Combating Cyber Attacks: - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Combating Cyber Attacks:

Description:

... to decompilation and validation of source and binary code in preparation for ... Economics, the worldwide cost of malicious code attacks has increased from $0.5 ... – PowerPoint PPT presentation

Number of Views:69
Avg rating:3.0/5.0
Slides: 18
Provided by: amacph
Category:

less

Transcript and Presenter's Notes

Title: Combating Cyber Attacks:


1
  • Combating Cyber Attacks
  • The Role of the Research Community
  • Michael Vatis
  • Director, Institute for Security Technology
    Studies
  • At Dartmouth College
  • 16th Annual National HPCC Conference
  • High-End Computing in an Insecure World
  • Wednesday, April 3, 2002

2
ISTS Mission Counterterrorism Technology
Research and Development
  • To serve as a center for counterterrorism
    technology research, development, testing and
    evaluation (RDTE) with a particular focus on
    cyber-security and protection of
    telecommunications and critical information
    infrastructure.
  • To serve as a national point of contact for
    antiterrorism information sharing among Federal,
    State and local preparedness agencies, as well as
    private and public organizations.

Senate Appropriations Committee Report on H.R.
4690, Department of Commerce, Justice, and State,
the Judiciary and Related Agencies Appropriations
Bill, 2001 (U.S. Senate, September 8, 2000)
Departments of Commerce, Justice, and State, the
Judiciary and Related Agencies Appropriations
Bill 2001 and the Congressional Record (House of
Representatives, November 1999)
3
The ISTS ApproachNeeds Assessment,
Collaboration Technology Transfer
  • Needs Assessment. ISTS sponsors research to
    address stakeholders unmet needs.
  • Ex. The Law Enforcement Needs Assessment,
    discussed below, will motivate targeted RD
    projects.
  • Collaboration. Much ISTS work has taken place
    through collaborative relationships with parties
    outside Dartmouth.
  • Partners include Los Alamos Sandia Labs,
    Harvard, Renesys Corp., Tulsa Univ., RAND, MITRE,
    SANS.
  • Technology Transfer. Move tested validated
    technologies and research products into the
    private sector.
  • Ex. Digital tampering steganography detection
    processes ready for industry development.

4
ISTS Research
5
ISTS Research
6
ISTS Research
7
ISTS Research
8
ISTS Research
9
2002 Law Enforcement Needs AssessmentObjective
Methodology
  • Objective
  • Identify the problems and technological
    impediments facing law enforcement when
    investigating and responding to cyber attacks
  • Methodology
  • Phase 1 Survey Development
  • Phase 2 National Statistical Survey
  • Phase 3 Law Enforcement Site Visits
  • Phase 4 Workshop
  • Phase 5 Final Report Production
  • Release Date
  • Late April-early May

10
2002 Law Enforcement Needs AssessmentPreliminary
Findings Next Steps
  • Preliminary Findings
  • Log analysis and training are problem areas
    requiring immediate assessment, research
    development of new tools.
  • IP spoofing presents a significant challenge for
    tracing efforts.
  • Encryption, steganography, and wireless Internet
    access are growing concerns.
  • Next Steps
  • Assess existing solutions.
  • Perform gap analysis.
  • Define gaps and initiate targeted research.

11
Institute for Information Infrastructure
Protection (I3P)
  • MISSION STATEMENT
  • To help protect the information infrastructure of
    the United States
  • by coordinating the development of a
    comprehensive, prioritized
  • research and development agenda for cyber
    security, and
  • promoting collaboration and information sharing
    among
  • academia, industry and government.
  • MISSION TASKS
  • Collaborate with academia, industry and
    government to develop a national RD agenda for
    cyber security
  • Serve as an information clearinghouse on the
    status of RD efforts for information
    infrastructure protection
  • Foster collaboration among cyber security RD
    efforts in academia, industry and government
  • Facilitate specific high leverage research and
    the development of new security technology for
    information infrastructure protection.

12
I3P BackgroundThe Growing Threat to the
Information Infrastructure
  • Over the past few years, there has been an
    exponential increase in damaging attacks.
  • According to Computer Economics, the worldwide
    cost of malicious code attacks has increased from
    0.5 billion in 1995 to 13.2 billion in 2001.
  • These problems continue to increase.
  • According to CERT, computer security incidents
    and computer security vulnerabilities more than
    doubled in 2001.
  • The cyber attack capabilities of foreign
    governments are growing.
  • Iraq, Libya, North Korea, Russia, Cuba and China
    are all thought to possess or to be developing
    information warfare capabilities.
  • Cyber attacks by terrorists are a growing
    concern.

13
Institute for Information Infrastructure
Protection History
  • December 1998
  • Presidents Committee of Advisors on Science and
    Technology (PCAST) recommends government-funded,
    but non-governmental, lab to focus cyber security
    research.
  • April 2000
  • Institute for Defense Analysis (IDA) study
    details I3P concept
  • July 2000
  • National Security Council (NSC) Office of
    Science and Technology Policy (OSTP) white paper
    calls for I3P creation
  • September 2001
  • Institute for Security Technology Studies funded
    to lead establishment of I3P.

14
I3P ImplementationSteps Toward a National Cyber
Security RD Agenda
  • The I3P approach is broadly inclusive.
  • - The I3P is a consortium of academic and
    non-profit RD organizations, with strong ties
    to, and input from, government and corporate
    entities.
  • - The Office of Cyberspace Security has invited
    I3P to develop a cyber security RD needs
    assessment for information infrastructure
    protection.
  • The I3P is implementing a thorough methodology.
  • - Step 1 Assess existing products, research
    roadmaps.
  • - Step 2 Conduct survey decision support
    workshops.
  • - Step 3 Perform gap analysis publish draft
    agenda.
  • - Step 4 Use survey, workshop other methods to
    validate agenda.
  • I3P will publish a validated RD agenda within
    one year.

15
I3P Methodology Steps Toward a National Cyber
Security RD Agenda
  • Approach problem from several perspectives
  • By critical infrastructure sector (e.g. energy,
    telecommunications)
  • By stakeholder groupings (e.g. manufacturers/vendo
    rs, users)
  • By topical areas (e.g., wireless security,
    intrusion detection, encryption, policy/legal
    issues)

16
I3P WebsiteA digital archive for cyber security
RD
  • www.theI3P.org is available to I3P consortium
    members
  • We will add content on the I3P concept of
    operations and the upcoming workshops
  • Expected future capabilities include
  • Web space for exchange of information about work
    in progress
  • Separate work spaces for use by I3P each
    cluster group
  • Searchable document collections
  • Email server, newsgroups listserv
  • Tools to facilitate secure collaboration

17
  • For more information
  • michael.vatis_at_dartmouth.edu
  • OR
  • matt.funk_at_dartmouth.edu
  • www.ists.dartmouth.edu
  • 603-646-0700
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Combating Cyber Attacks:" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!