Abstract
Scholarly literature about cyber weapons can be found in a number of sources, especially in college and university libraries. Articles published in the subject areas of computer science, engineering, export controls, law and military studies are also among the best sources of current analysis assuming they are peer-reviewed and substantiated with research sources. Patent applications, blog posts, and government documents may also provide researchers with valuable information about cyber weapons at various stages of the development and deployment processes. Bibliographies, whether analytic or enumerative, offer researchers a short cut to the relevant published material on the topic. This chapter presents an enumerative bibliography of sources with an overview of other methods useful in locating scholarly papers or updating the ones already found.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Books
Frequently Cited or Influential Books
Schmitt MN (ed) (2017) Tallinn manual 2.0 on the international law applicable to cyber operations. Cambridge University Press, Cambridge
Tallinn 2.0, “intended as an objective restatement of the lex lata,” (p.3) follows the influential 2013 Tallinn Manual on the International Law Applicable to Cyber Warfare. Both reflect international law experts’ opinions on the current international law governing cyber operations, so neither work advances policy or the politics of any nation. Tallinn 2.0 includes 154 “black letter” rules with commentary on each and goes beyond operations conducted as part of armed conflict to address operations more broadly
Schmitt MN (ed) (2013) Tallinn manual on the international law applicable to cyber warfare: prepared by the international group of experts at the invitation of the NATO Cooperative Cyber Defence Centre of Excellence. Cambridge University Press, Cambridge
“In 2009, the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), an international military organization based in Tallinn, Estonia, and accredited in 2008 by NATO as a ‘Centre of Excellence,’ invited an independent ‘International Group of Experts’ to produce a manual on the law governing cyber warfare” (p.1). While not an official document, the Tallinn Manual was an attempt by a group of these experts to identify and address all the legal issues both in offensive and defensive operations
Other Influential Books
Allhoff F, Henschke A, Strawser BJ (eds) (2016) Binary bullets: the ethics of cyberwarfare. Oxford University Press, New York
Boothby WH (2014) Conflict law: the influence of new weapons technology, human rights and emerging actors. T.M.C. Asser Press, The Hague
Carayannis EG, Campbell DFJ, Efthymiopoulos MP (eds) (2014) Cyber-development, cyber-democracy and cyber-defense: challenges, opportunities and implications for theory, policy and practice. Springer, New York
Floridi L, Taddeo M (2014) The ethics of informational warfare. Springer, Cham
Green JA (ed) (2015) Cyber warfare: a multidisciplinary analysis. Routledge, New York
Heckman KE et al (2015a) Cyber denial, deception and counter deception: a framework for supporting active cyber defense. Springer, Cham
Jajodia S et al (eds) (2015) Cyber warfare: building the scientific foundation. Springer, Cham
Lemieux F (ed) (2015) Current and emerging trends in cyber operations: policy, strategy, and practice. Palgrave Macmillan, New York
Loukas G (2015) Cyber-physical attacks: a growing invisible threat. Elsevier/Butterworth-Heinemann, Waltham
Maogoto JN (2015) Technology and the law on the use of force: new security challenges in the twenty first century. Routledge, New York
Mazanec BM (2015) The evolution of cyber war: international norms for emerging-technology weapons. Potomac Books, Lincoln
Ohlin JD, Govern K, Finkelstein CO (eds) (2015) Cyberwar: law and ethics for virtual conflicts. Oxford University Press, Oxford
O’Leary M (2015) Cyber operations: building, defending, and attacking modern computer networks. Apress, Berkeley
Poindexter DF (2015) The new cyberwar: technology and the redefinition of warfare. McFarland & Company, Jefferson
Richet J-L (ed) (2015) Cybersecurity policies and strategies for cyberwarfare prevention. Information Science Reference, Hershey
Singer PW, Friedman A (2014) Cybersecurity and cyberwar: what everyone needs to know. Oxford University Press, New York
