National Security Law Commons^™

Environmental War, Climate Security, And The Russia-Ukraine Crisis, Mark P. Nevitt

Faculty Articles

This Article addresses the Russia-Ukraine conflict’s broad implications for energy security, climate security, and environment protections during wartime. I assert that in the short-term the Russian-Ukraine war is poised to hinder much-needed international climate progress. It will stymie international decarbonization efforts and cause greater uncertainty in other climate-destabilized parts of the world, such as the Arctic. While Russia has become a pariah in the eyes of the United States and other Western nations, it has forged new partnerships and capitalized on new, lucrative energy markets outside the West and Global South. But in the long term, the global renewable energy …

Drug Ideologies Of The United States, Macy Montgomery

Helm's School of Government Conference - American Revival: Citizenship & Virtue

The United States has been increasingly creating lenient drug policies. Seventeen states and Washington, the District of Columbia, legalized marijuana, and Oregon decriminalized certain drugs, including methamphetamine, heroin, and cocaine. The medical community has proven that drugs, including marijuana, have myriad adverse health side effects. This leads to two questions: Why does the United States government continue to create lenient drug policies, and what reasons do citizens give for legalizing drugs when the medical community has proven them harmful? The paper hypothesizes that the disadvantages of drug legalization outweigh its benefits because of the numerous harms it causes, such as …

What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer

Military Cyber Affairs

On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.

Climate Change And The Law Of National Security Adaptation, Mark P. Nevitt

Faculty Articles

The Department of Defense (DoD) is the largest employer in the world, owns and operates an enormous global real estate portfolio, and emits more Greenhouse Gases (GHGs) than many nations. Entrusted with the national security, the DoD is now threatened by a new enemy—climate change. Climate change imperils national security infrastructure while undermining the military’s capacity to respond to climate-driven disasters at home and abroad. However, legal scholarship has yet to address what I call “the law of national security adaptation” and related questions. For example, how do environmental and climate change laws apply to the U.S. military? What laws …

Climate Security Insights From The Covid-19 Response, Mark P. Nevitt

Faculty Articles

The climate change crisis and COVID-19 crisis are both complex collective action problems. Neither the coronavirus nor greenhouse gas (GHG) emissions respect political borders. Both impose an opportunity cost that penalizes inaction. They are also increasingly understood as nontraditional, novel security threats. Indeed, COVID-19’s human cost is staggering, with American lives lost vastly exceeding those lost in recent armed conflicts. And climate change is both a threat accelerant and a catalyst for conflict—a characterization reinforced in several climate-security reports. To counter COVID-19, the President embraced martial language, stating that he will employ a “wartime footing” to “defeat the virus.” Perhaps …

Climate Change And The Specter Of Statelessness, Mark P. Nevitt

Faculty Articles

What happens when climate change extinguishes entire nations? Neither international nor environmental law has provided a satisfactory answer to this weighty question. Climate change-induced flooding, storm surge, and sea level rise threaten the territorial integrity and habitability of several small island developing states, raising the specter of statelessness. We know that climate catastrophe is coming, but we have failed to take the necessary steps to safeguard several developing nations. This Article argues that innovative legal and policy solutions are needed today to prevent nation extinction tomorrow. I focus on two potential international governance solutions: the U.N. Framework Convention on Climate …

Anatomy Of An Internet Hijack And Interception Attack: A Global And Educational Perspective, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk

Annual ADFSL Conference on Digital Forensics, Security and Law

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security …

A Low-Cost Machine Learning Based Network Intrusion Detection System With Data Privacy Preservation, Jyoti Fakirah, Lauhim Mahfuz Zishan, Roshni Mooruth, Michael L. Johnstone, Wencheng Yang

Annual ADFSL Conference on Digital Forensics, Security and Law

Network intrusion is a well-studied area of cyber security. Current machine learning-based network intrusion detection systems (NIDSs) monitor network data and the patterns within those data but at the cost of presenting significant issues in terms of privacy violations which may threaten end-user privacy. Therefore, to mitigate risk and preserve a balance between security and privacy, it is imperative to protect user privacy with respect to intrusion data. Moreover, cost is a driver of a machine learning-based NIDS because such systems are increasingly being deployed on resource-limited edge devices. To solve these issues, in this paper we propose a NIDS …

