert political scientists and policy makers to easily
explore and effectively apply game theoretic approaches to shared risks in cyber defense. The research
builds upon game theoretic models of Interdependent Security (IDS) (Kunreuther & Heal, 2002), which
capture a fundamental aspect of interdependent risks: the cost-effectiveness of an agent's decision to
invest in “security” depends on the decisions of other individuals in the population to which the agent is
exposed. They models project back to the individual level the common perception in cyber defense that
the chain is only as strong as its weakest link. IDS games provide an excellent start in our search to
frame problems about cyber defense using formal and computationally tractable models and solutions.
The close interactions and knowledge exchange expected between expert social scientists, policy
analysts and computer scientists in the project's team will enable creating, extending, adapting and
developing models that are realistic, practical, accurate and applicable.
The research will (1) introduce generalizations of IDS games to explicitly handle "external" agents (e.g.,
terrorists, hackers); (2) develop and explore stochastic versions of such games, which will allow us to
model scenarios where the detailed dynamics of the interactions are essential; (3) incorporate network
structure as a core component of the models; and (4) create novel machine learning techniques to both
infer qualitative network structure and quantify model parameters from behavioral data collected
throughout the project. We will study how local individual decisions affect the overall global security in
cyberspace, and pay particular attention to the role of network structure to characterize the stable
outcomes of the system. We will use the acquired knowledge to design novel algorithms to identify
"minimal coalitions" (Heal & Kunreuther, 2003), whose formation will lead to an overall improvement in
security with minimal external intervention in cyber space and efficient use of resources. (Such coalitions
could be achieved via a combination of incentives, regulations and diplomacy.) The research will make
extensive use of recent technological advances in the emerging area of computational and behavioral
game theory and economics (Nisan, et. al., 2007; Camerer, 2003), artificial intelligence (Russell & Norvig,
2003) and machine learning and the theoretical computer science community to address problems of
cyber defense at the international level. This research takes a different, but complementary approach to
Micali’s RMD altering of the behavior of agents and systems to achieve particular outcomes.
14
The computational models will help frame the articulation of the theoretical foundations, particularly
creating and making available practical models that explicitly incorporate the sources of threats,
compactly represent the complexities of international relations and facilitate explanations and
implications of cyberspace moves by state and non-state actors. The research will benefit from the
program’s area research and case studies that highlight these essential aspects that our models need to
take into account. In return, the models can improve the efficiency with which such cases are studied as
well as their generation of testable hypothesis and empirically based insights. The modeling can also
help guide the design of the data collection process, while the machine learning techniques developed
can help in the analysis of such data. The software tools resulting from the computational models,
algorithms and other technology generated as a by-product of the proposed research will naturally help
the study of threat mitigation and cyber defense as well as policy development and analysis.
Incorporating network structure as a core component of the IDS models continues previous work
(Kearns & Ortiz, 2003), but the general study of the relationship between network structure and behavior
is largely open, and is considered as a promising area of research (Jackson, 2007) with relevance to
network defense. Previous work in computer science has helped characterize the structure and
complexity of computing stable outcomes in terms of structural and statistical properties of the local
interaction game network (Kakade, et al., 2003; Kakade, et al., 2004a; Kakade, et al., 2004b). Other work
in economics has studied the problem of identifying the "key" player in game-theoretic models of a
particular parametric form with application to crime network, and characterize the properties of the such
"key" players based on "network centrality" concepts (Ballester et. al., 2004; Ballester et. al., 2006).
Recent work in theoretical computer science has studied the problem of identifying "influential nodes" in
dynamic models of contagion in networks (Kleinberg, et al., 2007). There has also been some recent
work within the multi-agent system's community to study computational problems in hybrid models
merging cooperative and non-cooperative game theory, including some within the context of cyber
security and defense.
The research is expected to create new knowledge about the properties of IDS games, make them
more widely applicable, and demonstrate their capabilities in the context of cyber defense and
international relations in cyberspace. The results will also generate new insights into the role of network
structure in the characterization and efficient computation of the stable outcomes in graphical (networkbased) games. We will be able to demonstrate the power of game theoretic modeling and computation
in specific policymaking processes and analysis tasks for some problems in cyber defense. We expect
the research to generate sophisticated computational tools that social scientists can use to frame and
thoroughly explore their models and develop testable hypothesis with ease. Using such tools, policy
makers and analysts will be able to perform risk analysis on their proposed policies, and explore and
study the effect of such policies in detail at a large scale. This capability can lead to the development
and implementation of better-informed and theoretically grounded policy decisions.
1.5.4 Simulations and System Dynamics Modeling – D. Goldsmith
We shall explore using the results of the game theory research described above and agent-based
modeling to represent the complexity and dynamics of situations where multiple actors with different
agendas and motives interact. In such situations local, limited interactions among a subset of actors
can affect overall outcomes and system stabilities or catalyze the emergence of new phenomena, e.g.,
coalitions, and these can be captured in the simulations. Simulations can also capture effects of
experience-based, endogenous changes in agents’ motives and values, i.e., learning, and other critical
path dependencies, e.g., reaching a tipping point in the broad acceptance of a standard or agreement.
The models thus can answer how-possible and what-if questions that are vital in evaluating the
prospects and strengths of policies.
We shall employ System Dynamics Modeling (SDM) to tie together actions and outcome in one sector
or module with effects and consequences in another sector or module. (Choucri, et al., 2007) SDM is an
approach for modeling and simulating complex physical and social systems. The core of the modeling
strategy is to represent system structure in terms of stocks, flows, and the causal mechanisms that
govern their rates of change. Feedback loops are the building blocks for articulating the causality
represented in these models. In this domain, the interaction among the various modular sectors (i.e.,
social, economic, political, scientific and cultural) can be used to explain overall system behavior, such
as identifying the sources and recognizing the evolution of cyber threats.
15
The appeal for the analysis of national security challenges associated with cyberspace lies in SDM’s
capacity to link observable patterns of behavior of a system to macro- and micro-level structure and
decision-making processes. In other words, models will be tightly grounded in observations of real world
cyber venues, but also will be associated with multiple theoretical frameworks of actor behavior. This
multi-level modeling approach incorporates complex interactions among different major actors and
entities while capturing non-linear causal relationships. By understanding how non-linear causal
connections among actors create different propensities for risk, we can use the model to explore policy
alternatives and identify high-leverage options to mitigate risk.
1.6
Institutional Constraints on Strategic Cyber Defense (Task F)
Although the game theoretic approaches require real world specifications, there are many open
questions regarding what international laws and Internet rules may limit the options for states in
providing cyber defense. Our team’s research into the problems of governing behavior in cyberspace
and the governance of cyberspace itself will investigate how these problems affect strategies of state
and non-state actors and the overall stability of cyberspace. It will also develop technologically
informed, institutionally realistic agendas, guides and proposals for policy makers and policy analysts.
1.6.1 International Law on Cyber Defense - J. Goldsmith
Designing an effective legal regime for responding to cyber attacks presents enormous challenges.
(Goldsmith & Wu, 2006; Hollis, 2008) These challenges are more urgent and difficult than related ones
presented by threats of nuclear, biological, and chemical weapons, yet the theoretical study of the legal
issues implicated by cyber attack is much less extensive and sophisticated than the theoretical study of
these related threats. (Schmitt, 1999; Barkham, 2001) So our research raises some prominent
challenges and investigates in collaboration with team members how input from social science and
technology can help cyber lawyers and policymakers craft their resolutions.
Self-Defense: On the view of international law, an armed response or even a response in kind to a cyber
attack is problematic. Consequently, the options space for credible deterrence or enforceable multilateral agreements may be limited. Under the UN Charter, a nation can use force against another nation
in self-defense, i.e., if it suffers an armed attack from that nation. The main questions here are whether
any cyber attack rises to the level of an armed attack, if so, on what basis, and whether responsibility for
the cyber attack can be attributed with some assurance to a foreign government. As noted in the
Estonian case, the attacks are the work of private citizens and plausibly deniable by their government.
(Indeed a state’s responsibility for and regulation of its citizens in cyberspace is an issue that cuts across
many fields of cyber law.)
Under the Laws of War, a self-defensive, armed or cyber attack on military targets in the other state is
permitted, providing it does not disproportionately damage civilians or civilian infrastructure. With selfdefensive attacks on computer networks, however, all sorts of unforeseeable and potentially large
consequences may befall civilian populations and infrastructures. For example, a self-defensive cyber
attack on a nation’s military command and control system might inadvertently but significantly affect a
nation’s private communication system or its electrical grid. The intelligence needed to make accurate
collateral damage estimates as required by law will frequently be absent in the short term in a largescale computer attacks for self-defense.
Multi-lateral agreements and International Regimes: Under any negotiated agreement or regime, the
United States would ideally want to maintain maximum flexibility in the offensive use of cyber weapons
while at the same time maintaining maximum capacity to defend its considerable computer resources
(as of course would other technically advanced countries). Coming up with a legal regime that balances
these factors properly requires enormous technical and theoretical expertise across many disciplines
ranging from computer science to international relations theory to game theory and law. Such intellectual
resources are also needed to spark genuine and mutually beneficial international cooperation in cyber
security and defense. Such cooperation is vital for many reasons. For example, an effective response to
a private cyber attack from one nation into another often depends on speedy cooperation between
government officials in both nations. This is very difficult to achieve because real-time cooperation
across borders is always hard, and because nations are wary about the intrusions on sovereignty that
such cooperation often entails. A good example of these difficulties can be found in the Cybercrime
Convention, which establishes minimum standards for what counts as criminal activity related to
computer networks. Less than a third of the nations of the world have signed on to the Cybercrime
16
Convention, and the Convention contains large exceptions to requests for assistance. On the whole the
Convention has not been very successful. And yet the Convention imposes many fewer reciprocal
demands on nations than a successful regime of preventing or minimizing cyber-warfare would require.
Assuming that there are collective action problems to be overcome (an assumption that depends on the
precise issue and the nations involved), overcoming them is very hard.
Domestic Law: Our research will also address the challenges for domestic law and government
operations that cyber defense policies can create. These include the effective lack of Congressional
oversight and timely notification for defensive cyber attacks by the military, the lack of a scheme for
coordinating agencies at officials across the federal government and at the state levels in response to a
cyber attack and the excessive secrecy within the government and between government and private
industry. For example, testimony at a recent Congressional hearing suggested that classification of a
power grid vulnerability hindered electric utilities from taking preventive measures recommended by the
government that had done the classification. Excessive government secrecy is an enormous problem,
and in few areas is the government as secretive as it is in the area of cyber attack and cyber warfare.
Any comprehensive policy on cyber attacks must confront the issue of secrecy both within and without
government. An intriguing research perspective is determining whether some help for this can be found
in cryptographic based procedures that could enable parties to reach working agreements without
revealing their respective secrets.
1.6.2 Global Internet Governance - Clark
The nature of the Internet is shaped both by technical decisions, e.g., the specification of standards,
and by policy decisions concerning key operational issues. These latter decisions are often referred to as
governance issues. In some respects, recent controversies over standards and governance of the
Internet have seen the same devolution of centralized control and expansion of contending international
parties. To the extent then that the US’s role in governing the Internet contributes to its global influence
(soft power), policies that help maintain that role are aspects of cyber defense. Of course there are also
possible operations and standards that could increase the cyber security of the US and other legitimate
Internet users. Policy makers need to know whether and how they work.
Contending bodies: Starting in the mid-1980s, the technical standards that define the Internet have
been set by an essentially self-governing group called the Internet Engineering Task Force (IETF). While
the IETF controls the standards that define the core of the Internet, there are other standards bodies: the
World Wide Web is specified by a consortium (the W3C) hosted at MIT, and many of the technology
standards, like Ethernet and Wi-Fi, are defined by the IEEE. The International Telecommunication Union
(ITU), which operates as an arm of the UN and sets standards for the telephone industry, is attempting
to define a role for itself in the Internet. It has set various standards at the application level, such as for
video coding. Some observers have asserted that today the IETF is dominated by equipment suppliers
and the ITU by traditional telecoms operators. There is a certain amount of “venue shopping” as different
actors vie to put forward their ideas.
Internet governance issues were initially resolved informally by volunteers under the leadership of Jon
Postel, who was seen to act with wisdom and disinterest. The transition to a more formal structure was
disrupted by Postel’s sudden death about 10 years ago. What emerged was the Internet Corporation for
Assigned Names and Numbers (ICANN). ICANN was created by the U.S. Department of Commerce,
which asserted the right to act because of the U.S. history of control over the DNS. The Internet has
grown enormously in the meantime, and ICANN has been predictably criticized as being U.S. centric, as
well as incompetent and power-hungry. In response to general global dissatisfaction with the
governance of the Internet, the UN General Assembly, acting through the ITU, convened the World
Summit on the Information Society (WSIS), which met twice, and involved heads of state and others of
similar stature. This highly political context is not generally viewed as having achieved any substantive
outcomes, but was a platform for many parts of the world to voice their dissatisfaction and present
alternative views of Internet governance. A follow-on activity under the leadership of the U.N. is the
Internet Governance Forum, or IGF, which will meet for the third time late this year. The agenda again
centers on the global nature of the Internet, and the perception that the Internet is still too much a
creature governed by US interests.
Two critical issues of global scope are how Domain Name System (DNS) names are allocated and
how Internet addresses are allocated. A DNS name such as “mcdonalds.com” can only be allocated to
17
one entity, so disputes over ownership of a name have a global component. The disputes over address
allocation center on how many addresses should be allocated to various parts of the world (the U.S. is
relatively rich in IP addresses compared to Asia, for example) and which entities should control those
addresses. In many parts of the world today, addresses are typically given in blocks to Internet Service
Providers, who are often trans-national. One proposal put forward by the ITU under Chinese leadership
was that addresses should be allocated to countries, which would then license them to ISPs within these
countries. This proposal would have given countries more control over the operation of their ISPs, and
made jurisdictional boundaries much easier to define and enforce.