Taddeo M, Glorioso L (2017) Ethics and policies for cyber operations: a NATO Cooperative Cyber Defence Centre of Excellence initiative. Springer, Cham
Valeriano B, Maness RC (2015) Cyber war versus cyber realities: cyber conflict in the international system. Oxford University Press, New York
Zetter K (2014) Countdown to zero day: Stuxnet and the launch of the world’s first digital weapon. Crown, New York
Law Review/Journal Articles
Frequently-Cited Articles
Brown GD, Metcalf AO (2014) Easier said than done: legal reviews of cyber weapons. J Natl Secur Law Policy 7(1):115–138. Written from the viewpoint of military attorneys responsible for giving concrete legal advice on cyber war to commanders, the authors claim that “treating all cyber techniques as weapons is impractical” (p.116). Instead, the article proposes the assessment of cyber events in context since most do not rise to the level of an armed attack
Blake D, Imburgia JS (2010) “Bloodless weapons”? The need to conduct legal reviews of certain capabilities and the implications of defining them as “weapons.”. Air Force Law Rev 66(1):157–204. Provides a relatively early, comprehensive overview of cyber weapon development’s legal considerations, pre-Tallinn Manual. Gives an overview of which legal regimes control in one’s analysis
Other Relevant Articles
Allan C (2015) Targeting cyber arms dealers who directly participate in hostilities. Southwest J Int Law 21(2):341–374
Anderson K (2016) Why the hurry to regulate autonomous weapon systems–but not cyber-weapons? Temple Int Comp Law J 30(1):17–42
Bradbury S (2011) The developing legal framework for defense and offensive cyber operations. Harv Natl Secur J 2(2):629–651
Brecher AP (2012) Note. Cyberattacks and the covert action statute: toward a domestic legal framework for offensive cyberoperations. Mich Law Rev 111(3):423–452
Cayón Peña J, Armando Garcia L (2014) The critical role of education in every cyber defense strategy. Northern Kentucky Law Rev 41(3):459–469
Chayes A (2015) Rethinking warfare: the ambiguity of cyber attacks. Harv Natl Secur J 6(2):474–519
Davis PK (2015) Deterrence, influence, cyber attack, and cyberwar. New York Univ J Int Law Polit 47(2):327–356
Gross ML (2015) Nonlethal weapons, noncombatant immunity, and the principle of participatory liability. Case Western Reserve J Int Law 47(1):201–216
Hakim M (2015) Defensive force against non-state actors: the state of play. Int Law Stud Ser US Naval War Coll 91:1–31
Harrington SL (2014) Cyber security active defense: playing with fire or sound risk management? Richmond J Law Technol 20(4):1–41
Harrison Dinniss HA (2015) The nature of objects: targeting networks and the challenge of defining cyber military objectives. Israel Law Rev 481(1):39–54
Henriksen A (2015) Lawful state responses to low-level cyber-attacks. Nordic J Int Law 84(2):323–352
Herr T, Rosenzweig P (2016) Cyber weapons and export control: incorporating dual use with the PrEP model. J Natl Secur Law Policy 8(2):301–320
Hiller J (2014) Civil cyberconflict: microsoft, cybercrime, and botnets. Santa Clara High Technol Law J 31(2):163–216
Hodgson G (2016) Cyber attack treaty verification. I/S: J Law Policy Infor Soc 12(2):231–260
Keen JF (2015) Conventional military force as a response to cyber capabilities: on sending packets and receiving missiles. Air Force Law Rev 73:111–150
Koh HH, Buchwald TF (2015) The crime of aggression: the United States perspective. Am J Int Law 109(2):257–295
Kovach CM (2014) Beyond Skynet: reconciling increased autonomy in computer-based weapons systems with the laws of war. Air Force Law Rev 71:231–278
Lilienthal G, Ahmad N (2015) Cyber-attack as inevitable kinetic war. Comput Law Secur Rev 31(3):390–400
Lin H (2010) Offensive cyber operations and the use of force. J Natl Secur Law Policy 4(1):63–86
Lowe TK (2015) Mapping the matrix: defining the balance between executive action and legislative regulation in the new battlefield of cyberspace. Scholar: St Mary’s Law Rev Race Soc Justice 17(1):63–94
McFarland T, McCormack T (2014) Mind the gap: can developers of autonomous weapons systems be liable for war crimes? Int Law Stud 90(1):361–385
McGhee J (2014) Hack, attack or whack; the politics of imprecision in cyber law. J Law Cyber Warf 4(1):13–41
McGee S, Sabett RV, Shah A (2013) Adequate attribution: a framework for developing a national policy for private sector use of active defense. J Bus Technol Law 8(1):1–48
