Vulnerabilities – the world through the eyes of hackers by Or Weis.
The executive summary:
The Art of cyber-warfare has much in common with the art of war on the classic battlefield. To emerge victorious one must know oneself, the enemy and the battlefield.
Vulnerabilities are in the very essence of our reality and becoming even more fundamental in the world of cyber-security. Hackers or attackers see vulnerabilities all around them, knowing they are key to achieving their goals.
By understanding the key fundamentals of the attacker view, defenders can turn the tides of battle. Understanding the costs for mounting an attack, and the different stages of an attack, allow defendersto impose costs that can hinder or even thwart attacks from the get go; using principles like “The Great Wall” and “Weakest Link” detection.
Using a frequently updated ‘Common Operational Picture’ defenders can list their potential threats-understanding the likelihood, risk, and counter measures- enabling them to build and maintain powerful security profiles.
Doesn’t this echo The Art of War by Sun Tzu?
If so, then why isn’t The Art of War required reading in CS programs?
The paper itself has a militaristic/messianic tone to it so it make for fun reading. You can imagine yourself resisting the forces of darkness, etc.
Whatever motivates you to work towards greater software and network security works for me.
I first saw this in Nat Torkington’s Four short links: 17 March 2014.