Of course, there are also governance issues at the national level (e.g., spectrum policy for wireless,
and competition policy for residential access) and at the local level (e.g., access to right of way and
zoning for towers.) Certain issues that are traditionally regulated in the telephone system, such as the
rules for interconnection among carriers, remain unregulated in the case of the Internet, but there is
continuing concern that the actions of the private sector, if left entirely to them, will not lead to a network
with the best social outcome. The current US-origin debate over network neutrality and so-called
“network management”, or the rights of the ISP to shape or block certain traffic, will be a growing
concern over the next years.
In parallel with the evolution of formal governance bodies, we see the evolution of the private sector,
with consolidation in the ISP market, transnational mergers in the supplier sector (e.g., the merger of
Lucent with Alcatel) and emerging technology suppliers from other parts of the globe, such as China.
Governance of Information and Content: Above the technology layers of the Internet are at least
three important issues concerning information and content: protection of copyright, right of lawful
intercept (wiretap) and the state or other actors limiting access to certain information by state (and other)
actors. With respect to copyright, the U.S. is again seen as taking a U.S.-centric view, because of the
powerful influence of the U.S. content industries. The issues surrounding wiretap are complex, because
concerns about the need to combat terrorism collide with concerns about the use of such tools, once
embedded in technology, by more authoritarian governments. The desire of some countries to block
access to content they find offensive or inappropriate signals to some the future of the Internet, if it is
engineered to facilitate greater controls in the name of law enforcement.
Over the long run, the intrinsic security of the network can be improved, as well as the ability of the
network to limit the damage done to or by insecure nodes. Techniques include are new techniques to
regionalize the network and providing checks of authentication at trust boundaries, support for highly
diverse architectures that provide high levels of availability despite attacks and failures in the networks,
end to end confirmation of correct connection termination (to prevent so-called phishing and pharming
attacks), and redesign of applications to make it easier to insert suitable application-level checks into
communications. Policy makers will, of course, need to know the extent that these techniques reduce
our national vulnerability.
However, it is unlikely that the new Internet can solve the problem of attribution. Most cyber attacks
are carried out using many intermediate computers on the network, often-innocent nodes that have
themselves been infiltrated. So tracking back to the root of the attack involves unwinding a series of
connections; reliably knowing the identity of the first hop is only a small step. One proposal to identify
the attacker in the case of exfiltration of information is to secretly watermark the information itself. This
would demonstrate the provenance of the information and implicate the actor who gained it
surreptitiously. The implementation of such techniques would require considerable interaction among
the standard setting and governing layers of the Internet, law enforcement agencies, cyber lawyers and
government policy makers. Such rich stew of parties, often with competing interests and incentives, may
produce interesting but indigestible results. The collaboration of our team members, with their varying
expertise, might find practicable ways of assuring good cyber security measures are accepted.
1.7
International Strategies for Cyber Threat Mitigation (Task G) Choucri, full team
If comprehensive technical solutions require decades to develop and deploy and cyber threats continue
their exponential growth, international strategy must reduce cyber insecurity in the medium-term and
provide a sound basis for national security beyond. Of late, analysts have endeavored to fit cyber
defense into the framework of deterrence theories developed for nuclear weapons. Major differences,
however, make this approach ineffective at best and dangerous at worst. Our ability to attribute cyber
attacks is very poor due to the inability in the current network architecture to trace reliably and quickly
18
network packets to originating hosts. Even if the network were fully instrumented, we could not be
certain that the origin host had not been subverted by a 3rd party intending to provoke a conflict among
major powers. Furthermore, to whom can we attribute a sleeper attack long after the Trojan horse was
prepositioned? So, any threat to respond in kind or cross domain to cyber attacks is likely to be ignored
or dismissed as incredible. Threats become incredible when the adversary runs a low probably of
detection. Even if the attacker is detected, policymakers may be reluctant to respond to abstract losses,
in which nobody is killed or injured and no physical damage is inflicted.
Some have suggested that if we “catch” adversaries once in a thousand attacks, we should retaliate a
thousand fold. Such an approach, we believe, would be highly incredible, if announced, and very
destabilizing, if practiced. Like the stated Russian policy of reserving the right to respond to a cyber
attack with nuclear weapons, threats of dramatic escalations also carry low credibility. In this
environment, defense relies on what offense can learn, which may often be incomplete and late.
Nevertheless, we expect to spend considerable research time on developing and evaluating the potential
efficacy of defense strategies based partly on deterrence, practiced in carefully defined situations, such
as forms of graduated retaliation and cross-domain sanctions. Work on shared models of escalatory
cyber actions is also planned because it is crucial for avoiding unintended conflicts. Such models must
distinguish levels of attack and limit “all of nothing” thinking that interprets ostensibly hostile cyber event
as necessarily indicating hostile intent. To reduce risk of misperception, reliable communications lines,
like hot lines, become absolutely essential for the leadership to speak with their counterparts in
extraordinary situations when normal communications may have been disrupted.
A more promising approach is cooperative arrangements with friends and adversaries to work together
countering bad actors or sharing information. With friends, collective defense efforts, like the NATO
cyber defense arrangements, make good sense and help distribute best practices and situational
awareness among allies. With adversaries, cooperative deals can be struck to refrain from dysfunctional
behaviors and to protect important shared values, like trade, non-interference in world economic
functions, and not targeting civilians in cyber campaigns. Major powers will likely agree that
dissemination of national-level cyber capabilities to 3rd parties is potentially destabilizing and not worth
the limited benefits in camouflaging through criminal proxies activities of which they are suspected
anyway. Our research will include tracking the interest in and simulating the effects of such proposals.
In sum, lack of transparency makes deterrence exceedingly difficult to implement, but cooperative
strategies offer the possibility of agreements designed to increase transparency and assure verifiability.
1.8
Policy Analysis And Recommendations (Task H) – Carter, Choucri, Nye, Rosenbach
Integration of theories, methods, and policies: The research program will follow a modular
approach in applying theories and methods to produce domain- and system-level results. Specific
results can serve as inputs for analysis of other domains or evaluation of policies, resulting in the
connection of theories and methods across the issues of cyber security and timely frameworks for risk
analysis and policy evaluations. This strategy of accumulation and integration of theories and methods
follows new developments in Lateral Pressure Theory, which highlight the impact of cyberspace on
technology, economics and culture linking the real world and virtual domains. The approach mirrors the
increasing interdependencies of human activities at the global level and underscores the important of
smart policies and soft power in the conduct of international relations.
1.8.1 The Role of Soft Power in Cyber Defense (Nye)
The information revolution is transforming international relations. Two major power shifts are
occurring: the rise of Asian states, and power diffusion to non-state actors. As noted before, cyber
threats and potential cyber warfare illustrate increased vulnerabilities and loss of control of modern
societies in the face of both these shifts. Governments have mainly been concerned about hackers
attacks on their own bureaucracy’s information technology (IT) infrastructure, but experts point to social
vulnerabilities well beyond government computers, and in the murky world of the internet, attackers are
difficult to identify.
At the same time, the information revolution is increasing the role of soft or attractive power in world
politics. Traditionally, the key to success in world politics was whose army wins. Today it also matters
whose story wins. The ability to generate and propagate an attractive narrative is increasingly important
in world affairs, and the competition involves non-state as well as governmental narratives. American
19
policy makers will need to engage in two quite different conversations to limit damages from cyber
threats, and smart use of soft power will be part of those conversations.
One conversation relates to power transitions among states, with particular emphasis on the rise of
Chinese power. This need not be a zero sum game or even plotted as a mixed motive game. China and
the US can prosper simultaneously, and it is interesting that China’s President Hu Jintao has set a goal
of increasing China’s soft power. While China can use cyber techniques to damage the US, they can
also do so with military means. China can bring us to our knees, but in doing so they would bring
themselves to their ankles. Given the symmetry of the interdependence, it is possible to move beyond
deterrence and engage the Chinese in a dialogue about limits to threats and attacks in the cyber world
as well as in the military and economic worlds.
The second conversation is more difficult. Many non-state actors can threaten and attack, thinking
that we cannot be sure of attribution of the source, and even if we could, lack concrete targets for
retaliation. But many such organizations are concerned about both their survival and their soft power. Al
Qaeda is in the business of winning hearts and minds. By delegitimating their activities, we can strike at
their soft power and hold at risk something they care very much about. As for criminal non-state actors,
by developing interstates norms and treaties that delegitimate their activities and serve as a basis for
cooperation among governments, it is possible to isolate them the way pirates and privateers were a
century and a half ago. Internet access can be defined as a public good like freedom of the seas, and
denial of service attacks can be treated as a form of piracy about which governments are obliged to
cooperate. A first step is to separate governmental from non-state actors and prevent the former from
hiding behind the latter.
There are no simple solutions to cyber security. But cooperation among governments will be
important in a period of power shifts, and governments will need to use the full panoply of hard and soft
power tools at their disposal.
Figure 1 Cyber Policy Space
1.8.2 The Objects of Policy
We can expect numerous conversations with allies and adversaries, because of the number of complex
issues involved in securing and defending cyberspace. The diagram in Figure 1 represents layers and
modules that constitute cyberspace. The supply chain specifies, produces, connects and administers
the components, devices and bit flows through which cyberspace processes are realized.
The cyberspace layers comprise different domains of human and sometime purely machine activity
and their noetic outputs in beliefs, ideas and practices shared by different groups and communities. The
Governance layers are a superstructure of standards and processes that regulate these activities and
which derive their authority from informal consensus (soft power) or more formal agreements and
conventions. All the cells in this space can be sources of vulnerability or threat for the US and, as such,
20
they are all potential objects of cyber defense policies. By policies we mean expressions of how “we”
want things to function and rules on what to do when they do not function those ways. Some of the
cells might not need policies -- “if it isn’t broke, don’t fix it” -- but without a synoptic view of
cyberspace, like the diagram provides, policy makers might be surprised when something is broken in a
cell they had not previously noticed. For example, the possibility that ICs manufactured in China had
Trojans was ignored for some years in the sense of not thought about rather than dismissed. So the first
question a cyber defense policy maker or analyst needs to ask is whether her map covers the territory.
We believe our technologically informed, multidisciplinary approach provides such a map and can
update it in pace with the rapidly changing terrain. The second question is which cells require policy
fixes. Our team can produce guides and tools that help analysts answer that question, given its technical
knowledge resources, and its commitment to data development, threat profiling and risk analysis. The
next question may be whether the approach encoded by the policy proposal is appropriate for the issue.
In this regard our critiques of various strategic approaches, the cases histories, machine learning on the
data and the game theoretic modeling combined with legal analysis provide multifaceted frameworks for
deciding whether a proposed policy can work. Such a framework can be provided through conventional
academic means of training students and publishing books and papers, but also through software tools
we plan to deliver by the program’s fifth year.
Ideally, analysts should also be able to anticipate the effects of proposed policies on activities in
other cells or on the actions of other actors engaged in the cells. Again, we believe that our program
through research in realistic game theoretic and system dynamics modeling, and other methods,
discussed above, can provide guides and tools for addressing that issue. Finally, various parts of the
program’s research, from its development of event data for monitoring and alerting to its investigation of
soft power in cyber defense, can help answers questions about how success of a policy should be
measured and what is the expected time gap between a policy’s adoption and the result it seeks. In
sum, because the landscape of cyberspace and the real world it helps coordinate are complex and in
rapid flux. Policymakers and analysts need better methods for developing and evaluating cyber defense
policies that surpass standard cost-benefit analysis, deterrent logics and regime theories. Our research
program will provide those methods.
Cyberspace Policies and System Stability: Figure 2 locates cyber policies and proposals in a two
dimensional space, whose horizontal axis ranges from competition to cooperation and whose vertical
axis ranges from opaque and extra-legal to transparent and legal. Actors’ policies that support or
tolerate activities in the competitive-opaque (southwest) quadrant, like low level information warfare
(probing for battlefield awareness) and industrial espionage are potential sources of inter state conflict.
Exploitation of the Internet by terrorist and criminal groups are also in this quadrant. Policies in the
cooperative-legal (northeast) quadrant such as participation in the European Union Treaty on Cyber
Crime can help stabilize international relations. On that view, proposals that move actors toward
multilateral responses to cyber threats, in the traditions of arms control or rules of war, are more
conducive to stability than unilateral, covert responses and mutual deterrence. Policy relevant research
will consequently locate proposals within this space, evaluate their risks and benefits and analyze the
tradeoffs across differing conditions, e.g., levels of compliance, and time ranges. We will also consider,
in regard to system stability, semi-overt, competitive policies, like states’ filtering digital content available
to their citizen, and covert, cooperative policies, like alliance members’ sharing information about cyber
attack tools. In the middle of this space are policies that might be reached on the basis of sufficient
individual incentives under a design mechanism or through protocols that do not require parties to
disclose to one another their evaluations of outcomes. The policies of the respective parties are aligned
and non-conflicting, but they are not committed to a common goal. We shall also investigate the impact
of such arrangements on system stability, national security and national influence.
21
Figure 2 Dimensions of Cyber Policy
1.9
Innovation, Industrial Organization & Sector Strategies (Task I) – Madnick, Mallery
Truly effective solutions to cyber insecurity require technical innovation to computer and network
architectures which assure security by design and support high-productivity high-assurance software
development, intelligent configuration management, adaptive reconstitution, and intuitive user interfaces.
Because important elements of the necessary information assurance and computer science are missing,
organizational strategies are needed for rapid research, development and deployment of next generation
high-assurance commodity technologies. These efforts involve formulating strategies for effective basic
research, development and application insertion, university research modernization, expediting
certification and accreditation, and incentivizing industrial uptake. An important research issue involves
policy-trade offs between wide spread adoption of high assurance commodity systems and national
security interests, such as system and technology dissemination and impact on offense.