Mele S (2014) Legal considerations on cyber-weapons and their definition. J Law Cyber Warf 3(1):52–69
Moore A (2015) Stuxnet and article 2(4)’s prohibition against the use of force: customary law and potential models. Naval Law Rev 64:1–26
O’Connell ME (2015) 21st century arms control challenges: drones, cyber weapons, killer robots, and WMDs. Glob Stud Law Rev 13(3):515–534
Richardson JC (2011) Stuxnet as cyberwarfare: applying the law of war to the virtual battlefield. John Marshall J Comput Infor Law 29(1):1–28
Richmond J (2011) Evolving battlefields: does Stuxnet demonstrate a need for modifications to the law of armed conflict? Fordham Int Law J 35(3):842–894
Schmitt MN (2015a) The law of cyber targeting. Naval War Coll Rev 68(2):11–29
Schmitt MN (2015b) The notion of ‘objects’ during cyber operations: a riposte in defence of interpretive and applicative precision. Israel Law Rev 48(1):81–109
Singer PW (2015) Stuxnet and its hidden lessons on the ethics of cyberweapons. Case Western Reserve J Int Law 47(1):79–86
Sullivan C (2016) The 2014 Sony hack and the role of international law. J Natl Secur Law Policy 8(3):437–468
Trautman L (2016) Congressional cybersecurity oversight: who’s who and how it works. J Law Cyber Warf 5(1):147–306
Walker P (2013) Organizing for cyberspace operations: selected issues. Int Law Stud 89:341–361
Waxman MC (2013) Self-defensive force against cyber attacks: legal, strategic and political dimensions. Int Law Stud 89:109–122
Non-law Articles and Book Chapters
Frequently-Cited Article
Lin H (2009) Lifting the veil on cyber offense. IEEE Secur Priv 7(4):15–21. Based on a 2009 National Research Council report, “Technology, Policy, Law, and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities,” this article highlights the lack of information about US offensive capabilities and the uncertainty surrounding offensive cyberattacks as instruments of US policy
Other Relevant Articles and Chapters
Almeshekah MH, Spafford EH (2014) Using deceptive information in computer security defenses. Int J Cyber Warf Terrorism 4(3):63–80
Bartos CA (2016) Cyber weapons are not created equal. U.S Naval Inst Proc 142(6):30–33
Barzashka I (2013) Are cyber-weapons effective? Assessing Stuxnet’s impact on the Iranian enrichment programme. RUSI J: R United Serv Inst Defence Stud 158(2):48–56
Bencsáth B et al (2012) The cousins of Stuxnet: Duqu, flame, and gauss. Futur Internet 4(4):971–1003
Bergin DL (2015) Cyber-attack and defense simulation framework. J Defense Model Simul: Appl Methodol Technol 12(4):383–392
Boothby B (2016) Cyber weapons: oxymoron or a real world phenomenon to be regulated? In: Friis K, Ringmose J (eds) Conflict in cyber space: theoretical, strategic and legal perspectives. Routledge, New York, pp 165–174
Butrimas V (2014) National security and international policy challenges in a post Stuxnet world. Lithuanian Annu Strateg Rev 12(1):11–31
Czosseck C, Podins K (2012) A vulnerability-based model of cyber weapons and its implications for cyber conflict. Int J Cyber Warf Terrorism 2(1):14–26
Denning DE (2012) Stuxnet: what has changed? Futur Internet 4(3):672–687
Droege C (2013) Get off my cloud: cyber warfare, international humanitarian law, and the protection of civilians. Int Rev Red Cross 94(886):533–578
Farwell JP, Rohozinski R (2011) Stuxnet and the future of cyber war. Survival: Glob Politics Strategy 53(1):23–40
Flowers A, Zeadally S (2014) US policy on active cyber defense. J Homeland Secur Emerg Manag 11(2):289–308
Gartzke E, Lindsay JR (2015) Weaving tangled webs: offense, defense, and deception in cyberspace. Secur Stud 24(2):316–348
Geers K (2010a) The challenge of cyber attack deterrence. Comput Law Secur Rev 26(3):298–303
Geers K (2010b) Cyber weapons convention. Comput Law Secur Rev 26(5):547–551
Gjelten T (2013) First strike: US cyber warriors seize the offensive. World Aff 175(5):33–43
Grant TJ (2013) Tools and technologies for professional offensive cyber operations. Int J Cyber Warf Terrorism 3(3):49–71
Heckman KE, Stech FJ, Schmoker BS, Thomas RK (2015b) Denial and deception in cyber defense. Computer 48(4):36–44
Iasiello E (2014) Hacking back: not the right solution. Parameters 44(3):105–113
Jang-Jaccard J, Nepal S (2014) A survey of emerging threats in cybersecurity. J Comput Syst Sci 80(5):973–993
Jenkins R (2013) Is Stuxnet physical? Does it matter? J Mil Ethics 12(1):68–79
Kello L (2013) The meaning of the cyber revolution perils to theory and statecraft. Int Secur 38(2):7–40
