syssec_red_book

2 IntroductionCyberspace penetration in our everyday lives has reached unprecedentedlevels. This has left us facing the challenge of understanding,monitoring, and mitigating the security and privacy implications ofthis wonderfully surprising and inspiringly interesting new medium. In thischapter we describe this challenge from four different points of view: (i) thenew threats that cyberspace has made possible, (ii) the assets that we care about,(iii) the domains that have risen, and (iv) the horizontal research directions whichneed to be supported.2.1 The Cybersecurity LandscapeThroughout this book we treat the notion of security along four dimensions:• Threats - Vulnerabilities. Vulnerabilities and threats are usually artifactsin the on-line world that the attackers may exploit in order to cause harmto their victims. For example, an attacker may exploit a buffer overflowin order to compromise a computer and use it to send SPAM. In thephysical world, threats/vulnerabilities could include an open windowin a house, an unlocked door, etc. Several threat definitions include theattackers themselves (such as in “insider threats” or in “advanced persistentthreats”) in the category of threats as well. We plan to use the sameapproach.• Assets. Assets are resources that entities (such as people and organizations)hold on to and value. Assets may include money, data, humanrights, etc. Cyberspace may impact the same assets as the physical world,but probably in entirely new ways. For example, although privacy hasbeen an asset in the physical world for several years, in cyberspace itmay take on a whole new spin, as (i) the data gathered, (ii) the entitiesgathering such data, and (iii) the potential uses of such gathered data areof unprecedented scale.• Domains. Attackers may stage their attack in a particular domain setting.For example, the domain of social networks could be used by attackers