CyCon 2024 “Over the Horizon” received over 200 abstracts relating to novel research and innovation in law, technology, operations, strategy, and policy. After a careful selection process in accordance with Institute of Electrical and Electronics Engineers (IEEE) standards, 20 papers were selected for inclusion in the CyCon 2024 Proceedings.
As we move past the COVID-19 pandemic, the world is no longer the same. While we could not have expected the world of 2024 to be the same as that of 2019 and early 2020, there have been some pivotal events. The Russia–Ukraine war continues, and there is fresh conflict in the Middle East. These events have led to a paradigm shift in the nature and trajectory of cyber conflict and its underlying considerations. Even as technological developments come at an ever-increasing pace, we are reaching a point where socio-economic and geopolitical change are also accelerating. Combined, this has the potential to cause sudden paradigm shifts in world order, participative democracy, and the structure and values of our societies and economies. This is why the Programme Committee chose ‘Over the Horizon’ as the theme for CyCon 2024.
It denotes the need not only to look at the forthcoming technological trends on the horizon but also to start forecasting beyond that horizon due to accelerating rates of change, and to examine the outcome of the potential interplay of science, technology, innovation, industry, law, socio-economic factors, and geopolitics. Even if predictions prove to be not completely accurate, such forecasting will help us prepare our societies and technologies for mitigating future challenges at an earlier structural stage and to maximize the exploitation of opportunities.
Network security is a focus area for the technology track, with Marc Wyss, Roland Meier, Llorenç Romá, Cyrill Krähenbühl, Adrian Perrig, and Vincent Lenders examining how to build secure wide-area networks over public internet service providers. Bruno Dzogovic and Silke Holtmanns explore securing 5G communication in joint operations by NATO partners. Pēteris Paikens and Krišjānis Nesenbergs offer insights into the resilience and vulnerabilities of consumer wireless devices to cyber attacks. Structured security analysis of complex systems is treated by Jelizaveta Vakarjuk, Nikita Snetkov, and Peeter Laud, who identify obstacles relating to post-quantum communication in e-Estonia. Erwin Orye, Gabor Visky, Alexander Rohl, and Olaf Maennel analyse the cyber components of sea drones and discuss ways to enhance their cyber resilience.
Several authors address the application of machine learning and artificial intelligence (AI) methods to solve cybersecurity problems. Yannick Merkli, Roland Meier, Martin Strohmeier, and Vincent Lenders examined how network flow classifiers could be defeated and improved through adversarial machine learning. Dan Bogdanov, Paula Etti, Liina Kamm, and Fedor Stomakhin studied how generalized blueprints can be the basis for an artificial intelligence system risk management methodology. Enhancing military cybersecurity using artificial-intelligence-driven Software Bill of Materials to detect firmware vulnerability and manage assets was examined by Max Beninger, Philippe Charland, Steven H. H. Ding, and Benjamin C. M. Fung.
The rapid evolution of emerging technologies such as artificial intelligence (AI) and autonomous weapons is also reshaping international law. The ongoing integration of AI into weapons systems has the potential to significantly impact decision-making and command responsibility in military operations. Legal, policy, and compliance issues regarding the use of AI for security are examined by Wei-Che Wang, while Kristy Chan and Joseph Khaw investigate the applicability of existing paradigms of international law and interpretation of customary international law to cyberspace. Jonathan Kwik analyses divergent interpretations of what constitutes an attack according to international humanitarian law (IHL) and how IHL could be applied to the use of autonomous weapons systems. Scott Sullivan and Iben Ricket discuss whether black-box models of AI can consider the nuances of IHL and what aspects policymakers should contemplate when constructing future norms.
The current conflict in Ukraine is and will be a key case study for many, including regarding the unsettled status of collective countermeasures under customary international law. Here, Jeff Kosseff examines the international legal framework for Hunt Forwards, while Lisandra Novo explores the legality of collective countermeasures in response to malicious cyber operations.
Outer space is an area of growing economic and technological importance. Keeping the peace in outer space has become paramount. Chris O’Meara discusses antisatellite weapons and jus ad bellum in the context of self-defence. The potential to harness space debris as a weapon is examined by Anna Blechovà, Jakub Harašta, and František Kasl.
Cyber operations can leverage various techniques to deliver effects, which could involve the use of personal data and influencing individuals’ perceptions and attitudes, or potentially both. The legal framework for military psychological operations in cyberspace and data protection in times of armed conflict should be considered. Anastasia Roberts and Adrian Venables apply a legal framework to military psychological operations in the digital battlespace. Tatjana Grote reflects on the rules governing post-occupation retention and the use of personal data collected by the
military.
In the strategy/policy track, two papers address key cross-cutting issues. Now that internet, software, and cybersecurity services have become domains of industry rather than government, Neil Ashdown writes about models of public–private cooperation in cyber threat intelligence. Joseph Jarnecki addresses the many models and lessons learned from civilian cooperation in rapid assistance to Ukraine which could be modified for future needs.
All articles published in these proceedings have been subject to a double-blind peer review.