1.10 Related Research
In the past 15 years there has been spectacular proliferation of doctrine, research and studies, mainly
within military organizations, on information warfare, information operations, information exploitation,
net-centric warfare, their international legal ramifications and cyber security responses to them (NPS,
2008, for a recent bibliography). The same period also witnessed numerous studies and prognostication
on the social, economic, political and cultural impact of the Internet and new media at the domestic and
international level (Choucri, 2000), with (Benkler, 2007) being one of the best recent summaries. This
interest has spawned new courses, centers, e.g., Harvard’s Berkman Center for the Internet and Society,
and new departments at the university level, e.g., MIT’s Comparative Media Studies. Our research
program will benefit from these efforts, but we believe that it will be unique in its focus on international
system stability rather than narrow unilateral gain and its focus on broader cyber defense policies,
including supporting conceptual frameworks, data and methods.
1.11 Expected Results
We expect to produce results and thought leadership in the following areas:
• Effective theoretical understanding of interactions in international relations between the ‘real’
and cyber domains – with all critical implications for national defense.
• Case and area studies on the experiences and perspectives of key countries and transnational
actors.
• Cyber threat analyses to maintain awareness of the cyber terrain and its technical evolution.
22
•
•
•
•
•
•
•
•
•
Collection, fusion and advanced analysis of data sets based on new data theories as well new
analytical techniques, replicable research exemplars, foundations, principles, and metrics.
Robust governance principles for cyberspace, including technical, communications and
content dimensions.
Legal frameworks for regulating international competition and cooperation in cyberspace.
Strategies for cyber defense based on advances in RMD and IDS, among other approaches.
Policy frameworks for cyber defense.
Simulations of policy choices over time.
Education and training at the university level, through Congressional briefings and tutorials and
in mid-career refresher courses.
Publication of research papers and books on international cyber relations.
Workshops on a series of cyber defense topics.
1.12 Relevance to Defense Missions and Requirements
In the context of the Comprehensive National Cybersecurity Initiative (CNCI), this project will contribute
to the cyber defense mission by developing effective and technically grounded policy frameworks and
strategies based on new theoretical understandings, awareness of the cyber terrain, empirical findings,
case studies, advances in game theory and ground breaking legal analyses. Through research on new
data theories and focused analyses informed by international relations and novel algorithms, this project
will contribute to cyber indications and warnings efforts.
1.13 Potential Implications For National Defense
Cyber defense is already a top national security priority and the most critical and extensive technical
problem facing the US military, intelligence services and critical civilian sectors. For at least the next
decade, partial measures must be deployed to slow exponential rises in cyber crime, to suppress
nascent cyber terrorism, to reverse trends in industrial espionage, and to mitigate cyber threats to the
military, intelligence services and critical infrastructures. These measures will likely include technological
fixes, strategic policies and communications, international agreements and new laws. To assist the
development of such measures, the research effort will:
• Understand computing and networking as an environment and vehicle for conflict and
cooperation;
• Understand transformations in international orders as contexts for cyber defense and security;
• Identify emergent cyber threats and opportunities for effective responses;
• Anticipate limits, gaps and unintended consequences in policies;
• Provide frameworks for rigorous risk and impact analyses of cyber defense policies and
initiatives.
• Provide conceptual tools to study and enable cooperation in a potentially adversarial strategic
interaction;
• Provide theories and decision frameworks that enable policymakers to grasp the technical,
political and strategic dimensions of cyberspace and to evaluate proposed strategies and
agreements.
The research program will also include knowledge building in support of policies that encourage
effective R&D for transformational cyber assurance technologies (even when all the science is not
known) and for strategies that speed uptake of such high-assurance technology in the supply chain. If
successful, the Resilient Mechanism Design effort will provide a universal theoretical basis supporting
self-enforcing cooperation and yield effective applications to specific international negotiations and
agreements necessary for mitigation of cyber threats.
1.14 Education and Training
A major objective of the effort is to train a new generation of scholars, analysts and policymakers who
are fluent in cyber defense and international cyber relations.
MIT is updating the undergraduate course on “International Relations for the 21st Century,” which will
incorporate a cyber component. The January MIT independent activities period will be exploited for
outreach to the MIT community with tutorials and short courses. The Kennedy School will develop new
courses to train policy makers in cyber-related fields. It will also incorporate cyber defense into its
ongoing education and training programs for Congress and government officials. The Harvard Law
23
School will add additional focus on cyber defense to its existing educational programs on Internet and
Society. The MIT Sloan School of management will introduce students to cyber security administration.
Research and data sets will be disseminated, as appropriate, over a project Web site.
Micali will develop a new interdisciplinary field in Resilient Mechanism Design (RMS), create a course
to train students in the new field and author papers and other publications. In addition to teaching
tutorials in conference settings and participating workshops, Ortiz will publish research on
Interdependent Security (IDS) in computer science journals as well as broader publications like PNAS
and Science. He will also make software and publications available online. RSM and IDS tutorials and
interactions will bring these techniques to law and policy applications.
Undergraduate students at MIT and Harvard will be included in the project, but funded separately.
Eight full-time graduate students will be supported under the base budget, and if funded, option 1 will
support three more and option 2 two more.
1.15 Project Schedule, Milestones, and Deliverables
Research Milestones
Track
A
B
C
D
Investigators
Choucri,
Hurwitz, Mallery,
Nye
Hurwitz, Nye,
Carter
Clark, Mallery,
Rosenbach
Choucri,
Hurwitz,
Madnick,
Mallery, Winston
E
Micali, Ortiz, D.
Goldsmith
F
Clark, J.
Goldsmith
G
All PIs
H
Carter, Nye,
Rosenbach,
Choucri
I
Madnick, Mallery
2009
2010
2011
2012
Book
Framework
Indexes
Rmd Tools &
Concepts
2013
Book
China,
Russia
Theory For
Assessment
Non-State
Actors
Data
Codebook
Fused
Datasets
Prototype
Indicators
Results From
Analysis,
Indicators
Rmd Proofs
& Examples,
Sdm Demo
Rmd Initial
Applications,
Ids
Publications
Rdm Advanced
Tools, Ids
Simulations &
Hybrid Models
Rdm Extensions
Based On
Feedback, Ids
Applications,
Sdm Policy
Choices
Policy
Briefing
Stability
Analysis
Cooperative
Strategy
Alliance &
Coallitons
Strategy
By Issues
Congressional
Training
Policy
Policy
Policy
Book
Innovation
Policy
Uptake
Analysis
Incentive
Strategy
Cyber
Certification
Dilemma
Identification
Book
Book
The program will have the following research tracks (tasks in the project description). Key investigators
are identified for each track in the proposal above and the tables for deliverables and milestones.
A. Articulation of Theoretical Foundations: Delineate the broad domain of cyber defense with
emphasis on security threats, threat actors, and cyber actions. This will be grounded in
understanding of international system dynamics, including cyber-related transformations in
economic power, political authority, social organization and cultural dominance.
B. Area Research & Case Studies: Guided by theory, regional and case studies will examine key
actors in detail and evaluate potential impacts. Research in this area includes various government
policies on information control, cyber warfare capabilities and options of NATO, Russia, China, US,
and non-state actors and how they respond to and exploit threats and opportunities in cyberspace.
24
Research Deliverables
Track
A
B
C
D
Investigators
Choucri, Hurwitz,
Mallery, Nye
Hurwitz, Nye,
Carter
Clark, Mallery,
Rosenbach
2009
Workshop
Working
Papers
Index &
Assessments
Choucri, Hurwitz,
Madnick, Mallery,
Winston
E
Micali, Ortiz, D
Goldsmith
G
Clark, J.
Goldsmith,
F
All PIs
H
Carter, Nye,
Rosenbach,
Choucri
I
Madnick, Mallery
2010
Working
Papers
Index &
Assessments
RMD
Framework,
SDM Demo
Innovation
Policy
2012
Book
Data Code
Books,
Congressional
Training
2011
Policy
(Briefing)
Strategies
Workshop
Policy
(Briefing,
Tutorials)
Uptake
Analysis
Working
Papers
Index &
Assessments
Fused Data,
Results Based
On Analysis
Indicators,
Workshop
2013
Book
Working
Papers
Index &
Assessments
Working Papers
Index &
Assessments
Results Based
On Analysis,
Indicators
Results Based
On Analysis,
Indicators
IDS Models &
Tools,
RMD
Applications
IDS
Applications
Workshop
RMD
Applications,
IDS
Applications,
SDM Of Policy
Policy, Book
Policy
Policy, Book
Strategies
Strategies
Strategies,
Workshop
Policy
Policy
Book
Incentive
Strategy
C. Cyber Threat Analysis: This research tracks and analyzes evolving cyber threat landscape,
including actors, capabilities and vulnerabilities, as well as corresponding technical requirements for
cyber defense.
D. Data Development & Analysis: Research will develop data theories as well as collection strategies
and techniques. It will identify available data sets and collaborate with government, industry and
academia to enhance those data sets through new theoretical and analytical approaches.
E. Game Theory & Dynamic Simulations: Efforts will focus on Resilient Mechanism Design and
Interdependent Security as well as system dynamics simulations of international system stability.
F. Legal And Policy Approaches To Governance: This effort will propose legal frameworks for
international cooperation and cyber conflict as well as domestic cyber security policy. It will also
suggest policy approaches for Internet governance as well as incentives to encourage
transformation of cyber infrastructures and IT supply chains for greater security and resilience.
G. Strategies for Threat Mitigation and Cyber Defense: This will propose strategies and frameworks
for threat mitigation and cyber defense together with analyses of their strengths and limitations.
H. Policy Development and Analysis: Development of a knowledge base and guide for policy makers
in their developing policies for assuring, regulating, exploiting and governing cyberspace.
I. Industrial Organization, Innovation, and Sector Strategies: As an option, this track will research
the conditions, organizational structures, initiatives and policies needed to produce new
transformational hardware and software necessary for technological solutions to cyber insecurity.
1.16 Assertion of Data Rights
No proprietary claims.
1.17 Management Approach
Nazli Choucri will serve as the PI, with responsibility for coordinating the overall research effort and
maintaining its focus. A program policy committee, consisting of the PI, Nye (Harvard), Clark (CSAIL) will
provide oversight. It will work together with the project manager (Hurwitz) to provide intellectual
integration of the program. The project manager will monitor task execution and manage collaboration
among the investigators. Each participating center will have a point of contact who coordinates local
execution of the project plan with the project manager based on guidance from the steering committee
25
and the PI. They are: Choucri for the Political Science Department; Eric Rosenbach for the Belfer Center
for Science & International Relations of the Harvard Kennedy School of Government; Goldsmith for the
Harvard Law School; Madnick for the Sloan School of Management; and Clark for the Computer Science
and Artificial Intelligence Laboratory. The steering committee will designate the best messengers to
interface with policymakers, government and industry for each case and support them with the
combined intellectual resources of the program.
An advisory committee drawn from industry, academia and government experts on international cyber
relations will help assure the value of the program’s research and the effectiveness of its management.
This committee will meet twice yearly with senior investigators to review progress, assess current efforts
and identify emergent research issues. The steering committee will consider the committee’s advice as
they assess progress, identify emergent issues and align goals for the following six months.
To enhance internal communication and knowledge building, the research team will meet online or
face to face on a weekly basis to discuss issues, problems and solutions across the project and in
particular areas. Team members are also expected to comment regularly on a project blog about their
own and fellow team members’ research. During the academic calendar, the project will conduct
bimonthly seminars, where team members and external speakers will lead discussions on topics in
international cyber relations. These sessions will be open to the wider MIT-Harvard and Boston
communities. Concurrently, we will hold weekly seminars for the research assistants and their direct
supervisors to ensure sustained interaction and cohesion within and across the individual efforts.
Research results will be disseminated through co-branded and co-authored working papers series at
the MIT Center for International Studies (CIS) and the Belfer Center, and by a program web site. Team
members can also present new results at an annual workshop where they and invited participants will
discuss in depth a focal topic in cyber defense. As already noted, team members will integrate program
relevant material into the courses they teach; they will also supervise masters and doctoral students
whose theses fall with the project’s scope. In addition, the team will offer seminar-style training and
information sessions to members of the federal government’s executive and legislative branches.
As new topics arise that require additional research leadership, the PI in conjunction with other co-PIs
will identify faculty or research staff with appropriate expertise within the MIT and Harvard community
who can lead such efforts. Additional staffing will be particularly relevant for the two options, which
pursue new research thrusts.
MIT will administer all project funds and distribute funds to Harvard researchers through a single
subcontract to the Belfer Center and to outside consultants through separate subcontracts. CIS, CSAIL
and the Belfer Center will provide facilities for the seminar series and annual workshop. The Political
Science Dept. and CSAIL will provide office space for MIT team members on an “as needed” basis.
Sub-awards: The project will include people and groups who can make substantial contributions to the
research effort, but will not be directly involved in training students at Harvard and MIT. Luis Ortiz, an
assistant professor at Stony Brook University, has been named a co-investigator in the core proposal to
help develop economically oriented, computational tools for analyzing risk in networks and other
interdependencies. Choucri will coordinate his work with other research and Hurwitz will monitor his
progress. We are considering for Option Layer 1 a group like the United States Cyber Consequence
Unit (USCCU) to fill a consulting role. It is a non-academic 501(c)3 organization that investigates cyber
security breaches on behalf of US government agencies and financial institutions.
Collaborations: We have made contact with a number of outside organizations and we are exploring
areas of possible collaboration. These organizations include:
• Bureau of Intelligence and Research, US Department of State (Threat mitigation, diplomatic
strategy)
• Center for Computational Social Sciences, George Mason University (innovations, analysis)
• MIT Lincoln Laboratory (cyber indication and warnings)
• Sandia National Laboratory (cyber indications and warnings)
• Symantec Inc. (Data theory, data collection and possible student support)
Time Commitments: The PI, co-investigators and key personnel will be involved with the program
through the course of the entire year. Their respective commitments in terms of months and FTE
percents are as follow: Choucri, 3 months, 25%; Ashton Carter, 2 months, 18%; David Clark, 1.2
months, 10%; D. Goldsmith, 3 months, 25%; J. Goldsmith, 1 month, 8%; Hurwitz, 6 months, 50%;
26
Madnick, 1 month, 8%; Mallery, 6 months, 50%; Micali, 2 months, 18%, Nye, 1 month, 8%; Ortiz, 1.5
months, 13%; Rosenbach, 2 months, 25%; Winston, 1 month, 8%.