Kelly D et al (2012) Exploring extant and emerging issues in anonymous networks: a taxonomy and survey of protocols and metrics. IEEE Commun Surv Tutorials 14(2):579–606
Kenney M (2015) Cyber-terrorism in a post-Stuxnet world. Orbis 59(1):111–128
Lachow I (2011) The Stuxnet enigma: implications for the future of cybersecurity. Georgetown J Int Aff 12:118–126
Lewis JA (2012) In defense of Stuxnet. Mil Strateg Aff 4(3):65–76
Lindsay JR (2013) Stuxnet and the limits of cyber warfare. Secur Stud 22(3):365–404
Lucas GR Jr (2014) Ethics and cyber conflict: a response to JME 12:1 2013. J Mil Ethics 13(1):20–31
Lupovici A (2016) The “attribution problem” and the social construction of “violence”: taking cyber deterrence literature a step forward. Int Stud Perspect 17(3):322–342
Maitra AK (2015) Offensive cyber-weapons: technical, legal, and strategic aspects. Environ Syst Decis 35(1):169–182
Peterson D (2013) Offensive cyber weapons: construction, development, and employment. J Strateg Stud 36(1):120–124
Rid T, McBurney P (2012) Cyber-weapons. RUSI J 157(1):6–13
Rowland J, Rice M, Shenoi S (2014) The anatomy of a cyber power. Int J Crit Infrastruct Prot 7(1):3–11
Rustici RM (2011) Cyberweapons: leveling the international playing field. Parameters 41(3):32–42
Stevens T (2016) Cyberweapons: an emerging global governance architecture. Palgrave Commun 2:160102. https://doi.org/10.1057/palcomms.2016.102.
Tripathi S et al (2013) Hadoop based defense solution to handle distributed denial of service DDoS attacks. J Inf Secur 4(3):150–164
Gray Literature
Frequently-Cited Report
Mandiant (Firm) (2013) APT1: exposing one of China’s cyber espionage units. Mandiant, Alexandria. Security firm Mandiant, now a Fireeye company, issued this report after extensive research, concluding APT1 is likely sponsored by China and has been implicated in wide-ranging cyber espionage operations since 2006
Other Relevant Reports
Bilge L, Dumitras T (2012) Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM conference on computer and communications security. pp 833–844
Black K, David M (2016) War in 1s and 0s: framing the lexicon for the digital age. Proceedings of the 11th international conference on cyber warfare and security. pp 31–36
Caballero J, Grier C, Kreibich C, Paxson V (2011) Measuring pay-per-install: the commoditization of malware distribution. USENIX security symposium. pp 1–15
Center for Cyber and Homeland Security (2016) Into the gray zone: the private sector and active defense against cyber threats. George Washington University, Washington, DC
Chen J, Duvall G (2016) On dynamic cyber defense and its improvement. In: Proceedings of the 11th international conference on cyber warfare and security. pp 74–80
Colbaugh R, Glass K (2012) Proactive defense for evolving cyber threats. Sandia National Laboratories, Albuquerque/Livermore
Conklin C, Bahney BW (2012) More than meets the eye: clandestine funding, cutting-edge technology and China’s cyber research & development program. Lawrence Livermore National Laboratory
De Falco M (2012) Stuxnet facts report. A technical and strategic analysis. NATO CCD COE Publications, Tallinn
Giles K, Hartmann K (2015) Cyber defense: an international view. Strategic Studies Institute and US Army War College Press, Carlisle
Herr T (2014) PrEP: a framework for malware and cyber weapons. Proceedings of the 9th International Conference on Cyber Warfare and Security ICCWS-2014. pp 84–91
Hershey PC, Dehnert RE Jr, Williams JJ, Raytheon (2017) Digital weapons factory and digital operations center for producing, deploying, assessing, and managing digital defects. Patent no. 9,544,326, USA
Huntley WL (2016, January) Strategic implications of offense and defense in cyberwar. 2016 49th Hawaii International Conference on System Sciences HICSS. pp 5588–5595
Kaspersky Lab, Global Research & Analysis Team (2017) Lazarus under the hood. 59 pp
Leed M, Lewis JA, McCreary JD (2013) Offensive cyber capabilities at the operational level: the way ahead. Center for Strategic and International Studies, Washington, DC
Li JJ, Daugherty L, National Defense Research Institute US (2015) Training cyber warriors: what can be learned from defense language training? RAND, Santa Monica
Libicki MC, Ablon L, Webb T (2015) Defender’s dilemma. RAND, Santa Monica
