Clouds of Suspicion: Airspace Arrangements, Escalation, and Discord in U.S./NATO-Russian Relations

How have cooperative airspace arrangements contributed to cooperation and discord in the Euro-Atlantic region? This study analyzes the role of three sets of airspace arrangements developed by Euro-Atlantic states since the end of the Cold War—(1) cooperative aerial surveillance of military activity, (2) exchange of air situational data, and (3) joint engagement of theater air and missile threats—in political-military relations among neighbors and within the region. These arrangements provide insights into the integration of Central and Eastern European states into Western security institutions, and the current discord that centers on the conflict in Ukraine and Russia’s place in regional security. The study highlights the role of airspace incidents as contributors to conflict escalation and identifies opportunities for transparency- and confidence-building measures to improve U.S./NATO-Russian relations. The study recommends strengthening the Open Skies Treaty in order to facilitate the resolution of conflicts and improve region-wide military transparency. It notes that political-military arrangements for engaging theater air and missile threats created by NATO and Russia over the last twenty years are currently postured in a way that divides the region and inhibits mutual security. In turn, the U.S.-led Regional Airspace Initiatives that facilitated the exchange of air situational data between NATO and then-NATO-aspirants such as Poland and the Baltic states, offer a useful precedent for improving air sovereignty and promoting information sharing to reduce the fear of war among participating states. Thus, projects like NATO’s Air Situational Data Exchange and the NATO-Russia Council Cooperative Airspace Initiative—if extended to the exchange of data about military aircraft—have the potential to buttress deterrence and contribute to conflict prevention. The study concludes that documenting the evolution of airspace arrangements since the end of the Cold War contributes to understanding of the conflicting narratives put forward by Russia, the West, and the states “in-between” with respect to reasons for the current state of regional security. The long-term project of developing a zone of stable peace in the Euro-Atlantic must begin with the difficult task of building inclusive security institutions to accommodate the concerns of all regional actors.

Active Data Collection Techniques to Understand Online Scammers and Cybercriminals

Nigerian scam, also known as advance fee fraud or 419 scam, is a prevalent form of online fraudulent activity that causes financial loss to individuals and businesses. Nigerian scam has evolved from simple non-targeted email messages to more sophisticated scams targeted at users of classifieds, dating and other websites. Even though such scams are observed and reported by users frequently, the community’s understanding of Nigerian scams is limited since the scammers operate “underground”. To better understand the underground Nigerian scam ecosystem and seek effective methods to deter Nigerian scam and cybercrime in general, we conduct a series of active and passive measurement studies. Relying upon the analysis and insight gained from the measurement studies, we make four contributions: (1) we analyze the taxonomy of Nigerian scam and derive long-term trends in scams; (2) we provide an insight on Nigerian scam and cybercrime ecosystems and their underground operation; (3) we propose a payment intervention as a potential deterrent to cybercrime operation in general and evaluate its effectiveness; and (4) we offer active and passive measurement tools and techniques that enable in-depth analysis of cybercrime ecosystems and deterrence on them. We first created and analyze a repository of more than two hundred thousand user-reported scam emails, stretching from 2006 to 2014, from four major scam reporting websites. We select ten most commonly observed scam categories and tag 2,000 scam emails randomly selected from our repository. Based upon the manually tagged dataset, we train a machine learning classifier and cluster all scam emails in the repository. From the clustering result, we find a strong and sustained upward trend for targeted scams and downward trend for non-targeted scams. We then focus on two types of targeted scams: sales scams and rental scams targeted users on Craigslist. We built an automated scam data collection system and gathered large-scale sales scam emails. Using the system we posted honeypot ads on Craigslist and conversed automatically with the scammers. Through the email conversation, the system obtained additional confirmation of likely scam activities and collected additional information such as IP addresses and shipping addresses. Our analysis revealed that around 10 groups were responsible for nearly half of the over 13,000 total scam attempts we received. These groups used IP addresses and shipping addresses in both Nigeria and the U.S. We also crawled rental ads on Craigslist, identified rental scam ads amongst the large number of benign ads and conversed with the potential scammers. Through in-depth analysis of the rental scams, we found seven major scam campaigns employing various operations and monetization methods. We also found that unlike sales scammers, most rental scammers were in the U.S. The large-scale scam data and in-depth analysis provide useful insights on how to design effective deterrence techniques against cybercrime in general. We study underground DDoS-for-hire services, also known as booters, and measure the effectiveness of undermining a payment system of DDoS Services. Our analysis shows that the payment intervention can have the desired effect of limiting cybercriminals’ ability and increasing the risk of accepting payments.

Surveillance in Cyberspace: Applying Natural and Place Manager Surveillance to System Trespassing

Research on the criminological side of system trespassing (i.e. unlawfully gaining access to a computer system) is relatively rare and has yet to examine the effect of the presence of other users on the system during the trespassing event (i.e. the time of communication between a trespasser’s system and the infiltrated system). This thesis seeks to analyze this relationship drawing on principles of Situational Crime Prevention, Routine Activities Theory, and restrictive deterrence. Data were collected from a randomized control trial of target computers deployed on the Internet network of a large U.S. university. This study examined whether the number (one or multiple) and type (administrative or non-administrative) of computer users present on a system reduced the seriousness and frequency of trespassing. Results indicated that the type of user (administrative) produced a restrictive deterrent effect and significantly reduced the frequency and duration of trespassing events.

Turkish Security Policymaking on Nuclear Issues: Conceptualizing Advanced Cooperative Security Strategies

Turkey is a non-nuclear member of a nuclear alliance in a region where nuclear proliferation is of particular concern. As the only North Atlantic Treaty Organization (NATO) member that has a border with the Middle East, Turkish officials argue that Turkey cannot solely rely on NATO guarantees in addressing the regional security challenges. However, Turkey has not been able to formulate a security policy that reconciles its quest for independence, its NATO membership, the bilateral relationship with the United States, and regional engagement in the Middle East. This dissertation assesses the strategic implications of Turkey’s perceptions of the U.S./NATO nuclear and conventional deterrence on nuclear issues. It explores three case studies by the process tracing of Turkish policymakers’ nuclear-related decisions on U.S. tactical nuclear weapons deployed in Europe, national air and missile defense, and Iran’s nuclear program. The study finds that the principles of Turkish security policymaking do not incorporate a fundamentally different reasoning on nuclear issues than conventional deterrence. Nuclear weapons and their delivery systems do not have a defining role in Turkish security and defense strategy. The decisions are mainly guided by non-nuclear considerations such as Alliance politics, modernization of the domestic defense industry, and regional influence. The dissertation argues that Turkey could formulate more effective and less risky security policies on nuclear issues by emphasizing the cooperative security approaches within the NATO Alliance over confrontational measures. The findings of this dissertation reveal that a major transformation of Turkish security policymaking is required to end the crisis of confidence with NATO, redefinition of the strategic partnership with the US, and a more cautious approach toward the Middle East. The dissertation argues that Turkey should promote proactive measures to reduce, contain, and counter risks before they develop into real threats, as well as contribute to developing consensual confidence-building measures to reduce uncertainty.