We believe the research is remarkably qualified to conduct the programʼs research and realize its
goals, due to their research experience, scholarly accomplishments, insights into cyberspace and
knowledge of policy making. Here are some details for several of the teamʼs members.
• Ashton Carter is an expert on nuclear strategy and managing nuclear weapons, a longtime member
of the Defense Science Board and the Defense Policy Board, and chair of the International and
Global Affairs faculty at the Harvard Kennedy School of Government. He is also a member of
several other advisory panels to the government and foreign policy review groups, Co-Director (with
former Secretary of Defense William J. Perry) of the Preventive Defense Project, a research
collaboration of Harvard and Stanford Universities and the author of several books and numerous
papers on security and defense policies.
• Nazli Choucri (PI) has authored several books and over 120 articles in international relations. Her
book, Cyber Politics in International Relations (MIT Press, forthcoming) directly relates to the
proposed research. She is associate director of MIT’s Interdisciplinary Technology and Development
Program (TDP), which is known for its wide reach in international collaborative research; she also
directs the multilingual Global System for Sustainable Development (GSSD). In education, she has a
long record of introducing new directions and courses in the MIT educational curriculum.
• David Clark was chief Protocol Architect of the Internet (1981 – 1989), a chairman of the Computer
Science and Telecommunications Board of the National Academies, and is currently do-director of
the MIT Communications Futures Program. His current research looks at re-definition of the
architectural underpinnings of the Internet and the relation of technology and architecture to
economic, societal and policy considerations.
• Jack Goldsmith is a leading internet regulation expert, co-author of Who Controls The Internet:
Illusions of a Borderless World (2006), a member of the National Academies' ongoing project on
Policy Consequences and Legal Ethical Implications of Offensive Information Warfare, and the
author of many books and articles on international law and international relations. As Assistant
Attorney General, Office of Legal Counsel (2003-2004 he advised the President and Attorney
General on legal issues concerning communications technologies, war, and international law.
• Joseph Nye is University Distinguished Service Professor and former dean of Harvard’s Kennedy
School of Government. He joined the Harvard Faculty in 1964, and taught one of the largest core
curriculum courses in the college. In 2005, Foreign Policy listed him as one of the top ten scholars of
international affairs. He has also been Deputy to the Under Secretary of State for Security
Assistance, Science and Technology and chaired the National Security Council Group on
Nonproliferation of Nuclear Weapons, chairman of the National Intelligence Council, and Assistant
Secretary of Defense for International Security Affairs, where he also won the Distinguished Service
Medal with an Oak Leaf Cluster. His recent books are Soft Power: The Means to Success in World
Politics (2004), an anthology, Power in the Global Information Age (2004), a textbook Understanding
International Conflict (6th ed. 2006), and The Powers to Lead (2008).
• Stuart Madnick has been head of MIT’s Information Technologies Group for more than twenty years
and has been a key designer and developer in many information technology projects, including
Lockheed’s DIALOG information retrieval system. He has been the PI of the DARPA-funded
research effort on Context Interchange. His over 250 published books, articles and reports includes
the classic textbook Operating Systems and The Dynamics of Software Development.
• Silvio Micali is a member of the National Academy of Science and has investigated for 30 years
adversarial interactions of many players. He introduced fundamental notions to cryptography, such
as zero-knowledge proofs, and co-authored fundamental results, such as secure multi-party
computation.
27
2
Facilities and Other Resources
We are not aware of any special Government resources that will benefit this effort, but we are naturally
interested in collaborations and dialogues that advance the research effort.
The project will benefit from the rich intellectual environment of the MIT and Harvard communities. The
follow centers and schools are resources upon which the project mat draw:
• Belfer Center for Science and International Affairs at Harvard’s John F. Kennedy School of
Government s the hub of the Harvard Kennedy School's research, teaching, and training in
international security affairs, environmental and resource issues, and science and technology
policy. The Center's mission is to provide leadership in advancing policy-relevant knowledge
about the most important challenges of international security and other critical issues where
science, technology, environmental policy, and international affairs intersect. The center’s
resident research community comprises more than 150 scholars including Harvard faculty,
analysts, practitioners, and each year a new, international, interdisciplinary group of research
fellows. The Center's work is enriched by frequent seminars, workshops, conferences, and
discussions with distinguished visitors from the policy arena, colleagues from universities and
research institutions, and affiliates at Harvard and in the greater Boston area.
• Harvard Berkman Center for Internet and Society is one of the country's leading Internet
research centers. It was founded to explore cyberspace, share in its study, and help pioneer its
development. It represents a network of faculty, students, fellows, entrepreneurs, lawyers, and
virtual architects working to identify and engage with the challenges and opportunities of
cyberspace.
• Harvard Kennedy School of Government has evolved into one of the world’s most eminent
social science research institutions – housing 15 research centers and institutes and more than
thirty executive education and degree programs – with worldwide reach and influence. More
than 27,000 Kennedy School alumni reside in 137 countries and serve in a wide range of
positions in the public, private and nonprofit sectors. Through its distinguished faculty,
innovative research centers, diverse student body and global network of accomplished alumni, it
is redefining what it means to advance the public interest while honoring John F. Kennedy’s call
to public service.
• Harvard Law School has over 1900 students, 100 full time professors, and 150 visiting
professors. The HLS library is the second largest at Harvard with a staff of 94 librarians, a
budget of over $10 million, and 1.7 million volumes.
• MIT Center for International Studies (CIS) has capitalized since World War II on MIT's great
strengths in science and engineering, examining the international aspects of these fields as they
relate to both policy and practice, and focusing on those issues where science and engineering
intersect most closely with foreign affairs. CIS includes 160 members of the MIT faculty and
staff, mainly drawn from the departments of political science and urban studies, and visiting
scholars from around the world.
• MIT Comparative Media Studies Program focuses on key issues surrounding media change,
which cuts across different national borders and delivery techniques and develops in-depth
understanding of multiple media traditions, old and new. Program members regularly consult
with leaders in industry, the arts, public policy, journalism, education and the non-profit sector.
• MIT Computer Science & Artificial Intelligence Laboratory (CSAIL) is the largest
interdepartmental laboratory on the MIT campus, with over 90 principal investigators and nearly
800 members. Its primary mission is research in all aspects of both computer science and
artificial intelligence, and allied application fields. The laboratory brings together researchers
from 7 academic departments, including Electrical Engineering and Computer Science,
Mathematics, and Brain and Cognitive Science. CSAIL also hosts the World Wide Web
Consortium.
• MIT Cryptography and Information Security Group at CSAIL is a world center for research in
cryptography, and the wider community at MIT and Harvard include many top cryptographers.
28
•
•
MIT Political Science Department carries forward from 1995 a tradition of focus on
international issues and. It has focus areas in international politics and security studies,
American politics, comparative and international political economy, and comparative politics of,
Japan, the Middle East, South Asia, and Latin America. The Department has an orientation
toward domestic and international public policy issues, both domestic and international as well
as an ability to interact with scientists, engineers, and other social scientists at MIT and Harvard.
MIT Sloan School of Management is one of the world’s leading business schools —
conducting cutting-edge research and providing management education to top students from
more than 60 countries. Since its inception in 1914 as an offshoot of the MIT Economics
Department, the scope and depth of the School’s educational focus have grown steadily in
response to advances in the theory and practice of management to today’s broad-based
management school. It has offered master’s degrees in management since 1925 and executive
education as MIT Sloan Fellows since 1931.
29
3
Equipment
We do not anticipate need for any special equipment or test facilities.
30
4
References
Alker, H. R., Jr., ``Polimetrics: Its Descriptive Foundations,'' In The Handbook of Political Science, volume
7, F. Greenstein and N. Polsby, eds, Reading: Addison-Wesley, 1975: 140-210.
Alker, H. R., Jr., & T. J. Biersteker, “The Dialectics of World Order: Notes for a Future Archeologist of
International Savior Faire,” International Studies Quarterly, 28, 1984: 121-142.
Alker, H. R., Jr., G. Duffy, R. Hurwitz, and J. C. Mallery, ``Text Modeling for International Politics: A
Tourist's Guide to RELATUS,'' In Artificial Intelligence and International Politics, V. Hudson, ed, Boulder:
Westview Press, 1991: 97-126.
Alker, H. R., Jr., and J. C. Mallery, ``From Events Data To Computational Histories: A RELATUS-Based
Research Programme In International Cooperation and Conflict,'' paper presented at The 1988 Meeting
of The International Studies Association, 1988.
Alker, H. R., Jr., J. Bennett, and D. Mefford, [1980], ``Generalized Precedent Logics for Resolving
Insecurity Dilemmas,'' International Interactions, 1980, 7: 165-206.
Alpert, Eugene J., Capabilities, “Perceptions and Risks: A Bayesian Model of International Behavior,”
International Studies Quarterly, 20 (3), 1976: 415-440.
Ausubel, L. M. and Milgrom, P. “The Lovely but Lonely Vickrey Auction. Combinatorial Auctions,” 2006:
17-40.
Benkler, Y., The wealth of networks: how social production transforms markets and freedom, New
Haven: Yale U. Press, 2007.
Bond, Doug, J. Craig Jenkins, Charles L. Taylor and Kurt Schock, “Mapping Mass Political Conflict and
Civil Society: The Automated Development of Event Data,” Journal of Conflict Resolution, 41 (4), 1997:
553-579.
Breiman, L., J. Friedman, C. J. Stone, R. A. Olshen, Classification and Regression Trees, Boca Raton,
FL: CRC Press, 1998. Originally published in 1984.
Butterworth, R. L., with M. E. Scranton, Managing Interstate Conflict, 1945-74, New York: Knopf, 1976.
Butterworth, R. L., Managing Interstate Conflict, 1945-79, Final Report to ARPA, State College:
Department of Political Science, Pennsylvania State University, February, 1980.
Choucri, Nazli & Robert C. North, Nations in Conflict: National Growth and Industrial Violence, San
Francisco: Freeman, 1975.
Choucri, N., “Knowledge Networking for Global Sustainability: New Modes of Cyber Partnering,” in D. J.
Richards, B. R. Allenby, &W. D. Compton, eds., Information Systems and the Environment, Washington:
National Academy Press 2001: 195-210.
Choucri, N., et al., eds., Mapping Sustainability: Knowledge e-Networking and the Value Chain, London:
Springer, 2007.
Choucri, N., Goldsmith, D., Madnick, S., Morrison B., Siegel, M. “Using System Dynamics to Model and
Better Understand State Stability,” System Dynamics Conference, Cambridge, MA, 2007.
31
Clarke, E. H. “Multipart Pricing of Public Goods.” Public Choice, 11, 1971: 17-33.
Camerer, C., Behavioral Game Theory: Experiments On Strategic Interaction, Princeton University Press,
2003.
Davies, J. L., & C. K. McDaniel, “The Global Event-Data System!,” in (Meritt et al., 1993).
Duncan, G. and R. Siverson, “Markov Chain Models for Conflict Analysis: Results from Sino-Indian
Relations, 1959-1964,” International Studies Quarterly,19, 1975: 344-374.
Farris, L., H. R. Alker, Jr., K. Carley, and F. L. Sherman, ``The Phase/Actor Disaggregated ButterworthScranton Codebook,'' Working Paper, Cambridge: Center for International Studies, M.I.T., 1980.
Gerner, Deborah J., Philip A. Schrodt, Ronald A., Francisco, and Judith L. Weddle, “The Machine Coding
of Events from Regional and International Sources,” International Studies Quarterly, 38, 1994:91-119.
Goldsmith, Jack, & Tim Wu, Who Controls The Internet? Illusions of a Borderless World (2006)
Gosler, James, “The Digital Dimension,” in Transforming U.S. Intelligence, J. E. Sims and B. Gerber,
eds., Washington, DC: Georgetown University Press, 2005: 96-115.
Groves, T., “Incentives in Teams.” Econometrica, 41, 1973: 617-631.
Heal, G., & Kunreuther, H., “You only die once: Managing discrete interdependent risks,” Columbia
Business School and Wharton Risk Management and Decision Processes Center, Working paper,
2003.
Hollis, Duncan B., "New Tools, New Rules: International Law and Information Operations," in The
Message of War: Information, Influence and Perception in Armed Conflict, eds., G. David and T.
McKeldin, forthcoming 2008.
Jason Barkham, “Information Warfare and International Law on the Use of Force," New York University
International Law and Politics. 34, 2001: 57-113.
Kakade, S., Kearns, M., Langford, J., & Ortiz, L., “Correlated Equilibria In Graphical
Games,” in Proceedings of the ACM Conference on Electronic Commerce, 2003.
Kakade, S. M., Kearns, M., & Ortiz, L. E., “Graphical economics,” Proceedings of the 17th Annual
Conference on Learning Theory, Berlin: Springer, July 2004a: 17–32.
Kakade, S. M., Kearns, M., Ortiz, L. E., Pemantle, R., & Suri, S., Economic properties of social networks,
Neural Information Processing Systems (NIPS), 2004.
Kleinberg, J., “Cascading Behavior in Networks: Algorithmic and Economic Issues,” in (Nisan, et al.,
2007: 613–632).
Kunreuther, H., & Heal, G., “Interdependent Security,” Journal of Risk and Uncertainty, Special Issue on
Terrorist Risks, December, 2002.
Nisan, N., T. Roughgarden, ́Eva Tardos, & V. V. Vazirani, eds., Algorithmic Game Theory, Cambridge
University Press., 2007.
32
Mallery, J. C., Thinking About Foreign Policy: Finding an Appropriate Role for Artificially Intelligent
Computers, Master's Thesis, Cambridge: Department of Political Science, M.I.T., February, 1988.
Mallery, John C., “Semantic Content Analysis: A New Methodology for The RELATUS Natural Language
Environment,” in Artificial Intelligence and International Politics, V. Hudson, ed., Boulder: Westview
Press, 1991.