Detection Of Overlapping Passive Manipulation Techniques In Image Forensics, Gianna S. Lint, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

With a growing number of images uploaded daily to social media sites, it is essential to understand if an image can be used to trace its origin. Forensic investigations are focusing on analyzing images that are uploaded to social media sites resulting in an emphasis on building and validating tools. There has been a strong focus on understanding active manipulation or tampering techniques and building tools for analysis. However, research on manipulation is often studied in a vacuum, involving only one technique at a time. Additionally, less focus has been placed on passive manipulation, which can occur by simply uploading …

Human-Controlled Fuzzing With Afl, Maxim Grishin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Fuzzing techniques are applied to reveal different types of bugs and vulnerabilities. American Fuzzy Lop (AFL) is a free most popular software fuzzer used by many other fuzzing frameworks. AFL supports autonomous mode of operation that uses the previous step output into the next step, as a result fuzzer spends a lot of time analyzing minor code sections. By making fuzzing process more focused and human controlled security expert can save time and find more bugs in less time. We designed a new module that can fuzz only the specified functions. As a result, the chosen ones will be inspected …

The Amorphous Nature Of Hackers: An Exploratory Study, Kento Yasuhara, Daniel Walnycky, Ibrahim Baggili, Ahmed Alhishwan

Annual ADFSL Conference on Digital Forensics, Security and Law

In this work, we aim to better understand outsider perspectives of the hacker community through a series of situation based survey questions. By doing this, we hope to gain insight into the overall reputation of hackers from participants in a wide range of technical and non-technical backgrounds. This is important to digital forensics since convicted hackers will be tried by people, each with their own perception of who hackers are. Do cyber crimes and national security issues negatively affect people’s perceptions of hackers? Does hacktivism and information warfare positively affect people’s perception of hackers? Do individual personality factors affect one’s …

Smart Home Forensics: Identifying Ddos Attack Patterns On Iot Devices, Samuel Ho, Hope Greeson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smart homes are becoming more common as more people integrate IoT devices into their home environment. As such, these devices have access to personal data on their homeowners’ networks. One of the advantages of IoT devices is that they are compact. However, this limits the incorporation of security measures in their hardware. Misconfigured IoT devices are commonly the target of malicious attacks. Additionally, distributed denial-of-service attacks are becoming more common due to applications and software that provides users with easy-to-use user interfaces. Since one vulnerable device is all an attacker needs to launch an attack on a network, in regards …

Digital Forensics For Mobility As A Service Platform: Analysis Of Uber Application On Iphone And Cloud, Nina Matulis, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Uber is a ride-hailing smartphone application (app) that allows users to order a ride in a highly efficient manner. The Uber app provides Mobility as a Service and allows users to easily order a ride in a private car with just a few clicks. Uber stores large amounts of data on both the mobile device the app is being used on, and in the cloud. Examples of this data include geolocation data, date/time, origin/destination addresses, departure/arrival times, and distance. Uber geolocation data has been previously researched to investigate the privacy of the Uber app; however, there is minimal research relating …

Can Environmental Law Solve The "Forever Chemical" Problem?, Mark P. Nevitt, Robert V. Percival

Faculty Articles

Although federal environmental law purports to provide the public with comprehensive protection against chemical risks, the U.S. chemical industry is characterized by self­ regulation. This self-regulation is exemplified by the dangers posed by per- and polyfluoroalkyl substances (''PFAS'')­ broad classes of persistent toxic substances that have now entered nearly every American's bloodstream and hundreds of public drinking water systems. Despite data linking exposure to these "forever chemicals" to cancer, infertility, and a host of other public health harms, environmental law has failed to safeguard the American people from PFAS' toxic legacy. How did this occur? And what should be done …

Microsoft Defender Will Be Defended: Memoryranger Prevents Blinding Windows Av, Denis Pogonin, Igor Korkin, Phd

Annual ADFSL Conference on Digital Forensics, Security and Law

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default Windows AV. The analysis of recent driver-based attacks will be given, the challenge is to block them. The survey of user- and kernel-level attacks on Microsoft Defender will be given. One of the recently published attackers’ techniques abuses Mandatory Integrity Control (MIC) and Security Reference Monitor (SRM) by modifying Integrity Level and Debug Privileges for the Microsoft Defender via syscalls. …

