Legal limits of proactive actions: Coreflood botnet example
Passive defense mechanisms are necessary component of well-designed cyber defense programs but they are no longer sufficient to address increasingly sophisticated threats. Thus, addressing the threats more comprehensively may require additional mechanisms. So, active cyber defense is consist of proactive actions to prevent, detect and respond to attacks and provide real-time capability to discover, detect, analyze and mitigate threats and vulnerabilities. However, this mechanism raise some legal problems. Coreflood Botnet Takedown Operation is a good example of it. Some argue that it breaches personal privacy but others assert that it eliminates a known threat to that victim’s privacy and financial security. Thus trying to set the legal limits of actions or propose a legal model for actions (stop C&C, eliminate botnets or to step forward and eliminate malware) becomes significant. In this regard consent based theories has to be evaluated.