Mallery, John C., “Beyond Correlation: Bringing Artificial Intelligence to Event Data,” International
Interactions, 1994, 20 (1-2): 101-145.
Mallery, J. C., and R. Hurwitz, ``Analogy and Precedent in Strategic Decision-Making: A Computational
Approach,'' paper presented at The 1987 Meeting of the American Political Science Association, 1987.
Mallery, J. C., and F. L. Sherman, ``Learning Historical Rules of Major Power Intervention in the Post-War
International System,'' paper presented at The 1993 Meeting of the International Studies Association,
Acapulco, Mexico March, 1993a.
Mallery, J. C., and F. L. Sherman, ``Learning Rules of Phase Transition in the Presence of Conflict
Managers: Identifying Historical Precedents in the Post-War International System,'' paper presented at
The 1993 Meeting of the International Studies Association, Acapulco, Mexico March, 1993b.
Marlatt, G., Information Warfare And Information Operations (IW/IO): A Bibliography, Monterey, CA:
Dudley Knox LIbrary, Naval Postgraduate School, 2008.
Merritt, R. L., R.G. Munchester & D. Zinnes, eds., International Event Data Developments: DDIR Phase II,
Ann Arbor: University of Michigan Press, 1993.
Nye, J. S., Soft Power: The Means to Success in World Politics, New York: Public Affairs, 2004.
Nye, J. S., ”The Place of Soft Power in State-Based conflict Management,” in Chester A. Crocker, Fen
Osler Hampson, and Pamela Aall, eds., Leashing the Dogs of War: Conflict Management in a Divided
World, Washington: United States Institute of Peace Press, 2007a.
Nye, J. S., “Culture, Soft Power, and ‘Americanization,” in David Held and Henrietta Moore, eds.,
Cultural Politics in a Global Age; Uncertainly, Solidarity and Innovation, London: Oneworld Publications
2007b: 168-175.
Nye, J. S., "Notes for a Soft Power Research Agenda," in Felix Berenskoetter and M. J. Williams, eds.,
Power in World Politics (London, Routledge, 2007c)
Osborne, M. J. and Rubinstein, A., Game Theory, Cambridge: MIT Press, 1997.
Russell, S. J., & Norvig, P., Artificial Intelligence: A Modern Approach, Prentice-Hall, 1995.
Schmitt, Michael, "Computer Network Attack and the Use of Force in International Law: Thoughts on a
Normative Framework," Columbia Journal of Transnational Law, 37, 1999: 885-937.
Schrodt!, Philip A., “Richardson’s Model as a Markov Process,” in Mathematical
Models in International Relations, eds. D. Zinnes & J. Gillespie, Praeger, 1976.
Schrodt!, Philip A., “The Statistical Characteristics of Event Data,” International Interactions, 20, (1-2),
1994: 35-53.
33
Schrodt!, Philip A., “Forecasting Conflict in the Balkans using Hidden Markov Models,” paper presented
at The 2000 Meeting of the American Political Science Association, September, 2000.
Schrodt!, Philip A., “Twenty Years of the Kansas Event Data System Project,” The Political
Methodologist, 14 (1), 2006: 2-6.
Schrodt, Philip A. and Deborah J. Gerner, “Validity assessment of a machine-coded event data set for
the Middle East, 1982-1992.” American Journal of Political Science, 38, 1994: 825-854.
Schrodt!, Philip A., “Pattern Recognition of International Crises Using Hidden Markov
Models,” in Non-linear Models and Methods in Political Science, ed. D. Richards,
Ann Arbor: University of Michigan Press, 1998.
Sherman, F. L., Partway to Peace: The United Nations and The Road to Nowhere, State College:
Doctoral Dissertation, Department of Political Science, Pennsylvania State University, 1987.
Sherman, F. L., ``Four Major Traditions of Historical Events Research: A Brief Comparison,'' paper
presented at the M.I.T./D.D.I.R Conference on ``New Directions for Storing, Indexing, Retrieving, Coding
and Analyzing Information on International Events,'' Cambridge: Center for International Studies, M.I.T.,
November, 1987.
Sherman, F. L., ``SHERFACS: A New Cross-Paradigm, International Conflict Dataset,'' paper presented
at The 1988 Meeting of The International Studies Association, 1988.
Unseld, S., & J.􏰁C. Mallery, “Interaction Detection in Complex Datamodels,” Cambridge: MIT Artificial
Intelligence Laboratory, AI Memo, May 1992.
Unseld, S., Exploration of International Relations Data: An Object-oriented Approach, IEEE Computer
Society Press, 1997.
Vickrey, W., “Counterspeculation, Auctions, and Competitive Sealed Tenders,” Journal of Finance, 16,
1961:8-37.
Wickboldt, A., & N. Choucri, “Profiles of States as Fuzzy Sets: Methodological Refinement of Lateral
Pressure Theory,” International Interactions, 12 (2), June 2006: 153-1881.
Winston, P. H., ``Learning Structural Descriptions from Examples,'' In P. H. Winston, ed., The Psychology
of Computer Vision, New York: McGraw-Hill, 1975: 157-210.
Winston, P. H., ``Learning and Reasoning by Analogy,'' In Communications of the ACM, December,
23(1980).
Winston, P. H., Artificial Intelligence, 3rd edition, Reading: Addison-Wesley, 1992.
34
5
5.1
Curriculum Vitae
Ashton B. Carter
A. Professional Preparation
Dr. Ashton B. Carter received bachelor's degrees in physics and in medieval history from Yale
University, summa cum laude, Phi Beta Kappa in 1976. In 1979, he received his doctorate in
theoretical physics from Oxford University, where he was a Rhodes Scholar.
B. Professional Appointments
Dr. Carter is chair of the International and Global Affairs faculty at Harvard’s John F. Kennedy
School of Government. He is also Co-Director (with former Secretary of Defense William J.
Perry) of the Preventive Defense Project, a research collaboration of Harvard and Stanford
Universities.
C. Publications
In addition to authoring numerous articles, scientific publications, government studies, and
Congressional testimonies, Dr. Carter co-edited and co-authored eleven books, including
Keeping the Edge: Managing Defense for the Future (2001), Preventive Defense: A New Security
Strategy for America (1997), Cooperative Denuclearization: From Pledges to Deeds (1993), A
New Concept of Cooperative Security (1992), Beyond Spinoff: Military and Commercial
Technologies in a Changing World (1992), Soviet Nuclear Fission: Control of the Nuclear Arsenal
in a Disintegrating Soviet Union (1991), Managing Nuclear Operations (1987), Ballistic Missile
Defense (1984), and Directed Energy Missile Defense in Space (1984).
D. Synergistic Activities
Dr. Carter served as Assistant Secretary of Defense for International Security Policy during
President Clinton’s first term (1993-1996). His Pentagon responsibilities encompassed:
countering weapons of mass destruction worldwide, oversight of the U.S. nuclear arsenal and
missile defense programs, policy regarding the collapse of the former Soviet Union (including its
nuclear weapons and other weapons of mass destruction), control over sensitive U.S. exports,
and chairmanship of NATO’s High Level Group.
A longtime member of the Defense Science Board and the Defense Policy Board, the principal
advisory bodies to the Secretary of Defense, Dr. Carter has also advised the U.S. government as
a member of Secretary of State Condoleezza Rice’s International Security Advisory Board. Dr.
Carter is co-chair of the Senate Foreign Relations Committee’s Policy Advisory Group, co-chair
of the Review Panel on Future Directions for DTRA (Defense Threat Reduction Agency) Missions
and Capabilities to Combat Weapons of Mass Destruction, a consultant to the Defense Science
Board, a member of the National Missile Defense White Team, a member of the National
Academy of Sciences Committee on International Security and Arms Control, and has most
recently been named Chair of the Expert Working Group on National Security Strategy and
Policies for the Congressional Commission on the Strategic Posture of the United States.
In addition to his public service, Dr. Carter is currently a Senior Partner at
Global Technology Partners and a member of the Board of Trustees of the MITRE Corporation,
and the Advisory Boards of MIT’s Lincoln Laboratories and the Draper Laboratory. He is a
consultant to Goldman, Sachs and Mitretek Systems on international affairs and technology
35
matters, and speaks frequently to business and policy audiences. Dr. Carter is also a member
of the Aspen Strategy Group, the Council on Foreign Relations, the American Physical Society,
the International Institute for Strategic Studies, and the National Committee on U.S.-China
Relations. Dr. Carter was elected a Fellow of the American Academy of Arts and Sciences.
E. Collaborators
(i)
Collaborators and coeditors: Dr. Carter has written several books and articles with
former Secretary of Defense William J. Perry. He and Dr. Perry have also convened
numerous workshops and meetings, and led a number of U.S. delegations overseas
under the auspices of their joint research project, the Preventive Defense Project.
36
5.2
Nazli Choucri (Principal Investigator)
A. Professional Preparation
American University, Cairo, B.A., Social Sciences
1962
Stanford University, California, M.A., Political Science,1964
Stanford University, California, Ph.D., Political Science, 1967
B. Academic Appointments
Current Academic
Professor of Political Science, MIT
1978Associate Director, Technology and Development Program, 1976 Senior Faculty, Center for International Studies, MIT
1975Head, Middle East Program at MIT
1983Previous Academic
Director, Energy and Development Research Program
Associate Professor, MIT
1972-1978
Assistant Professor, MIT
1969-1972
Assistant Professor, Queen's University 1967-1969
Research Associate, Stanford University (summers)
1980-1984
1968-1970
Areas of Research Interests
CyberPolitics in International relations and international political economy
Global environmental change and dimensions of global security
International energy issues
Analytical and quantitative techniques
Advances in distributed knowledge management
C. Select Publications
• Choucri, et. al. Eds. 2007. Mapping Sustainability: Knowledge e-Networking and the Value Chain.
Springer: London.
• N. Choucri, 2001 “Knowledge Networking for Global Sustainability: New Modes of Cyberpartnering”
in D.J. Richards, B.R. Allenby, and W.D. Compton (eds) Information Systems and the Environment.
Washington: National Academy Press, pp. 195-210.
• Choucri, ed. 1993. Global Accord: Environmental Challenges and International Responses.
Cambridge, Mass.: MIT Press.
• Choucri 1981. International Energy Futures: Petroleum Prices, Power, and Payments. Cambridge,
Mass.: MIT Press.
• N. Choucri, R. C. North, and S. Yamakage. 1992. The Challenge of Japan Before World War II and
After: A Study of National Growth and Expansion. London: Routledge.
•
•
•
•
•
Other Relevant Publications. (select)
N. Choucri. 1991. "Analytical and Behavioral Perspectives: Causes of War and Strategies for Peace,"
In W. Scott Thompson et al., eds., Approaches to Peace: An Intellectual Map, Washington, D.C.:
US Institute of Peace, 271-98.
Choucri and R. C. North. 1993. "Population and (In)Security: National Perspectives and Global
Imperatives," in
David B. Dewitt, David Haglund, and John Kirton, eds., Emerging Trends I
International Security, New York: Oxford University Press, 229-56.
Choucri, “Environmentalism”, 2001 in J. Krieger ed. The Oxford Companion to Politics of the World.
2nd ed.
Choucri. 2000. “Governance and International Management,” in Ted Munn, ed.,
37
D. Synergistic Activities
•
•
•
•
•
•
•
Development of databases for analysis of international relations –by country – 1945-present
Interdisciplinary graduate courses Technology and Policy – co-teaching across 4 departments
Associate Director of MIT research program on technology and development – research in 5
countries
GSSD Director , managing collaborative research on knowledge provision and sharing across
disciplines, languages, and cultures (including Arabic, Chinese, French) ;
Contribution to US Academy of Engineering study on Information Systems and the
Environment 1997; publication in 2001.
Patent: United States Patent States Patent #5752023, May 12, 1998 Networked Database
System for Geographically Dispersed Global Sustainability Data.
D.1 Outside Professional Activities (select)
Member, Working Group 3, UN-ICT, Preparations for World Summit on Information Technology, 2001present;
Panel Member for National Academy of Sciences Committee on Terrorism, 2001-2002;
Panel Member for DARPA-National Academy of Sciences Committee on
Understanding Terrorism in order to Deter Terrorism, 2001-2002;
Member, Scientific Advisory Committee, SCOPE-ICSU, 1998-present;
Member, Science Board, Santa Fe Institute
1995-1997;
Special Advisor, to the Administrator of the United Nations Development, 1994-1996;
Member, Advisory Board, Global Stewardship Initiative, Pew Charitable Trust,1993-1995;
Advisor to the Secretary General of the United Nations Conference on Environment and Development,
1990-1992;
Member, AAAS Committee on Population, Resources, and the Environment and Chair, Working Group
on
International Aspects, 1985-1990
Convener and Session Organizer, International Political Science Association Congress, 1983, 1985;
Planning Committee, International Scientific Forum on Energy, 1983-1988;
Advisory Committee, Office of Technology Assessment, U.S. Congress, 1982-1983;
Board of Directors, Pathfinder Fund, 1981-1983
Council Member, American Political Science Association, 1981-1983;
Panel for 1979 U.S. Conference of Science and Technology for Development, National Research
Council, 1977- 1978
International Advisory Committee, World Population Society
1976-1977
International Social Science Documentation Committee 1976-1978
E. Collaborators & Other Affiliations
(i) Research Collaborators (recent) Stuart Madnick, Michael Siegel, Daniel Goldsmith,
Fred Moavenzadeh, (MIT), Brad Morrison (Brandies), Edward Anderson (U. of Texas)
(ii) Graduate Thesis Supervision MIT - 42 students from – Political Science, Technology
and Policy – Engineering Systems Division (ESD), Sloan School of Management
(iii) Editor Positions
Founding Editor, MIT Press Series on Global Environmental Accords
Co-Editor, International Political Science Review (IPSR), 1994-2000
Editorial Advisory Committee (IPSR), 2000-2004
Board of Editors, Business & the Contemporary World, 1992-1994
Advisory Board, Global Environmental Politics 2002(iv) Recent Honors
38
1993-
Elected to the European Academy of Sciences; 2003
Elected as Chair of the Scientific Advisory Committee of UNESCO’s MOST Program
(Management of Social Transformation), 2004;
Recipient of Dr. Jean Mayer Global Citizenship Award, 2005
(v) Professional Associations –Select: Council on Foreign Relations; American Political Science
Association;
American Association for the Advancement of Science; International Political Science
Association
Languages Fluent: English, French, Arabic.
