Explorations in
Cyber International Relations (ECIR)
Dialectics of Cyber International Relations
and Cyber Defense:
Towards a Strategic Research Program
John C. Mallery (jcma@mit.edu)
Computer Science & Artificial Intelligence Laboratory
Massachusetts Institute of Technology
Presentation at the ECIR Workshop on Cyber International Relations: Emergent Realities
of Conflict and Cooperation, MIT, Cambridge, October 14, 2010.
Explorations in Cyber International Relations
OSD Minerva Research Project at Harvard & MIT
Overview








Activities Under ECIR
Strategic IR Research Program
Cyber Defense Strategy
Meta-power As IR Leverage Criteria
High-leverage Research Areas
Dialectics
Computational Politics
Selected Leverage Vignettes
Explorations in Cyber International Relations
2
OSD Minerva Research Project at Harvard & MIT
Activities Under ECIR

Stanley Cyber Monitoring & Analysis System



Cross-organization Cyber Data Study




5 themes: international interactions, crime,
economics, defensive coordination, long-term
transformations
Recommendations for cyber data collection
Over a dozen organizations
Cyber Defense Strategy



5 document streams
Over 4k documents
Work factor concept
Technology strategy
Today: Linking IR to Cyber Defense
Explorations in Cyber International Relations
3
OSD Minerva Research Project at Harvard & MIT
Strategic Research Program

How can we prioritize research on cyber
international relations to focus on the
highest leverage problems?



Exhaustive enumeration is slow
Recycling pre-existing disciplinary concepts
may lack relevance or leverage
Approach
Link to cyber defense strategy
Identify cyber fueled processes that drive
strategy-relevant reallocations power,
wealth, knowledge, cultural attractiveness,
welfare
 Elucidate those processes


Explorations in Cyber International Relations
4
OSD Minerva Research Project at Harvard & MIT
What is cyberspace?

Interdependent network of information
technology infrastructures (NSPD54/HSPD23)







Virtual environment of information and
interactions between people (NSPD54/HSPD23)
US Military:




Internet
Telecommunications networks
Computer systems
Embedded processors
Controllers in critical industries
Electro-magnetic spectrum
Information operations
C4ISR, space
Supply chains for IT

Computers, networks, software, crypto, id mgt., etc.
Explorations in Cyber International Relations
5
OSD Minerva Research Project at Harvard & MIT
Big Elephant:
High Cognitive Difficulty
Due Vast Cross-Cuts

Cyber insecurity has manifestations across the range of human
activities where there is value




Technological basis of crisis is difficult to apprehend




Cyber spans most traditional policy domains
Received legal concepts and categories are blurred
Best organizational modes unclear
Responses often reflect disjointed incrementalism



Current COTs failures
40 years of traditional computer security
Future: transformational computing & networking
Policy and legal responses are difficult




Business
Defense
Society
Analytical reductions based on received disciplinary lenses
(analogies)
Proposed solutions based on repurposed concepts
Creation of integrative frameworks) is essential

Enables cumulation across disciplines and knowledge areas
Explorations in Cyber International Relations
6
OSD Minerva Research Project at Harvard & MIT
DoD Cyber Strategy

William J. Lynn, Deputy Secretary, DoD




Vast vulnerabilities & critical reliance




Foreign Affairs, August, 2010
NATO, September, 15
CFR, September 30
Military/Intel
Critical infrastructure
Private sector
Five pillars
1
2
3
4
5
Domain of warfare
Active & timely defense
Protection of critical infrastructure
Collective defense with allies
Technological leverage
Explorations in Cyber International Relations
7
OSD Minerva Research Project at Harvard & MIT
Strategic Approach
Transform US cyber-infrastructures to:
 Resist attacks and continue to function under adversity
 Enhance confidence in computation and communications
 Enable rapid adoption of new technological advances
 Strength competiveness via improved agility, effectiveness, and learning

Vision




Integrative Framework





Effective application of resources
Coordinated division of labor
Common language
Dynamic refinement
Objectives