A Lightweight Reliably Quantified Deepfake Detection Approach, Tianyi Wang, Kam Pui Chow

Annual ADFSL Conference on Digital Forensics, Security and Law

Deepfake has brought huge threats to society such that everyone can become a potential victim. Current Deepfake detection approaches have unsatisfactory performance in either accuracy or efficiency. Meanwhile, most models are only evaluated on different benchmark test datasets with different accuracies, which could not imitate the real-life Deepfake unknown population. As Deepfake cases have already been raised and brought challenges at the court, it is disappointed that no existing work has studied the model reliability and attempted to make the detection model act as the evidence at the court. We propose a lightweight Deepfake detection deep learning approach using the …

Timestamp Estimation From Outdoor Scenes, Tawfiq Salem, Jisoo Hwang, Rafael Padilha

Annual ADFSL Conference on Digital Forensics, Security and Law

The increasing availability of smartphones allowed people to easily capture and share images on the internet. These images are often associated with metadata, including the image capture time (timestamp) and the location where the image was captured (geolocation). The metadata associated with images provides valuable information to better understand scenes and events presented in these images. The timestamp can be manipulated intentionally to provide false information to convey a twisted version of reality. Images with manipulated timestamps are often used as a cover-up for wrongdoing or broadcasting false claims and competing views on the internet. Estimating the time of capture …

Deep Fakes: The Algorithms That Create And Detect Them And The National Security Risks They Pose, Nick Dunard

James Madison Undergraduate Research Journal (JMURJ)

The dissemination of deep fakes for nefarious purposes poses significant national security risks to the United States, requiring an urgent development of technologies to detect their use and strategies to mitigate their effects. Deep fakes are images and videos created by or with the assistance of AI algorithms in which a person’s likeness, actions, or words have been replaced by someone else’s to deceive an audience. Often created with the help of generative adversarial networks, deep fakes can be used to blackmail, harass, exploit, and intimidate individuals and businesses; in large-scale disinformation campaigns, they can incite political tensions around the …

On Environmental, Climate Change & National Security Law, Mark P. Nevitt

All Faculty Scholarship

This Article offers a new way to think about climate change. Two new climate change assessments — the 2018 Fourth National Climate Assessment (NCA) and the United Nations Intergovernmental Panel’s Special Report on Climate Change — prominently highlight climate change’s multifaceted national security risks. Indeed, not only is climate change a “super wicked” environmental problem, it also accelerates existing national security threats, acting as both a “threat accelerant” and “catalyst for conflict.” Further, climate change increases the intensity and frequency of extreme weather events while threatening nations’ territorial integrity and sovereignty through rising sea levels. It causes both internal displacement …

Literature Review: How U.S. Government Documents Are Addressing The Increasing National Security Implications Of Artificial Intelligence, Bert Chapman

Libraries Faculty and Staff Scholarship and Research

This article emphasizes the increasing importance of artificial intelligence (AI) in military and national security policy making. It seeks to inform interested individuals about the proliferation of publicly accessible U.S. government and military literature on this multifaceted topic. An additional objective of this endeavor is encouraging greater public awareness of and participation in emerging public policy debate on AI's moral and national security implications..

Congressional Committee Resources On Space Policy During The 115th Congress (2017-2018): Providing Context And Insight Into Us Government Space Policy, Bert Chapman

Libraries Faculty and Staff Presentations

Article 1 of the US Constitution assigns the US Congress numerous responsibilities. These include creating new laws, revising existing laws, funding government programs, and conducting oversight of these programs' performance. Oversight of US Government agency space policy programs is executed by various congressional space policy committees including the House and Senate Science Committees, Armed Services, and Appropriations Committees. These committees conduct many public hearings on space policy, which invite expert witnesses to testify on US space policy programs and feature debate on the strengths and weaknesses of these programs. Documentation produced by these committees is widely available to the public, …