Limited: Spanish, Italian
39
5.3
David D. Clark
A. Professional Preparation:
Swarthmore College, Electrical Engineering, BS, 1966
MIT, Computer Science, MS and EE, 1969
MIT, Computer Science, PhD, 1973
B. Professional Appointments:
Senior Research Scientist, M.I.T. Computer Science and Artificial Intelligence Laboratory, 1984-present
(Formerly Lab for Computer Science)
Principal Research Scientist, M.I.T. Lab for Computer Science, 1980-1984
Research Scientist, M.I.T. Lab for Computer Science, 1973-1980
C. Publications:
Relevant publications include:
• D. Clark, K. Sollins, J.T. Wroclawski, T. Faber.: Addressing Reality: An Architectural Response
to Real-World Demands on the Internet”. Proceedings of ACM SigComm workshop on Future
Directions in Network Architecture. Karlruhe, Germany, August, 2003
• Clark, D., R. Braden, et al. “FARA: Reorganizing the addressing architecture” Proceedings of
ACM SigComm workshop on Future Directions in Network Architecture. Karlruhe, Germany,
August,2003
• Marjory S. Blumenthal and David D. Clark, “Rethinking the design of the Internet: The end to
end arguments vs. the brave new world”. ACM Transactions on Internet Technology. August
2001, Vol. 1, No. 1 Version appeared in Communications Policy in Transition: The Internet and
Beyond, B. Compaine and S. Greenstein, eds. MIT Press, Sept. 2001.
• Clark, D., J Wroclawski, K. Sollins, R. Braden. “Tussle in Cyberspace: Defining Tomorrow’s
Internet”, Proceedings of the ACM SigComm 2002 Conference, Pittsburg, PA August, 2002,
Computer Communications Review, vol. 32, num. 4.
• Clark, D., C Partridge et al. “A knowledge plane for the Internet”. Proceedings of the
2003 ACm SigComm, Karlsruhe, Germany 2003
• Clark, D., "The Design Philosophy of the DARPA Internet Protocols", SIGCOMM Symposium,
ACM, August 1988, pp. 106-114.
• Clark, D., and Wilson, D., "A Comparison of Commercial and Military Computer Security
Policies", Proceedings of the 1987 IEEE Symposium on Security and Privacy, IEEE, Oakland, CA,
April 1987, pp. 184-194.
• Saltzer, J., Reed, D., and Clark, D.D., "End-to-End Arguments in System Design", ACM
Transactions on Computer Systems, Vol. 2, No. 4, November 1984, pp. 277- 288.
D. Synergistic Activities:
David Clark is a Senior Research Scientist at the MIT Computer Science and Artificial Intelligence
Laboratory. Since the mid 70s, Dr. Clark has been leading the development of the Internet; from 19811989 he acted as Chief Protocol Architect in this development, and chaired the Internet Activities Board.
More recent activities include extensions to the Internet to support real-time traffic, pricing and related
economic issues, and policy issues surrounding the Internet, such as broadband local loop deployment.
His current research looks at re-definition of the architectural underpinnings of the Internet, and the
relation of technology and architecture to economic, societal and policy considerations. Dr. Clark is past
chairman of the Computer Science and Telecommunications Board of the National Academies, and has
40
contributed to a number of studies on the societal and policy impact of computer communications. He is
co-director of the MIT Communications Futures Program, a project for industry collaboration and
coordination along the communications value chain. He was co-PI of DARPA NewArch project, a cleanslate reconsideration of the Internet, 2000-2004. He is currently funded by NSF to support the NSF
Future Internet Design program.
E. Collaborators & Other Affiliations:
i. Graduate and Postdoctoral Advisors:
Tom Anderson, U Washington
Paul Barford, U Wisconsin
Steve Bellovin, Columbia Univarsity
Robert Braden, USC ISI
Dan Blumenthal, UCSB
Marjory Blumenthal, Georgetown
University
Jon Crowcroft, Cambridge University
Bruce Davie, Cisco
Deborah Estrin, UCLA
Ted Faber,USC ISI
Aaron Falk, BBN
Sally Floyd, Berkeley
Greg Minshall
Craig Partridge, BBN
Adrian Perrig, CMU
Larry Peterson, Princeton
Venkata Pingali. USC
K.K. Ramakrishnan, ATT Labs
Chris Ramming, DARPA
Dipankar Raychaudhuri, Rutgers
Jennifer Rexford, Princeton U
Timothy Roscoe, ETH
Scott Shenker, UC Berkeley
Marvin Sirbu, Carnegie Mellon
University
Dawn Song, CMU
Sharon Gillett, BU/State of
Massachusetts
Mark Handley, UCL
Van Jacobson, PARC
Dina Katabi, MIT
William Lehr, MIT
Ion Stoica, Berkely
Karen Sollins, MIT CSAIL
John Wroclawski, USC ISI
Lixia Zhang, UCLA
ii. Graduate and Postdoctoral Advisors:
Prof. Robert Graham (UMass Amherst, emeritus)
Prof. Jerome Saltzer, PhD supervisor (MIT, emeritus)
iii. Thesis Advisor and Postgraduate-Scholar Sponsor during past five years:
Total PhD and MS supervised: 42
George Lee
Michael Afergan (Akamai)
Simson Garfinkel (Harvard)
Xiaowei Yang (UC Irvine)
Joanna Kulic (BBN)
Dina Katabi (MIT)
Donya Krairit (Asian Institute of
Technology)
Joseph Bailey (University of Maryland)
Tim Shepard (Consultant)
Rainer Gawlick (Lightship Telecom)
Greg Troxel (BBN Research)
Lixia Zhang (UCLA)
Radia Perlman (Sun Microsystems)
Pu Ng
Stephen Kent (BBN Research)
Allan Luniewski (IBM Research)
41
Anna Charny (Cisco Systems)
Warren Montgomery (ATT Labs)
42
5.4
Jack Goldsmith
A. Professional Preparation
Goldsmith received his bachelorʼs degree summa cum laude from Washington & Lee University
in 1984, a B.A. from Oxford University in 1986, and a J.D. from Yale law School in 1989.
B. Professional Appointments
Goldsmith is the Henry L. Shattuck Professor at Harvard Law School. He has also been on the
law faculties at the University of Virginia and the University of Chicago. He also served as the
Assistant Attorney General, Office of Legal Counsel, in the Department of Justice from 20032004, and as Special Counsel to the General Counsel in the Department of Defense from 20022003.
C. Publications
Goldsmith is the author of dozens of books and articles. His most recent publication is The
Terror Presidency: Law and Judgment Inside the Bush Administration (2007). He is also the coauthor of Who Controls the Internet? Illusions of a Borderless World (2006) and The Limits of
International Law (2005). In addition to Who Controls the Internet?, he has written many articles
about internet regulation, including “Against Cyberanarchy,” 65 Chicago Law Review 1199
(1998) and “Unilateral Regulation of the Internet: A Modest Defense,” 11 European Journal of
International Law 135 (2000).
D. Other Activities
Goldsmith is a member of the National Academy of Scienceʼs Computer Science and
Telecommunications Board study of the Policy Consequences and Legal Ethical Implications of
Offensive Information Warfare.
43
5.5
Roger Hurwitz
A. Professional Preparation
Hebrew University International Relations M.A. 1976
MIT (computational) Political Science Ph.D. 1991
B. Professional Appointments
2008-present: Research Affiliate, MIT Department of Political Science
2003-present: Research Affiliate, MIT Computer Science & Artificial Intelligence Laboratory
1993-2003: Research Scientist, MIT Artificial Intelligence Laboratory
1991-1993: Visiting Lecturer in Social Sciences, Hebrew University, Jerusalem
1983-1989: Research Associate, MIT Research Program on Communications Policy
C. Publications
Hurwitz has written on the development of information systems and their impact on government service,
political discourse and growth of scientific knowledge. His publications in this area include:
• Roger Hurwitz, Alexander Wawer & Stephen Butler. Classifying Drug Experiences in Networks of
Users. Paper presented to the NATO Advanced Study Institute on Mining Massive Data Sets for
Security, Villa Cagnola, Italy, September, 2007.
• Roger Hurwitz, Boris Katz, Jimmy Lin & Ozlem Uzuner. Better pubic policy through natural
language information access. in Proceedings of the 2003 annual national conference on digital
government research. Boston, MA.
• Roger Hurwitz & John Mallery. The Open Meeting: A Web-based system for conferencing and
collaboration. World Wide Web Journal, 1996, 1(1).
• Roger Hurwitz. The Ironies of Democracy in Cyberspace. in H. Jenkins & D. Thorburn, eds.
Democracy and New Media. Cambridge, MA: MIT Press, 2003.
D. Synergistic Activities
Hurwitz was on the organizing committee for and presented at the NSF, INR, ONR Workshop on
International Strategy and Policy for Cyber Security, June 12-13, MIT CSAIL, Cambridge (at which 36
current and former top USG officials, technologists and international relations experts discussed
strategies to mitigate cyber threats). He was on the advisory committee for NSF sponsored workshops
on E-rulemaking (2003) and a section editor of the report on the NSF workshop on Communication
Technologies and Response to Disaster (2002). He organized workshops for the World Wide Web
Consortium on Measuring Utilization of the Internet (1996) and online collaboration (1995). He was a
governor of the MIT Communications Forum (1998-2002) and a director of the MIT Media in Transition
Project (2000-2002), a multi-year study and forum devoted to the impact of new media technologies on
culture and politics. He co-developed the White House Electronic Publications Service (1993-1998), an
email and web based distribution and subscription system for executive branch media releases, and the
Open Meeting System (1994), an internet based system for wide area collaboration and deliberation for
proposed regulations and legislation. He currently advises the Information Storage Industry Center at
the University of California at San Diego on measuring and projecting the annual global production of
information.
E. Collaborators & Other Affiliations
i. Collaborators and Co-Editors
44
•
•
•
•
•
•
•
•
•
•
•
Hayward Alker, USC (deceased)
Yigal Arens, USC
Stephen Butler, Inflexxion (Newton, MA)
Lars-Eric Cederman, ETH (Zurich)
Cary Coglianese, Harvard
Michael Fischer, MIT
David Lazar, Harvard
John Mallery, MIT
Stuart Shulman, U. of Pittsburgh
Patrick Winston, MIT
James Short, UCSD
ii. Editorial Board: Journal of Information Technology and Politics
45
5.6
Stuart Elliot Madnick
A. Professional Preparation
B.S., Electrical Engineering, 1966, M.I.T.
M.S., Alfred P. Sloan School of Management, 1969, M.I.T.
M.S., Electrical Engineering, 1969, M.I.T.
Ph.D., Computer Science, 1972, M.I.T.
B. Professional Appointments
2000- present MIT School of Engineering, Professor of Engineering Systems
1990-95 MIT, Leaders for Manufacturing Professor of Management Science (term chair)
1989-present MIT School of Management, John Norris Maguire Professor of Information Technology
(chair)
1988-89 MIT, Professor 1976-88 MIT, Associate Professor
1972-76 MIT, Assistant Professor
1978-86 Co-founder and Member of the Board, Advanced Information Systems & Services
1972-75 Co-founder, Member of the Board and technical director, MITROL, Inc.
1970-72 Principal Scientist, Honeywell Information Sciences Center
1968-70 Manager of Systems Development, International Computation, Inc.
1967-69 Associate Engineer, Lockheed Missiles and Space Company, Palo Alto Research Lab
1966-71 Systems Designer, IBM Cambridge Scientific Center.
C. Publications
Most Closely Related Publications (5)
•
•
•
•
2007 Firat, A., B. Grosof, S. Madnick, “Contextual Alignment of Ontologies in the eCoin
Semantic Interoperability Framework”, Information Technology and Management Journal, Vol. 8,
No. 1, Springer US, March 2007, pp. 47-63.
2006 Madnick, S., Zhu, H., “Improving Data Quality Through Effective Use of Data Semantics,”
Data & Knowledge Engineering, Vol. 59, 2006, pp. 460-476. 2002 Madnick, S., M. Siegel.
“Seizing the Opportunity: Exploiting Web Aggregation”, MISQ Executive, Vol 1, No. 1, March
2002, pp. 35-46.
2000 Bresson, S., C. Goh, N. Levina, S. Madnick, A. Shah, and M. Siegel, “Context Knowledge
Representation and Reasoning in the Context Interchange System,” The International Journal of
Artificial Intelligence, Volume 12, Number 2, September 2000, pp. 165-180.
1999 Goh, C., S. Bresson, S. Madnick, and M. Siegel , “Context Interchange: New Features and
Formalisms for the Intelligent Integration of Information,” ACM Transactions on Information
Systems, July 1999.
Additional Recent / Relevant Publications (5)
•
•
•
2008 Zhu, H. and S. Madnick, “One Size does not Fit All: Legal Protection for NonCopyrightable Data,” to appear in Communications of the ACM.
2004 Choucri, N., Madnick, S., Moulton, A., Siegel, M., and Zhu, H, “Information Integration
for Counter Terrorism Activities: The Requirement for Context Mediation,” Proceedings of the
2004 IEEE Aerospace Conference, Big Sky, Montana, March 6-13, 2004
2002 Firat, A., S. Madnick, and Grosof, B., “Financial Information Integration In the Presence
of Equational Ontological Conflicts,” Proceedings of the Workshop on Information Technology
and Systems, Barcelona, Spain, December 14-15, 2002, pp. 211-216
46
•
•
2001 Madnick, S., “The Misguided Silver Bullet: What XML will and will NOT do to help
Information Integration,” Proceedings of the Third International Conference on Information
Integration and Web-based Applications and Services (IIWAS2001; Linz, Austria), published by
Osterreichische Computer Gesellschaft (ISBN 3-85403-157-2), September 2001, pp. 61-72.
