Presentation in SECCON on 12th of February,2023.
I would like to explain in the followings;
a)It is not possible to derive anything useful from the concept of active cyber defence per se
2)The issue can be derived solely from whether the attacker is affected or not.
3)Even where there is an impact, the legal position is very different depending on the intensity of the attack and counter-attack
3)The legal position requires a 3D analysis of national and international law
4)Traditional frameworks of analysis of national and international law are very effective when analysing by subject and action (geographical generalisations are harmful and futile).
5)The legal implications of a 'national security strategy' can only be analysed by cybersecurity legal experts.
6)As for the specific issues, there is a vast legal grey zone, with various issues depending on International/national law and specific acts.
2019/10/16
初心者向けCTFのWeb分野の強化法
CTFのweb分野を勉強しているものの本番でなかなか解けないと悩んでいないでしょうか?そんな悩みを持った方を対象に、私の経験からweb分野の強化法を解説します。
How to strengthen the CTF Web field for beginners !!
Although you are studying the CTF web field, are you worried that you can't solve it in production?
For those who have such problems, I will explain how to strengthen the web field based on my experience.
(study group) https://yahoo-osaka.connpass.com/event/149524/
2019/10/16
初心者向けCTFのWeb分野の強化法
CTFのweb分野を勉強しているものの本番でなかなか解けないと悩んでいないでしょうか?そんな悩みを持った方を対象に、私の経験からweb分野の強化法を解説します。
How to strengthen the CTF Web field for beginners !!
Although you are studying the CTF web field, are you worried that you can't solve it in production?
For those who have such problems, I will explain how to strengthen the web field based on my experience.
(study group) https://yahoo-osaka.connpass.com/event/149524/
DoS and DDoS mitigations with eBPF, XDP and DPDKMarian Marinov
The document compares eBPF, XDP and DPDK for packet inspection. It describes the speaker's experience using these tools to build a virtual machine that can handle 10Gbps of traffic and drop packets to mitigate DDoS attacks. It details how eBPF and XDP were able to achieve higher packet drop rates than iptables or a custom module. While DPDK could drop traffic at line rate, it required specialized hardware and expertise. Ultimately, XDP provided the best balance of performance, driver support and programmability using eBPF to drop millions of packets per second.
DoS and DDoS mitigations with eBPF, XDP and DPDKMarian Marinov
The document compares eBPF, XDP and DPDK for packet inspection. It describes the speaker's experience using these tools to build a virtual machine that can handle 10Gbps of traffic and drop packets to mitigate DDoS attacks. It details how eBPF and XDP were able to achieve higher packet drop rates than iptables or a custom module. While DPDK could drop traffic at line rate, it required specialized hardware and expertise. Ultimately, XDP provided the best balance of performance, driver support and programmability using eBPF to drop millions of packets per second.
This document provides an overview of contact tracing efforts around the world from a legal and privacy perspective. It discusses key concepts in contact tracing like proximity tracing apps and exposure notification. It then reviews the frameworks and guidelines put forward by the EU and UK, as well as examples of contact tracing apps and programs in countries like China, Singapore, Germany, and Australia. Challenges in balancing privacy and public health are explored, and principles like privacy by design and transparency are discussed. Open issues around data minimization, consent, and handling personal data are also examined.
This document summarizes key differences between GDPR and Japan's APPI regarding personal data protection laws, using the "Rikunabi case" as an example.
The document outlines the main frameworks, definitions of personal data vs personal information, and rights of individuals. It then details how APPI is currently under review regarding areas like data breach reporting policies, voluntary business initiatives, and data utilization policies.
The case study describes how Rikunabi Career used behavioral data and a prediction model to calculate student jobseekers' likelihoods of withdrawing applications, without properly obtaining consent. This led to recommendations and guidance from Japan's Personal Information Protection Committee and an instruction from the Tokyo Labor Bureau regarding legal compliance.
This document discusses e-discovery in UK litigation and compares it to procedures in Japan. Key points:
- UK litigation requires full disclosure of all material evidence by both parties. This contrasts with Japan which does not have an automatic discovery process.
- Differences in civil procedure laws around document protection and data privacy can cause conflicts in cross-border e-discovery.
- Japanese companies may have weaknesses in areas like retention policies and cultural perspectives that make adapting to rigorous e-discovery standards challenging. Cooperation will be needed to resolve conflicts that arise from these differences.
This document discusses the legal issues surrounding cloud computing. It begins by outlining some of the key compliance risks when using cloud services, such as loss of governance over data and unclear jurisdiction. It then examines these issues in more depth, analyzing how data protection laws, information security laws, and international standards apply both within a single country and across borders. Challenges related to cloud forensics, subpoenas, and e-discovery in legal cases are also addressed. The document concludes by emphasizing the complexities of determining applicable laws in cross-border situations.
The document discusses security issues related to cloud computing including lack of standards, jurisdictional challenges, and balancing privacy and security concerns. It draws analogies between cloud security challenges and the "Star Wars" concept of balancing the light and dark sides of the force. It argues that frameworks, standards, and transparent defense systems are needed to address vulnerabilities and bring more balance to cloud security.
Describing the paradigm shift of Information security at Mass Internet age.
Bot Net Order look like Order 66.
What are "New Hopes " of cyber warfare ?
26. 「国家安全保障戦略」
• 令和4年12月16日
• 国家安全保障会議及び閣議
• 安全保障関連3文書の決定
• 国家安全保障戦略
• 国家防衛戦略
• 防衛力整備計画
• 「能動的サイバー防御を導入」
• 武力攻撃に至らないものの(even if they do not amount to an armed
attack)、国、重要インフラ等に対する安全保障上の懸念を生じさせる重大な
サイバー攻撃のおそれがある場合
• 目的
• これを未然に排除し(eliminating in advance the possibility of serious
cyberattacks)/または
• このようなサイバー攻撃が発生した場合の被害の拡大を防止するために(preventing
the spread of damage in case of such attack)
• 能動的サイバー防御(active cyber defense)を導入
27. 能動的サイバー防御(active cyber defense)の概念
• 以下の概念(とくに(ウ))と自衛隊のサイバーオペレーションと
の関係?
• (ア)(日本は、)重要インフラ分野を含め、民間事業者等がサイバー
攻撃を受けた場合等の政府への情報共有や、政府から民間事業者等へ
の対処調整、支援等の取組を強化するなどの取組を進める。
• (イ) (日本は、)国内の通信事業者が役務提供する通信に係る情報
(information on communications services provided by domestic
telecommunications providers.)を活用し、攻撃者による悪用が疑わ
れるサーバ等を検知(detect servers and others suspected of being
abused by attackers)するために、所要の取組を進める。
• (ウ) 国、重要インフラ等に対する安全保障上の懸念を生じさせる重大な
サイバー攻撃について、可能な限り未然に攻撃者のサーバ等への侵
入・無害化(penetrate and neutralize attacker's servers and
others )ができるよう、政府に対し必要な権限が付与されるようにす
る。
デニング論文の系列 ?
攻撃者への影響を必要としない/
日本的な「通信の秘密」問題が記載されている
28. (イ)悪用が疑われるサーバ等を検知
• (日本は)国内の通信事業者が役務提供する通信に係る情報
(information on communications services provided by
domestic telecommunications providers.)を活用
• (高橋コメント)
1. これは、(武力攻撃に至る場合、いたらない場合とも(even if
they do not amount to an armed attack))どのような仕組みを
準備しようというのか
2. ISPがトラフィックの状況を分析するのは、当然だろう。そして、
それが、通信秩序を侵害する場合に対応するのは当然/国家と共
有できるのは当然だろう-憲法違反という学者/メディアはでる
だろう。
3. 海外の事業者の取扱中にかかる通信についても検知できるはず-
それが除かれているのはなぜか?
目立つだろうからね