Trustworthy systems and resilient society
Articulation of roles and responsibilities
Alignment of guiding images
Prioritized
Risk adjusted
Time horizons
Implementing strategies


High leverage
Synergistic moves
Explorations in Cyber International Relations
8
OSD Minerva Research Project at Harvard & MIT
Defensive Complexity Analysis

Response to cyber asymmetries requires high leverage solutions



Security meta-metrics focus on difficulty of attacker or defender tasks




Application to the entire attack value cycle (financial, political-military)
Time frames: Short-term (0-2 yrs), medium-term (2-5 yrs), long-term (5-10 yrs)
Work factor (WF) is the difficulty of executing tasks
Analogous to computational difficulty in cryptography
Extends beyond the technical designs to domain embeddings (cyber operations research)
Dimensions of work factors
 Resources
 Computational complexity (mathematical leverage)
 Cost (often related to complexity)
 Expertise and Knowledge (technical specialties, domain knowledge)

Planning, execution and information management
 Cognitive difficulty (model as formulation of non-linear plans and counter plans)
 Learning difficulty (reversing obfuscation, devising new tactics or approaches)
 Organizational effectiveness/dysfunction (integration, learning, structure,
psychology)

Risk
 Uncertainty (confidence, incomplete information)
 Culture (risk acceptance or aversion)
 Information differential gain/loss (innovation, leakage by insider, espionage,
diffusion)

Make technical or policy moves that cumulatively


Impose hard problems on attackers (prefer geometric impact)
Facilitate coordinated defense (eliminate multipliers)
Explorations in Cyber International Relations
9
OSD Minerva Research Project at Harvard & MIT
Defensive Strategy Decomposition:
Planes of Action

Leadership organization




Policy community
Technology visionaries
Domain architects






IT capital goods industry
Telecommunications
operators
Identity management &
crypto sectors
Standards bodies and
certification/accreditation
authorities




Military & intelligence
systems
Government systems
Defense industrial base
Explorations in Cyber International Relations
Allies
Trading partners
Regional or issue groups
Global
International competition



10
Critical infrastructure
Research and education
infrastructure
Supply chain
Major enterprise
Smaller enterprise
Consumer
International cooperation




Public sector domains

Private sector domains


Cyber technology base




Mutual understandings
Declaratory policies
Norms
OSD Minerva Research Project at Harvard & MIT
Solutions vs. Mitigations

Solution Domains (10-30 years)






Science, technology, engineering
R&D infrastructure
Human capital
IT capital goods industrial organization
Critical infrastructures
Threat mitigation domains





Information assurance management
International cyber crime law enforcement
Cooperative engagement (like minded)
International norms (agreements 10+ yrs)
Deterrence (cross domain responses)
Explorations in Cyber International Relations
11
OSD Minerva Research Project at Harvard & MIT
Meta-power (BBB) As
Leverage Framework

Power: Set of action possibilities and payoffs
for actors within an interaction framework

Meta-power: Action possibilities that change
the distribution of power resources among
actors (Deutsch: Nth order power)

Strategic Competition: Contention over metapower resources

Leverage: Impact of cyber-fueled international
processes on national strategies
Explorations in Cyber International Relations
12
OSD Minerva Research Project at Harvard & MIT
High-leverage Research Areas

Information Diffusion


Globalization


Modeling, mechanism design, precedent reasoning, game theory,
grammars of action
Cultural interpenetration


Race for more effective organizations as a basis for national
advantage
Computational support for cyber decision-making and
understanding


National location of key industries (and spread effects) more difficult
Cyber-enabled organizational learning => higher adaptive
capacities


Economic strategy based on knowledge activities becomes
problematic
Global digital ecumene -> clash of civilizations or transcendence?
Empowerment of small groups

Ability of “terrorists” to organize and cause trouble
Explorations in Cyber International Relations
13
OSD Minerva Research Project at Harvard & MIT
Dialectics