1996 Lee, J., S. Madnick, and M. Siegel, “Conceptualizing Semantic Interoperability: A
Perspective from the Knowledge Level”, International Journal of Cooperative Information
Systems: [Special Issue on Formal Methods in Cooperative Information Systems], Vol. 5, No. 4,
December 1996.
D. Synergistic Activities
•
•
•
•
Actively involved in Professional Societies and Journals (e.g., Board of Governors, IEEE
Computer Society, 19791981; Chairman, IEEE Technical Committee on Database Engineering,
1980-82; VLDB Endowment, Vice President 1991-1997; Treasurer 1989-1991; Executive
Committee, International Workshop on Information Technology & Systems, 1995-2006, founding
Editor-in-Chief, ACM Journal on Data and Information Quality, 2006-present.)
Authored or co-authored 5 books, including the classic textbook, Operating Systems, and over
300 papers (and working papers) that have been published in Communications of the ACM,
ACM Transactions on Database Systems, Information Processing Letters, Journal of MIS, and
other major journals and conference proceedings.
Extensive teaching and course development activities (in areas such as, information
technologies, strategic use of information technologies, operating systems, database systems)
to Undergraduates, Graduates, Professionals, and Senior Executives.
Served as Principal Investigator for various projects and programs, such as: Context
Interchange (COIN), Total Data Quality Management (TDQM), PROductivity From Information
Technology (PROFIT), Pro-Active INTelligence (PAINT), Knowledge-Based Integrated Information
Systems Engineering (KBIISE), INFOPLEX, Family of Operating System (FOS). Sponsors have
included NSF, DARPA, iARPA, US Navy, and industry companies.
E. Collaborators & Other Affiliations
i. Collaborators and coeditors: (48 months)
D. Ballow (State University of New York at Albany), S. Bhalla (University of Aizu, Japan), S. Bressan
(National University of Singapore), S. Bansali (MIT), N. Choucri (MIT), K. Chettayar (D & B), F. Dravis
(FirstLogic Corp), T. Gannon (MITRE), D. Goldsmith (MIT), F. Haghseta (State of Massachusetts), A. Firat
(Northeastern U), C. Fisher (Marist College), J. Funk (S.C. Johnson), B. Grosof (MIT), Y. Lee
(Northeastern), F. Manola (independent consultant), N. Minami (US Army), D. Mistree (MIT), B. Morrison
(Brandeis), A. Moulton (MIT), E. Pierce (University of Arkansas at Little Rock), M. Siegel (MIT), D. Strong
(WPI), K-L Tan, National University of Singapore), S. Tu (Soochow University, Taiwan), C. Velu
(Cambridge University), M. Van Alstyne (Boston University), R. Wang (MIT), L. Wu (MIT), X. Xian (Oracle),
N.A. Yahaya (Malaysia University of Science and Technology), H. Zhu (Old Dominion University).
ii. Graduate and Postdoctoral Advisors:
John Donovan (most recently at Cambridge Technology Group), Robert Graham (Professor Emeritus,
University of Mass), J.C.R. Licklider (deceased).
iii. Thesis Advisor and Postgraduate-Scholar Sponsor during past five years:
Thesis advisor: Juan Ignacio Aguirre, Wee Horng Ang, Faisel Anwar, Renato Teixeira Catalan, David SuKai Cheng, Lindsey Christian, Shin Wee Chuang, Patrick De Suza, Aykut Firat, Sajindra Kolitha Bandara
Jayasena M. Bilal Kaleem, Philip Lee, Ahmad Shuja, Benjamin Spead, Philip Tan, Ee-leen Tan, Paulo
Guilherme Vita, Xiang Xian. (Total number of thesis advisees: ~172 in total).
47
Current Undergraduate Advisor to: Tara Chang, Michelle Law, Brian Manley, Justin Moe, Lindsey Pete,
Gil Zamfirescu-Pereira.
48
5.7
John C. Mallery
A. Professional Preparation
McGill University B.A, MIT SM 1988, MIT Ph.D. Candidate (ABD)
F. Professional Appointments
2007-present: Research Scientist, MIT Computer Science & Artificial Intelligence Laboratory
2003-2007: Research Affiliate, MIT Computer Science & Artificial Intelligence Laboratory
1993-2003: Research Scientist, MIT Artificial Intelligence Laboratory
1981-1993: Affiliated with the MIT AI Lab as a graduate student or research assistant
G. Publications
Published over a dozen refereed articles treating natural language understanding, machine learning,
wide-area collaboration, Internet technologies, and computational politics. Presented over fifty
conference papers and academic talks in the additional areas of introspective software, online politics,
e-government, survey research, international political economy. Co-authored several major technical
white papers for senior elements of DoD and various MIT research proposals for DoD agencies.
Numerous presentations to government, including EOP, OSD, Defense Science Board, NSA, NRO, State
Department, Congress.
Selected publications:
•
•
•
John C. Mallery, “Semantic Content Analysis: A New Methodology for The RELATUS Natural
Language Environment,” in Artificial Intelligence and International Politics, V. Hudson, ed.,
Boulder: Westview Press, 1991.
Roger Hurwitz & John C. Mallery, “The Open Meeting: A Web-Based System For Conferencing
And Collaboration,” World Wide Web Journal, 1996, 1 (1).
John C. Mallery, “Beyond Correlation: Bringing Artificial Intelligence to Event Data,” International
Interactions, 1994, 20 (1-2): 101-145.
H. Synergistic Activities
With a research focus on computational politics, John Mallery has worked at MIT in the areas of natural
language understanding and machine learning since 1980, and more recently biologically-grounded
cognitive architectures. As a Research Scientist at the MIT AI Lab during the 1990s, he was the principal
architect of the White House Electronic Publications System (1992-2000), which showcased numerous
Internet firsts (inter alia, HTTP 1.1, fragment-aware URNs). Before this, he developed some early
systems for online politics in 1992, including systems for multi-protocol hierarchical adaptive surveys
(1992, 1994, 1996) and wide-area collaboration (1994 Vice President President’s Open Meeting on the
National Performance Review). After a BA in Latin American Studies at McGill University, John interned
at US State Department in LA/ECP and INR. Following his SM degree from MIT in Political Science, he
reached ABD in an interdepartmental PhD between Political Science and EE & CS in International
Relations and Machine Learning. Mallery’s interests span fields from social science -- including
international relations, economics, organizational learning, and computational politics -- to cognitive
science and philosophy and on to computer science, artificial intelligence, computational linguistics.
Mallery has been working in the area of computer security and novel architectures for computing since
the late 1990s and has coauthored a number of major white papers and smaller reports to various
government agencies (NRO, NSA), including a serious of presentations to the Defense Science Board on
49
Security Tagged Architectures during the Summer 2006. Mallery currently works on topics in finegrained security with funding under the NSF Cybertrust Program.
Mallery has been a chair or principal organizer of a series of workshops on cyber security:
I.
•
Safe Computing Workshop Planning Meeting, August 21-22, 2006 MIT CSAIL, Cambridge
(DTO/IARPA, MIT, NSA, NSF, Sandia, UPenn)
•
•
NSF-DTO-NSA Safe Computing Workshop, November 29 – December 1, 2006
Sandia National Laboratory, Albuquerque, NM (80 top US IA experts from government, industry
and academia looked at entire computing & networking stack)
•
NSF-DTO-NSA Itanium STA Workshop, March 26-27 2007, MIT CSAIL, Cambridge (25
specialists examined Itanium as platform for security tagged architectures and looked at
programming language verification)
•
Information Assurance Leadership Workshop, June 13, 2007, Northrop Grumman Corporation,
Reston, VA Workshop (20 USG IA leaders reviewed NCDI progress to date)
•
IARPA, NSF, NSA, OSD Workshop on Game-Changing Solutions for Cyber Security, November
6, 2007, IARPA, College Park, MD. (about 70 participants discussed and red teamed about 20
vignettes on game-changing solutions for cyber security selected from over 70 submissions.)
•
NSF, INR, ONR Workshop on International Strategy and Policy for Cyber Security, June 12-13,
2008, MIT CSAIL, Cambridge (36 current and former top USG officials came together with
leading technologists and international relations experts to identify international strategies to
mitigate cyber threats.)
Collaborators & Other Affiliations
iv. Collaborators and coeditors:
Hayward R. Alker (Deceased), Andre DeHon (UPenn), Roger Hurwitz (MIT), Thomas Knight (MIT), Carl
Landwehr (IARPA), Karl N. Levitt (NSF), Ron Rivest (MIT), Howard Shrobe (MIT), Karen Sollins (MIT),
Patrick Winston (MIT)
v. Graduate and Postdoctoral Advisors:
Hayward R. Alker, Jr. (MIT), Lincoln Bloomfield (MIT), Marvin Minsky (MIT), Patrick H. Winston (MIT)
vi. Thesis Advisor and Postgraduate-Scholar Sponsor during past five years: none
vii. Languages: English, French, Spanish
5.8
Silvio Micali
A. Professional Preparation
Laurea (cum laude) in Mathematics, University of Rome, March 1978.
Thesis title: Minimal Forms in Lambda- Calculus Computations.
Ph.D. in Computer Science, University of California at Berkeley, December 1983.
Thesis title: Randomness versus Hardness.
Post-doctoral Fellow in Computer Science, University of Toronto, 1982-83.
50
B. Academic Appointments
Dugald Jackson Professor, Computer Science and Artificial Intelligence Laboratory,
M.I.T.,1991- present
Tenured Associate Professor, M.I.T.,1988-91
Associate Professor, M.I.T.,1986-88
Assistant Professor, M.I.T.,1983-86
C. Publications
Most Relevant to the Proposal
•
•
Rational Secure Computation and Ideal Mechanism Design
S. Izmalkov, M. Lepinski and S. Micali, Proc. . FOCS, Pittsburgh, PA, October 2005
•
•
Local Zero Knowledge
S. Micali and R. Pass, Symposium on Theory of Computing 2006
•
Collusion-Free Protocols
M. Lepinski, S. Micali, and A. Shelat, Symposium on Theory of Computing 2004
•
Completely Fair SFE and Coalition-Stable Cheap Talk
M. Lepinski, S. Micali, C. Peikert, and A. Shelat, Proc. PODC 2004
•
How To Play Any Mental Game
Goldreich O., Micali S. and Wigderson A., Symposium on Theory of Computing 1987
Sample Other Significant Publications
•
Probabilistic Encryption, Goldwasser S. and Micali S., Journal of Computer and System
Sciences, 28(2), pp 270-299
•
Computationally Sound Proofs, Silvio Micali, SICOMP Vol. 30, Number 4, pp.1 1253-1298, 2000
•
The All-Or-Nothing Nature of Secure Computation, Beimel A., T. Malkin and S. Micali, Proc.
Crypto 99, Santa Barbara, CA, August 1999
•
Proofs That Yield Nothing But their Validity, Or, All Languages in NP Have Zero-Knowledge
Proofs, Goldreich O., Micali S. and Wigderson A., Journal of ACM, 38 n. 3, July 1991, pp. 691729
•
Zero-Knowledge Sets
Micali S., Rabin M., and Kilian J., Proc. FOCS 2000, New York, NY, October 2000
D. Synergistic Activities
Micali is the founder of two companies (Corestreet, Ltd. and Peppercoin, Inc.), the holder of over forty
patents, some of which have been licensed to US Government and major US corporations, and the Chairman
and Chief Science Officer of Corestreet, Ltd., a provider of Real-Time Credentials. He restructured MIT’s
graduate introduction to cryptography and developed MIT’s advanced course in cryptography and a
Cryptographic Game Theory Course.. He also organized the MIT workshop on zero-knowledge and secure
protocols.
E. Collaborators & Other Affiliations
51
(i) Collaborations
Recent Collaborators: Amos Beimel (Ben-Gurion), Mihir Bellare (UC San Diego), Sasha Boldyreva (UC
San Diego), Christian Cachin (IBM), Ran Canetti (Tel Aviv), Yevgeniy Dodis (NYU), Marc Fischlin
(Fraunhofer-Gesellschaft), Oded Godlreich (Weizmann), Shafi Goldwasser (MIT), John Herzog (MIT),
Sergei Izmalkov (MIT), Markus Jakobsson (RSA), Joe Kilian (NEC), Eyal Kushilevitz (Technion), Tom
Leighton (MIT), Matt Lepinski (BBN), Moses Liskov (William&Mary), Anna Lysyanskaya (Brown), Tal
Malkin (Columbia), Kazuo Ohta (University of Electro-Communications, Japan), Rafail Ostrovsky (UCLA),
Rafael Pass (Cornell), Michael Rabin (Harvard), Leo Reyzin (BU), Alon Rosen, H Sacham (Stanford), Abhi
Shelat (U. of Virginia), Adam Smith (MIT), Markus Stadler (Crypto AG), Mike Szydlo (RSA), Salil Vadhan
(Harvard)
Thesis advisor: Manuel Blum (CMU)
Graduate theses supervised (16) : Paul Valiant (MIT); Rafael Pass (Cornell University); Moses Liskov
(William&Mary), Abhi Shelat (Univ. of Virginia), Chris Peikert (SRI), Matt Lepinski (BBN), Leo Reyzin (BU),
Shai Halevi (IBM), Rosario Gennaro (IBM), Ray Sidney (Google), Rafail Ostrovsky (UCLA), Mihir Bellare
(UC San Diego), Phil Rogaway (UC Davis), Bonnie Berger (MIT), Claude Crépeau (McGill), Paul Feldman
(unknown)
(ii) Main Awards
•
Gödel Prize (in Theoretical Computer Science)
•
RSA Prize (in Cryptography)
•
Member, National Academy of Science
•
Member, National Academy of Engineering
•
Member, American Academy of Arts & Sciences
52
5.9
Joseph S. Nye, Jr.