National Research Council (2010) Proceedings of a workshop on deterring cyberattacks: informing strategies and developing options for US policy. National Academies Press, Washington, DC
Rattray G, Healey J (2010) Categorizing and understanding offensive capabilities and their use. In: Proceedings of a workshop on deterring cyberattacks: informing strategies and developing options for US policy. pp 77–97
Shakarian P (2017) The enemy has a voice: understanding threats to inform smart investment in cyber defense. New America Foundation, Washington, DC
Tyugu E (2012) Command and control of cyber weapons. 2012 4th International Conference on Cyber Conflict, CYCON 2012 – Proceedings
Wassenaar Arrangement on Export Controls for Conventional Arms and Dual–Use Goods and Technologies (2017) Public documents volume II: list of dual-use goods and technologies and munitions list. pp 1–234
Zhioua, S. 2013. The Middle East under malware attack dissecting cyber weapons. Proceedings – International conference on distributed computing systems pp. 11–16.
Government Documents
Frequently-Cited Government Documents
United States (2015a) Chapter XVI cyber operations. In: Department of defense law of war manual. General Counsel of the Department of Defense, Washington, DC. The Manual represents the position of the Department of Defense, not necessarily the US government as a whole. Chapter XVI, “Cyber Operations,” comprises only 15 pages of the 1,220–page-long Manual but provides more transparency about the Department of Defense’s cyber operations generally. Some of the Manual’s positions on international law differ from those seen in the Tallinn Manual
United States Air Force (2011) Air Force Instruction 51-402, Legal Reviews of Weapons and Cyber Capabilities. The instruction was issued to reflect “a change in the Air Force definition of ‘weapon’ and requires a legal review of cyber capabilities intended for use in cyberspace operations” (p.1)
Other Relevant Government Documents
Canada (2010) Canada’s cyber security strategy
Government Accountability Office, Washington DC, Belkin P (2014) NATO’s Wales summit: expected outcomes and key challenges
Los Alamos National Laboratory & United States (2015) What is the current state of the science of cyber defense? United States. Dept. of Energy, Washington, DC
Ministry of Defence (2016) The cyber primer, 2nd edn. Ministry of Defence, London
Russian Federation (2011) Conceptual views regarding the activities of the armed forces of the Russian Federation in information space
Sandia National Laboratories & United States (2015) Evaluating moving target defense with PLADD. United States. Dept. of Defense, Washington, DC
United Kingdom (2010) A strong Britain in an age of uncertainty: the national security strategy
United Kingdom (2011) The UK cyber security strategy: protecting and promoting the UK in a digitized world
United States (2011) Strategy for operating in cyberspace. Department of Defense, Washington, DC
United States (2010) The White House. National security strategy
United States (2013) Joint publication 3–12 on cyberspace operations. Department of Defense, Washington, DC
United States (2014) Army techniques publication 3–36 (FM3–36). Electronic warfare techniques.
United States (2015b) Defense cybersecurity: opportunities exist for DOD to share cybersecurity resources with small businesses. United States Government Accountability Office, Washington, DC
United States (2015c) Defense infrastructure: Improvements in DOD reporting and cybersecurity implementation needed to enhance utility resilience planning. United States Government Accountability Office, Washington, DC
United States (2015d) The department of defense cyber strategy. Department of Defense, Washington, DC
United States (2017) Army field manual 3–12, Cyberspace and electronic warfare operations
US Strategic Command (2009) The cyber warfare lexicon: a language to support the development, testing, planning and employment of cyber weapons and other modern warfare capabilities. Version 1.7.6
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Fossum, L. (2018). Researching Cyber Weapons: An Enumerative Bibliography. In: Prunckun, H. (eds) Cyber Weaponry. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-74107-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-74107-9_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74106-2
Online ISBN: 978-3-319-74107-9
eBook Packages: Law and CriminologyLaw and Criminology (R0)