Information assurance is slippery with
many potentially self-defeating moves
Centralization -> aggregation of threat
Standardization -> low diversity -> scale
economies of attack
 Conservation of threat -> attacks move to
weaker surfaces



Two definitions of dialectics:


Process and complement process
Action and reaction
Explorations in Cyber International Relations
14
OSD Minerva Research Project at Harvard & MIT
Examples of Cyber Dialectics

Ready access to S&T knowledge



Empowers global business operations (e.g., IT sector)



Critical mass to articulate knowledge interests
Critical mass to organize insurgencies or nihilistic actions
Informationalized militaries (e.g., GIG)



More efficient resource utilization
More conflict over loci of production
Virtual concentration of dispersed groups



Faster research cycle within countries
Unprecedented rates of global knowledge diffusion
Global power projection (Gulf War 1 forward)
Asymmetric power projection (cyber war)
More effective bureaucracy


Improved domestic operations, law enforcement, transparency
Reduced autonomy of the state (via network
interpenetration, higher scrutiny)
Explorations in Cyber International Relations
15
OSD Minerva Research Project at Harvard & MIT
Computational Theories of
Politics and IR

Karl Deutsch



Hayward Alker






AI and political science (search paradigm)
Computational search in organizations (“bounded rationality”)
Lloyd Etheredge


Mathematical politics (limits – degrees of freedom, structural
change)
Systems dynamics (limits – structural transformation)
Generative grammars (limits – descriptive)
AI and text-interpretive theories of IR (learning, meaning)
Dialectics of world order
Herbert Simon



Political cybernetics and systems dynamics
Integration theory
Government learning (1985) (psychology and structure)
John Mallery


Computational politics (1988)
Application of computational models of cognition to IR
Explorations in Cyber International Relations
16
OSD Minerva Research Project at Harvard & MIT
CyberSocial Systems

Networking and computation spread
ubiquitously 1992-2010


Now:



Computers provide cognitive prosthetics
Networks link human-computer cognitive systems
Speed -> gain in systems




Cyberphysical systems
Faster rates of interaction
Global immediacy
Co-evolution and interpenetration of cyber systems
and biological cognition
Computational analytical frameworks needed

Individual => social network => organization
Explorations in Cyber International Relations
17
OSD Minerva Research Project at Harvard & MIT
Digital Noosphere
(Tailard Desjardins)

Collective knowledge of humanity


Culture becomes digital


Expectation of increasing cultural gain
Organizational adaptation requires increased
rates of learning




Under active assembly on the Web today
Faster interactions (digital diplomacy)
More information marshaled
Better knowledge: Conflict vs. homogenization
Major challenge of modernity



Networked global ecumene
Opportunities for broader international integration
Clash of cultures: West, Islam, South Asia, East
Asia
Explorations in Cyber International Relations
18
OSD Minerva Research Project at Harvard & MIT
Globalization
(World System Analysis)

Reinforces and extends ability of transnational
firms to coordinate global production



New Neo-mercantilism (world order threat)




Increases centripal impact on loci of production
Reduces state sovereignty, but some states can
influence firms’ locational calculi (e.g., China)
Competition for future industries
Lock-in of raw materials and new markets (e.g.,
Africa)
“Currency wars”
Refocus on developmental economics




“Conditioned development” (Cardoso)
“Spread effects” (Myrdal), “staple theory” (Innis)
Industrial policy helps understand emerging powers
Necessary strategy for national economic renewal
Explorations in Cyber International Relations
19
OSD Minerva Research Project at Harvard & MIT
Strategic Research Program

How can we prioritize research on cyber
international relations to focus on the
highest leverage problems?



Exhaustive enumeration is slow
Recycling pre-existing disciplinary concepts
may lack relevance or leverage
Approach
Link to cyber defense strategy
Identify cyber fueled processes that drive
strategy-relevant reallocations power,
wealth, knowledge, cultural attractiveness,
welfare
 Elucidate those processes


Explorations in Cyber International Relations
20
OSD Minerva Research Project at Harvard & MIT