A. Professional Preparation
He received his bachelor’s degree summa cum laude from Princeton University in 1958. He did
postgraduate work at Oxford University on a Rhodes Scholarship and earned a Ph.D. in political science
from Harvard.
B. Academic Appointments
Joe Nye is University Distinguished Service Professor and former dean of Harvard’s Kennedy School of
Government. He joined the Harvard Faculty in 1964, and taught one of the largest core curriculum
courses in the college. In 2005, Foreign Policy listed him as one of the top ten scholars of international
affairs.
In addition to teaching at Harvard, Mr. Nye also has taught for brief periods in Geneva, Ottawa, and
Oxford where he is a Visiting Professor and an honorary fellow. He has lived for extended periods in
Europe, East Africa, Central America, and traveled to more than 100 countries.
C. Publications
He is the author of numerous books and more than one hundred and fifty articles in professional and
policy journals. His most recent publications are Soft Power: The Means to Success in World Politics
(2004), an anthology, Power in the Global Information Age (2004), a textbook Understanding
International Conflict (6th ed 2006), and The Powers to Lead (2008). In addition, he has published policy
articles in various newspapers and magazines, and his internationally syndicated column appears in
papers in more than 70 countries.
D. Synergistic Activities
He has also worked in three government agencies. From 1977 to 1979, Nye served as Deputy to the
Under Secretary of State for Security Assistance, Science and Technology and chaired the National
Security Council Group on Nonproliferation of Nuclear Weapons. In recognition of his service, he
received the highest Department of State commendation, the Distinguished Honor Award. In 1993 and
1994, he was chairman of the National Intelligence Council, which coordinates intelligence estimates for
the President. He was awarded the Intelligence Community’s Distinguished Service Medal. In 1994 and
1995, he served as Assistant Secretary of Defense for International Security Affairs, where he also won
the Distinguished Service Medal with an Oak Leaf Cluster.
A Fellow of the American Academy of Arts and Sciences and of the Academy of Diplomacy, and of the
British Academy, Nye is co-chair (with Brent Scowcroft) of the Aspen Strategy Group, chair of the North
American Group of the Trilateral Commission, a director of the Council on Foreign Relations, and of the
Center for Strategic and International Studies. He has served as a director of the Institute for East-West
Security Studies, a director of the International Institute for Strategic Studies, a member of the advisory
committee of the Institute of International Economics, and the American representative on the United
Nations Advisory Committee on Disarmament Affairs. He has been a trustee of Wells College and of
Radcliffe College. He is the recipient of the Woodrow Wilson Award from Princeton University, the
Charles Merriam Award from the American Political Science Association, and the Palmes Academiques
from the French government.
53
E. Collaborators & Other Affiliations
i. Collaborators and coeditors: several books and articles with Robert O. Keohane.
Various seminars and conferences including co-chairing NSF, INR, ONR Workshop on International
Strategy and Policy for Cyber Security, June 12-13, 2008, MIT CSAIL, Cambridge (36 current and former
top USG officials came together with leading technologists and international relations experts to identify
international strategies to mitigate cyber threats.
54
5.10 Luis E. Ortiz
A. Professional Preparation
B.S. (with high distinction) in Computer Science, University of Minnesota, June 1995.
M.S. in Computer Science, Brown University, May 1998.
Ph.D. in Computer Science, Brown University, May 2002.
Post-doctoral Researcher in Computer Science, University of Pennsylvania, 2002-2004.
Post-doctoral Lecturer, MIT, 2004-2006
B. Academic Appointments
Assistant Professor, Stony Brook University (SUNY), September 2008-present
Assistant Professor, University of Puerto Rico at Mayagüez, January 2007-June 2008
C. Publications
Most Relevant to the Proposal
•
Michael Kearns and Luis E. Ortiz. Algorithms for Interdependent Security Games, Neural
Information Processing Systems (NIPS), 2003.
http://www.cs.sunysb.edu/~leortiz/papers/ids.pdf
•
Sham M. Kakade, Michael Kearns, Luis E. Ortiz, Robin Pemantle and Siddharth Suri. Economic
Properties of Social Networks. In Neural Information Processing Systems (NIPS), 2004.
http://www.cs.sunysb.edu/~leortiz/papers/socialecon.pdf
•
Sham M. Kakade, Michael Kearns and Luis E. Ortiz. Graphical Economics, Seventeenth Annual
Conference on Learning Theory (COLT), 2004.
http://www.cs.sunysb.edu/~leortiz/papers/graphecon.pdf
•
Sham Kakade, Michael Kearns, John Langford and Luis Ortiz. Correlated Equilibria in Graphical
Games, ACM Conference on Electronic Commerce (EC), 2003.
http://www.cs.sunysb.edu/~leortiz/papers/cegg.pdf
•
Luis Perez-Breva, Luis E. Ortiz, Chen-Hsiang Yeang, and Tommi Jaakkola. Game-Theoretic
Algorithms for Protein-DNA Binding. In Advances in Neural Information Processing Systems
(NIPS) 19, 2007.
http://www.cs.sunysb.edu/~leortiz/papers/Perez_etal_NIPS2006.pdf
Sample of Other Significant Publications
•
Luis E. Ortiz and Michael Kearns. Nash Propagation for Loopy Graphical Games, Neural
Information Processing Systems (NIPS), 2002.
http://www.cs.sunysb.edu/~leortiz/papers/nashprop.pdf
•
Luis E. Ortiz. CPR for CSPs: A Probabilistic Relaxation of Constraint Propagation. In Neural
Information Processing Systems (NIPS), 2007.
http://www.cs.sunysb.edu/~leortiz/papers/nips2007.pdf
•
Luis E. Ortiz and Leslie Pack Kaelbling. Adaptive Importance Sampling for Estimation in
Structured Domains, Proceeding of the Sixteenth Conference on Uncertainty in Artificial
Intelligence (UAI), 2000. http://www.cs.sunysb.edu/~leortiz/papers/uai2000paper.pdf
55
•
Luis E. Ortiz and Leslie Pack Kaelbling. Sampling Methods for Action Selection in Influence
Diagrams, Proceedings of the Seventeenth National Conference on Artificial Intelligence (AAAI),
2000. http://www.cs.sunysb.edu/~leortiz/papers/aaai2000-paper.pdf
•
David McAllester and Luis Ortiz. Concentration Inequalities for the Missing Mass and for
Histogram Rule Error, Journal of Artificial Intelligence Research (JAIR), Special Issue on Learning
Theory, Volume 4, Pages 895-911, October, 2003.
http://www.jmlr.org/papers/volume4/mcallester03a/mcallester03a.pdf
D. Synergistic Activities
While at the University of Pennsylvania, along with his colleague Michael Kearns (Penn), Ortiz helped to
design and develop the Penn Exchange Simulator (PXS), a software simulator for automated stock trading
that merges automated client orders with real-world, real-time order data as part of the Penn-Lehman
Automated Trading Project (PLAT). PXS was widely used by the international research community to design,
develop and test automated trading strategies. The simulator also runs in “historical mode” for which he
helped to create and maintain a database of real-world limit orders that was used for research, development
and testing offline. In addition, he also helped to run seminars for both graduate and undergraduate students
on the use of the simulator, and to design, evaluate and analyze competitions to encourage participation in
the project. (Please visit http://www.cis.upenn.edu/~mkearns/projects/plat.html for more info).
Ortiz has also served on an NSF Review Panel (Robust Intelligence, IIS).
E. Collaborators & Other Affiliations
ii. Collaborators and coeditors:
Tommi Jaakkola (MIT), Sham M. Kakade (Toyota Technological Institute at Chicago), Michael Kearns
(Penn), Yishay Mansour (Tel Aviv), Robin Pemantle (Penn), Luis Perez-Breva (MIT), Robert E. Schapire
(Princeton), Siddharth Suri (Yahoo! Research, New York), Chen-Hsiang Yeang (Institute for Advanced
Study)
iii. Graduate and Postdoctoral Advisors:
Leslie Kaelbling (MIT), Michael Kearns (Penn)
iv. Thesis Advisor and Postgraduate-Scholar Sponsor during past five years: none
56
5.11 Eric Rosenbach
A. Professional Preparation
Rosenbach completed a juris doctor at Georgetown University Law Center, a master's in public policy at
the Harvard Kennedy School and bachelor of arts at Davidson College. As a Fulbright Scholar,
Rosenbach conducted post-graduate research on privatization programs in Eastern Europe.
B. Professional Appointments
Rosenbach is the Executive Director for Research at the Belfer Center for Science and International
Affairs. He is a member of the Belfer Center’s Board of Directors.
C. Publications
Rosenbach co-authored a book on counter-terrorism policy with Richard A. Clarke and other experts,
entitled Defeating the Jihadists (2004). He co-edited a book on military leadership, In Search of
Excellence (2008). His published work also has appeared in the Washington Post, Baltimore Sun,
Chicago Tribune and International Herald Tribune.
D. Synergistic Activities
Prior to his work at the Belfer Center, Rosenbach was a professional staff member on the Senate Select
Committee on Intelligence and served as the national security advisor for U.S. Senator Chuck Hagel.
On the Intelligence Committee, Rosenbach provided oversight of the intelligence community’s
counterterrorism efforts. Rosenbach led and authored two formal Senate Intelligence Committee
investigations of prewar intelligence on Iraq, entitled Postwar Findings about Iraq’s Links to Terrorism
and Prewar Intelligence about Postwar Iraq.
In the private sector, Rosenbach previously worked as a vice president and chief security officer for
the largest internet service provider in Europe. He was responsible for all aspects of cyber-security,
privacy and network operations.
Rosenbach served as an active-duty military intelligence officer supporting post-conflict operations in
the Balkans. As a Company Commander, he was awarded the Meritorious Service Medal. The Director
of Central Intelligence named his company as the top intelligence organization in the U.S. military for two
consecutive years.
E. Collaborators & Other Affiliations
Various seminars and conferences including member organizing committee for the NSF, INR, ONR
Workshop on International Strategy and Policy for Cyber Security, June 12-13, 2008, MIT CSAIL,
Cambridge (36 current and former top USG officials came together with leading technologists and
international relations experts to identify international strategies to mitigate cyber threats.
57
5.12 Patrick H. Winston
A. Professional Preparation
Professor Winston received the B.S. in 1965, the M.S. in 1967, and the Ph.D. in 1970, all from the
Massachusetts Institute of Technology.
B. Professional Appointments
Patrick H. Winston is Ford Professor of Artificial Intelligence and Computer Science at the
Massachusetts Institute of Technology.
Professor Winston has been with MIT Artificial Intelligence Laboratory since 1967. He joined the faculty
in 1970, and he was the Director of the Laboratory from 1972 to 1997.
C. Publications
Professor Winston's publications include major textbooks on Artificial Intelligence and several
programming languages, an edited collection of papers about AI applications, and several edited
collections of key MIT research papers.
•
•
•
•
•
•
•
•
•
•
On to Smalltalk
On to Java
On to C++
On to C
Artificial Intelligence, Third Edition
Lisp, Third Edition (with Berthold K. P. Horn)
The AI Business: Commercial Uses of Artificial Intelligence (editor, with Karen A. Prendergast)
Artificial Intelligence at MIT: Expanding Frontiers (editor, with Sarah A. Shellard, two volumes)
Artificial Intelligence: An MIT Perspective (editor, with Richard H. Brown, two volumes)
The Psychology of Computer Vision (editor)
D. Synergistic Activities
Professor Winston is chairman and co-founder of Ascent Technology, Inc., a company that produces
sophisticated scheduling, resource allocation, and schedule recovery applications, enabled by AI
technology, and in use throughout the world in major airports and the Department of Defense.
Professor Winston is a member of the Naval Research Advisory Committee (NRAC) (1985-1990, 19942000, 2003-present) for which he served as Chair from 1997 to 2000. During his service on NRAC, he
has chaired several studies, including a study of how the Navy can best exploit the next generation of
computer resources, a study of technology for reduced manning, and a study of software-intensive
systems.
Professor Winston is also a past president of the American Association for Artificial Intelligence.
E. Collaborators & Other Affiliations
(i) Collaborators and coeditors: None
(ii) Graduate and Postdoctoral Advisors: Professor Marvin Minsky, MIT Media Laboratory
(iii) Thesis Advisor (45) and Postgraduate-Scholar Sponsor (1) during past five years:
58
Jonathan Amsterdam, unknown; Peter Andreae, University of Wellington; Daniel Barkalow, unknown;
John Bender, unknown; Robert Berwick, MIT; Richard Boberg, Network Appliance; Keith Bonawitz, MIT;
Gary Borchardt, MIT; Eugene Chang, Funk Software; Steven Czerwinsky, unknown; Michael De la Maza,
unknown; Richard Doyle, Jet Propulsion Laboratory; Scott Fahlman, CMU; Krzysztof Gajos, University of
Washington; Philip Greenspun, retired; Marion Groh, Microsoft; Robert Hall, Hewlett-Packard; Glen Iba,
MIT; Michal Kahan, unknown; Manolis Kellis, MIT; Paul Keel, MIT; Anthony Kim, unknown; Stephen
Larson, UCSD; Richard Lathrop, University of California, Irvine; Jintae Lee, University of Colorado; Albert
Lester, unknown; Tomas Lozano-Perez, MIT; Catherine Miller, unknown; Raymond Molnar, unknown;
Barbara Moore, Millenium; Pegor Papazian, unknown; Eve Philips, Vector Capital; Satyajit Rao,
University of Genova; Lukas Ruecker, Delta Research; Arian Shadadi, Oracle Corporation; Jimmy Shih,
unknown; Matt Sither, unknown; David Spenser, unknown; Oana Stamatoiu, unknown Seth Tardif,
unknown; David Waltz, NEC Research; John Williams, unknown; Robert Woodham, University of British
Columbia; Deniz Yuret, Koc University, Istanbul; Zakia Zerhouni, Oracle Corporation.
59