On Environmental Law, Climate Change, And National Security Law, Mark P. Nevitt

Faculty Articles

This Article offers a new way to think about climate change. Two new climate change assessments—the 2018 Fourth National Climate Assessment (“NCA”) and the United Nations Intergovernmental Panel on Climate Change’s Special Report on Climate Change— prominently highlight climate change’s multifaceted national security risks. Indeed, not only is climate change an environmental problem, it also accelerates existing national security threats, acting as both a “threat accelerant” and “catalyst for conflict.” Further, climate change increases the intensity and frequency of extreme weather events while threatening nations’ territorial integrity and sovereignty through rising sea levels. It causes both internal displacement within nations …

Hacking For Intelligence Collection In The Fight Against Terrorism: Israeli, Comparative, And International Perspectives, Asaf Lubin

Articles by Maurer Faculty

תקציר בעברית: הניסיון של המחוקק הישראלי להביא להסדרה מפורשת של סמכויות השב״כ במרחב הקיברנטי משקף מגמה רחבה יותר הניכרת בעולם לעיגון בחקיקה ראשית של הוראות בדבר פעולות פצחנות מצד גופי ביון ומודיעין ורשויות אכיפת חוק למטרות איסוף מודיעין לשם סיכול עבירות חמורות, ובייחוד עבירות טרור אם בעבר היו פעולות מסוג אלה כפופות לנהלים פנימיים ומסווגים, הרי שהדרישה לשקיפות בעידן שלאחר גילויי אדוארד סנודן מחד והשימוש הנרחב בתקיפות מחשב לביצוע פעולות חיפוש וחקירה לסיכול טרור מאידך, מציפים כעת את הדרישה להסמכה מפורשת. במאמר זה אבקש למפות הן את השדה הטכנולוגי והן את השדה המשפטי בכל האמור בתקיפות מחשבים למטרות ריגול ומעקב. …

Forensic Analysis Of Spy Applications In Android Devices, Shinelle Hutchinson, Umit Karabiyik

Annual ADFSL Conference on Digital Forensics, Security and Law

Smartphones with Google's Android operating system are becoming more and more popular each year, and with this increased user base, comes increased opportunities to collect more of these users' private data. There have been several instances of malware being made available via the Google Play Store, which is one of the predominant means for users to download applications. One effective way of collecting users' private data is by using Android Spyware. In this paper, we conduct a forensic analysis of a malicious Android spyware application and present our findings. We also highlight what information the application accesses and what it …

Recommended Corrective Security Measures To Address The Weaknesses Identified Within The Shapash Nuclear Research Institute, Khadija Moussaid, Oum Keltoum Hakam

International Journal of Nuclear Security

The Shapash Nuclear Research Institute (SNRI) data book was issued by the International Atomic Energy Agency (IAEA) in 2013. The hypothetical facility data book describes the hypothetical site, which is divided into two areas: the low-security area, known as the administrative area, and the very high-security area, known as the protected area. The book contains detailed descriptions of each area’s safety and security measures, along with figures of multiple buildings in both areas, and also includes information about the site’s computer networks.

This paper aims to identify security weaknesses related to the institute’s location, the Administrative Area (AA), the Protected …

Contents, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

Front Matter, Adfsl

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.

A Survey Of Lawyers’ Cyber Security Practises In Western Australia, Craig Valli, Mike Johnstone, Rochelle Fleming

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper reports on the results of a survey that is the initial phase of an action research project being conducted with the Law Society of Western Australia. The online survey forms a baseline for the expression of a targeted training regime aimed at improving the cyber security awareness and posture of the membership of the Society. The full complement of over 3000 members were given the opportunity to participate in the survey, with 122 members responding in this initial round. The survey was designed to elicit responses about information technology use and the awareness of good practices with respect …

Analysis Of Data Erasure Capability On Sshd Drives For Data Recovery, Andrew Blyth

Annual ADFSL Conference on Digital Forensics, Security and Law

Data Protection and Computer Forensics/Anti-Forensics has now become a critical area of concern for organizations. A key element to this is how data is sanitized at end of life. In this paper we explore Hybrid Solid State Hybrid Drives (SSHD) and the impact that various Computer Forensics and Data Recovery techniques have when performing data erasure upon a SSHD.

Knowledge Expiration In Security Awareness Training, Tianjian Zhang

Annual ADFSL Conference on Digital Forensics, Security and Law

No abstract provided.