Skip to main content
SpringerLink
Log in
Book cover

International Conference on Critical Information Infrastructures Security

CRITIS 2021: Critical Information Infrastructures Security pp 186–203Cite as

Studying Neutrality in Cyber-Space: a Comparative Geographical Analysis of Honeypot Responses

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13139))

Abstract

Neutrality has long played a central role in the political and strategic stances of many small states. The impact of neutrality on matters of national security and sovereignty have thus been subject to significant academic interest. With the recent emergence of cyber as a fifth dimension of interstate competition, the impact of permanent state neutrality in this domain has not yet been well characterized.

We examine the reality of this concept using countries with a long-standing history and tradition of neutrality in matters of warfare and foreign policy. A theoretical analysis of the complexities of neutrality and cyber-crime is used to motivate a novel data-driven experimental assessment of real-world outcomes for neutral states.

This experimental study leverages low-interaction honeypots distributed across 13 countries. Delving into more than 1.5 billion network sessions made from these honeypots over an 80-day period reveals more than one million malicious attacks originating from information systems in 177 different countries. Through statistical analysis of these attacks, we find little evidence that low-sophistication adversaries target their attacks with consideration of victim location or state neutrality. Beyond the immediate implications of these findings, we believe the method presented in this paper represents a unique data-driven approach to comparative international study of cyber-neutrality and the global dynamics of cyber-security more broadly.

M. Strohmeier and J. Pavur—Both authors contributed equally to this work.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Agius, C., Devine, K.: ‘Neutrality: a really dead concept?’ A reprise. Coop. Conflict 46(3), 265–284 (2011)

    Article  Google Scholar 

  2. Arkime: Arkime, April 2021. https://github.com/arkime/arkime

  3. Bothe, M.: Neutrality, concept and general rules. Max Planck Encyclopedia of Public International Law (2011). http://opil.ouplaw.com/view/10.1093/law: epil/9780199231690/law-9780199231690-e349

  4. Bradley, S.: Swiss back extradition with assurances. Swissinfo, January 2008. https://www.swissinfo.ch/eng/swiss-back-extradition-with-assurances/6376598

  5. Brantly, A.F.: The cyber deterrence problem. In: 2018 10th International Conference on Cyber Conflict (CyCon), pp. 31–54. IEEE (2018)

    Google Scholar 

  6. Dalsjö, R.: 5 Sweden and its deterrence deficit. In: Deterring Russia in Europe: Defence Strategies for Neighbouring States, p. 2010 (2018)

    Google Scholar 

  7. Federal Department of Defence, Civil Protection and Sport: Strategie cyber VBS (2021). https://www.vbs.admin.ch/de/verteidigung/schutz-vor-cyber-angriffen.html

  8. Dobler, M.: Interpellation 18.3335: cyberespace et droit international, March 2019. https://www.parlament.ch/en/ratsbetrieb/suche-curia-vista/geschaeft?AffairId=20183335

  9. Open Information Security Foundation: Suricata, April 2021. https://suricata-ids.org

  10. Glaus, D., Vidino, L.: Swiss foreign fighters active in Syria. CTC Sentinel 7(7), 8–11 (2014)

    Google Scholar 

  11. Green, T.: Tgreen/hunting ruleset, April 2021. https://github.com/travisbgreen/hunting-rules

  12. Guo, Y., Woo, J.J.: Singapore and Switzerland: Secrets to Small State Success. World Scientific, Singapore (2016)

    Book  Google Scholar 

  13. Halford, M.: Prince, April 2021. https://github.com/MaxHalford/prince

  14. Healey, J.: When “not my problem” isn’t enough: political neutrality and national responsibility in cyber conflict. In: 2012 4th International Conference on Cyber Conflict (CYCON 2012), pp. 1–13. IEEE (2012)

    Google Scholar 

  15. Inkster, N.: The Huawei affair and China’s technology ambitions. Survival 61(1), 105–111 (2019)

    Article  Google Scholar 

  16. Jensen, E.T.: Sovereignty and neutrality in cyber conflict. Fordham Int. Law J. 35, 815 (2011)

    Google Scholar 

  17. Jesse, N.G.: Choosing to go it alone: Irish neutrality in theoretical and comparative perspective. Int. Polit. Sci. Rev. 27(1), 7–28 (2006)

    Article  Google Scholar 

  18. Kaat, C.: Mr. cyber sagt, warum die schweiz mehr security-start-ups braucht. Netzwoche, October 2019. https://www.netzwoche.ch/storys/2019-10-14/mr-cyber-sagt-warum-die-schweiz-mehr-security-start-ups-braucht

  19. Kallberg, J.: A right to cybercounter strikes: the risks of legalizing hack backs. IT Prof. 17(1), 30–35 (2015)

    Article  Google Scholar 

  20. Karsh, E.: Neutrality and Small States. Routledge, London (2012)

    Book  Google Scholar 

  21. Kesan, J.P., Hayes, C.M.: Mitigative counterstriking: self-defense and deterrence in cyberspace. Harv. J. Law Technol. 25, 429 (2011)

    Google Scholar 

  22. Krebs, B.: Is ‘REvil’ the New GandCrab Ransomware? July 2019. https://krebsonsecurity.com/2019/07/is-revil-the-new-gandcrab-ransomware/

  23. Krebs, B.: Try This One Weird Trick Russian Hackers Hate, May 2021. https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/

  24. Lloydd, M.: Retrieving neutrality law to consider ‘other’ foreign fighters under international law. In: European Society of International Law (ESIL) 2017 Research Forum (Granada) (2017)

    Google Scholar 

  25. McLaughlin, K.L.: Cyber attack! Is a counter attack warranted? Inf. Secur. J. Glob. Perspect. 20(1), 58–64 (2011)

    Article  Google Scholar 

  26. Nilsson, M., Wyss, M.: The armed neutrality paradox: Sweden and Switzerland in us cold war armaments policy. J. Contemp. Hist. 51(2), 335–363 (2016)

    Article  Google Scholar 

  27. Nünlist, C.: Neutrality for peace: Switzerland’s independent foreign policy. In: Engaged Neutrality: An Evolved Approach to the Cold War, pp. 161–187. Lexington Books (2017)

    Google Scholar 

  28. Nuspliger, N.: Die bedeutung von neutralität wandelt sich. Neue Zürcher Zeitung, February 2017. https://www.nzz.ch/schweiz/nato-generalsekretaer-stoltenberg-besucht-die-schweiz-die-bedeutung-von-neutralitaet-wandelt-sich-ld.148152?reduced=true

  29. Perloff-Giles, A.: Transnational cyber offenses: overcoming jurisdictional challenges. Yale J. Int. Law 43, 191 (2018)

    Google Scholar 

  30. PT Research: Suricata PT open ruleset, April 2021. https://github.com/ptresearch/AttackDetection

  31. Reuters: Ex-soldier is convicted of violating swiss neutrality by fighting ISIS. The New York Times, February 2019. https://www.nytimes.com/2019/02/24/world/europe/switzerland-soldier-isis.html

  32. Rickenbacher, F.: Der bund will eine deutlich aktivere rolle übernehmen. Netzwoche, October 2019. https://www.netzwoche.ch/news/2019-10-16/der-bund-will-eine-deutlich-aktivere-rolle-uebernehmen

  33. Ryan, N.: Five kinds of cyber deterrence. Philos. Technol. 31(3), 331–338 (2018)

    Article  Google Scholar 

  34. Schmitt, M.N.: Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. Cambridge University Press, Cambridge (2017)

    Book  Google Scholar 

  35. Sourial, N., et al.: Correspondence analysis is a useful tool to uncover the relationships among categorical variables. J. Clin. Epidemiol. 63(6), 638–646 (2010)

    Article  Google Scholar 

  36. Stolz, M.: On neutrality and cyber defence. In: European Conference on Cyber Warfare and Security, pp. 484–XIX. Academic Conferences International Limited (2019)

    Google Scholar 

  37. Suter, A.: Neutralität. praxis, prinzip und geschichtsbewusstsein. In: Hettling, M., Schaffner, M., König, M., Suter, A., Jakob, T. (eds.) Eine kleine Geschichte der Schweiz. Suhrkamp, Berlin (1998)

    Google Scholar 

  38. Attorney General of Switzerland: Coordinated operation in a cybercrime case, July 2019. https://www.nytimes.com/2019/02/24/world/europe/switzerland-soldier-isis.html

  39. Federal Council of Switzerland: National strategy for the protection of Switzerland against cyber risks (NCS) 2018–2022 (2018). https://www.swissinfo.ch/eng/swiss-back-extradition-with-assurances/6376598

  40. Federal Council of Switzerland: Teilnahme der Schweiz am “cooperative cyber defence centre of excellence”, May 2019. https://www.admin.ch/gov/de/start/dokumentation/medienmitteilungen.msg-id-75145.html

  41. Proofpoint Inc.: Emerging threats open ruleset, April 2021. https://rules.emergingthreats.net/

  42. Turns, D.: Cyber war and the law of neutrality. In: Research Handbook on International Law and Cyberspace. Edward Elgar Publishing (2015)

    Google Scholar 

  43. Vidino, L.: Jihadist radicalization in Switzerland. Technical report, ETH Zurich (2013)

    Google Scholar 

  44. Wylie, N.: ‘The importance of being honest’: Switzerland, neutrality and the problems of intelligence collection and liaison. Intell. Natl. Secur. 21(5), 782–808 (2006)

    Article  Google Scholar 

Download references

Acknowledgments

The authors want to thank Dr. Luca Gambazzi for his invaluable support.

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of any agency of the Swiss government.

Author information

Authors and Affiliations

  1. Armasuisse Science + Technology, Thun, Switzerland

    Martin Strohmeier & Vincent Lenders

  2. Department of Computer Science, University of Oxford, Oxford, UK

    James Pavur & Ivan Martinovic

Authors
  1. Martin Strohmeier
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. James Pavur
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ivan Martinovic
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vincent Lenders
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Martin Strohmeier or James Pavur .

Editor information

Editors and Affiliations

  1. University of Geneva, Geneva, Switzerland

    Dimitri Percia David

  2. armasuisse Science and Technology S+T, Thun, Switzerland

    Alain Mermoud

  3. University of Geneva, Geneva, Switzerland

    Thomas Maillart

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Strohmeier, M., Pavur, J., Martinovic, I., Lenders, V. (2021). Studying Neutrality in Cyber-Space: a Comparative Geographical Analysis of Honeypot Responses. In: Percia David, D., Mermoud, A., Maillart, T. (eds) Critical Information Infrastructures Security. CRITIS 2021. Lecture Notes in Computer Science(), vol 13139. Springer, Cham. https://doi.org/10.1007/978-3-030-93200-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-93200-8_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-93199-5

  • Online ISBN: 978-3-030-93200-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation