Cybersecurity: defending our digital future - PowerPoint PPT Presentation

About This Presentation
Title:

Cybersecurity: defending our digital future

Description:

Talkthrough. Background. the White House Cyberspace Policy Review. Emerging network technologies . Wireless, ubiquitous . Cloud applications, intelligent networks – PowerPoint PPT presentation

Number of Views:293
Avg rating:3.0/5.0
Slides: 40
Provided by: csFsuEdu7
Learn more at: http://www.cs.fsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Cybersecurity: defending our digital future


1
Cybersecurity defending our digital future
  • Mike Burmester
  • Center for Security and Assurance in IT,
    Florida State University,3rd Annual TechExpo,
    Tallahassee May 6th 2010

2
Talkthrough
  • Background
  • the White House Cyberspace Policy Review
  • Emerging network technologies
  • Wireless, ubiquitous
  • Cloud applications, intelligent networks
  • What next!
  • The adversary
  • We are behind the learning curve the hackers
    are ahead
  • Security threats
  • How can we defend our digital future?
  • Near-term and midterm plans
  • Methodology
  • Technical aspects, technical analysis

3
Background
  • In Feb 2009 the President directed a 60-day
    clean-slate review to assess U.S. policies and
    structures for cybersecurity.
  • In March 2009 the Cyberspace Policy Review was
    published
  • The Cybersecurity Review recommends general
    guidelines, regarding the
  • Strategy
  • Policy, and
  • Standards
  • for securing operations in cyberspace.

our approach over the past 15 years has failed
to keep pace with the threat.
4
Background
  • What is Cyberspace?
  • . . . the interdependent network of information
    technology infrastructures, including
  • the Internet
  • Telecommunications networks
  • Computer systems
  • Embedded processors and
  • Controllers in critical industries
  • Common usage of the term also refers to the
  • Virtual environment of information and
    interactions between people

5
Background
  • What is Cyberspace? ---a historical perspective
  • 1985 a system of mainframe computers (NSFNET)
  • 1990 the Internet and Web applications
  • 2000 Wireless networks
  • 2008 Cloud applications
  • 20?? The Internet of Things
  • 20?? Virtual life?
  • How can we secure a structure that keeps morphing?

6
Emerging Network Technologiesthe wireless
medium, at the beginning . . .
  • Wireless technology offers unparalleled
    opportunities
  • Some time ago
  • Telegraph
  • Radio communication
  • Amateur radio
  • TV

7
Emerging Network Technologiesthe wireless
medium, more recently
  • Wireless technology offers unparalleled
    opportunities
  • Wireless technology
  • Cellular systems
    (3G and beyond)

8
Emerging Network TechnologiesBluetooth, Wi-Fi,
sensors, RFIDs
  • Short range point-to-point
  • Bluetooth
    Personal Area networks
  • Wi-Fi technologies
  • Wireless sensor networks
  • RFID (Radio Frequency Identification) systems

9
Emerging Network TechnologiesSensor networks
  • Factory floor automation
  • Boarder fencing
  • Military applications

10
RFID deployments
  • A RFID road pricing gantry
  • in Singapore an RFID tag
  • RFIDs tags used in libraries
  • Airports checking luggage
  • U.S. (electronic) passports

11
Wireless technologies
  • Long range point-to-point
  • WiMAX technologies

12
Wireless technologieswith no infrastructure
  • Mobile ad hoc networks
  • (MANETs)
  • Disaster recovery

13
Vehicle-to-Vehicle communication
  • VANETs

14
Ubiquitous networks
  • Network all applications ! The Internet of Things

15
What next !
  • Cloud applications ???
  • Delegate applications
  • Start with the Internet cloud
  • Delegate applications to the cloud

16
. . . and next! Emerging technologies
  • Robotics
  • Nanotechnology
  • molecular self-assembly
  • developing new materials
  • Biotechnology
  • Analyzing the myriad simultaneous cellular
    activities
  • Living systems can be regarded as communication
    systems they transmit the genome of the organism
    by replication/transcription and translation.

17
Beyond next !
  • Intelligent Networking ???

18
Beyond . . . the beyond
  • Virtual Networking and Environments
  • Current Definition (academic)
  • A technology used to control remotely located
    computers and applications over the Internet
  • White House Policy Review definition of
    Cyberspace
  • A virtual environment of information and
    interactions between people
  • Cyberspace the digital network
    infrastructure
  • cloud
    applications
  • virtual
    network technology
  • emerging
    technologies
  • intelligent
    networking

19
Now, the bad . . .
The adversary (the hackers)
20
The adversary Portrait of a Computer Criminal
  • Amateurs
  • Normal people, maybe disgruntled over some
    negative work situation
  • Have committed most of computer crimes to date
  • Crackers or Hackers
  • Often high school/university students cracking
    is seen as the ultimate victimless crime
  • Attack for curiosity, self-satisfaction and
    personal gain
  • Career criminals
  • Understand the targets of computer crime
  • Usually begin as computer professionals who later
    engage in computer crime finding the prospects
    and payoff good.
  • Electronic spies and information brokers who
    recognize that trading in companies secrets can
    be lucrative

21
The adversary It is worse !
  • A simple Google search
  • key words Chinese, threat, cyberspace
  • MI5 alert on Chinas cyberspace spy threat (Times
    Online) Dec 1, 2007 . . . The Government has
    openly accused China of carrying out
    state-sponsored espionage against vital parts of
    Britain's economy, including . . .
  • U.S. military flags China cyber threat
  • 2008-03-06 . . . The U.S. DoD warned in an
    annual report released this week that China
    continues to develop its abilities to wage war in
    cyberspace as part of a doctrine of "non-contact"
    warfare

22
The adversary . . . much worse !
  • key words France, threat, cyberspace
  • NATO chief calls attention to threats from
    cyberspace
  • Mar 4, 2010 . . . NATO is facing new threats in
    cyberspace that cannot be met by lining up
    soldiers and tanks, the alliance's
    secretary-general said Thursday in an apparent
    reference to terror groups and criminal networks
  • key words International, threat, cyberspace
  • Threat of next world war may be in cyberspace
  • Oct 6, 2009 . . . The next world war could
    happen in cyberspace and that would be a
    catastrophe. We have to make sure that all
    countries understand that in that war . . .

23
The adversary New technologies can be abused
  • Are we prepared for intelligent networks ?
  • Who will manage them ?
  • Do we want
  • Centralized, or
  • Decentralized management
  • Who will protect our resources ?
  • What are the threats ?

24
Security Threats
  • Confidentiality
  • Eavesdropping (wiretapping)
  • Privacy
  • Anonymity (Big Brother)
  • Integrity
  • Data integrity protection against unauthorized
    modifications, data corruption, deletion . . .
  • Source or destination integrity protections
    against spoofing attacks, man-in-the middle
    attacks
  • Availability
  • Coverage deployment
  • Information data accuracy traffic control
  • Dependable data transport what about
    transmission/ omission /congestion errors?
  • What about malicious faults ?

25
The Internet is hackers paradise
  • Security Threats Perceived or Real
  • Impersonation Attacks
  • Denial of Service Attacks
  • Session Tampering and Highjacking
  • Man-in-the-Middle Attacks

26
Can we protect Digital resources ?
  • There are some very good cryptographic tools that
    can be used to protect digital resources
  • Many of these tools have proven security
  • The problem is usually bad implementations
  • The best cryptographic security is point-to-point
    security (such as VPN)
  • The source destination
  • are mutually authenticated (with public key
    cryptography)
  • exchange privately a fresh secret key (with
    public key cryptography)
  • use symmetric key encryption scheme to encrypt
    exchanged data

    (with symmetric key cryptography)

27
Can wireless technology be made secure ?
  • Point-to-point security
  • Authentication usually involves certificates (a
    trusted third party certifies the public key of
    the entities) and a cryptographic handshake
  • WIMAX uses the Extensible Authentication Protocol
    for this purpose
  • For encryption it uses block ciphers such as DES3
    or AES
  • This offers protection at the protocol layer
  • There are still problems at the physical layer,
    such as jamming attacks (Denial-of-Service), or
    flooding attacks
  • Security vs. functionality tradeoff
  • Rule of thumb the more security the less
    functionality
  • Holistic security

28
Cybersecurity Policy ReviewNear-Term Plan
  • Appoint cybersecurity coordinator
  • Prepare a national strategy
  • Designate cyberscurity as a priority . . .
  • Designate a privacy/civil liberties official
  • Formulate coherent unified policy guidance that
    clarifies roles, responsibilities . . . for
    cybersecurity activities across the Federal
    government
  • Initiate a public awareness and education
    campaign to promote cybersecurity

29
Cybersecurity Policy Review Near-Term Plan
  • Develop government positions for an international
    cybersecurity policy framework
  • Prepare a cybersecurity incident response plan
  • Develop a framework for RD strategies that
    focuses on game-changing technologies . . . to
    enhance the security, reliability, resilience,
    and trustworthiness . . .
  • Build a cybersecurity-based identity management
    vision and strategy that addresses privacy and
    civil liberties interests . . .

30
Cybersecurity Policy Review Midterm-Plan (14
items)
  • Support key education programs and RD research
    to ensure the Nations continued ability to
    compete in the information age economy
  • Expand and train the workforce, including
    attracting and retaining cybersecurity expertise
    in the Federal government.
  • Develop solutions for emergency communications
    capabilities during a time of natural disaster,
    crisis, or conflict . . .
  • Encourage collaboration between academic and
    industrial laboratories to develop migration
    paths and incentives for the rapid adoption of
    research and technology innovations

31
Are we willing to pay the price ?. . . . . . . .

we may have to . . .
whether we like it or not . . .
32
Methodology for Security
  • Resiliency
  • Against physical damage, unauthorized
    manipulation, and electronic assault. In addition
    to protection of the information itself,
  • A risk mitigation strategy with focus on devices
    used to access the infrastructure, the services
    provided by the infrastructure, the means of
    moving storing and processing information
  • A strategy for prevention, mitigation and
    response against threats
  • Encouraging innovation
  • Harness the benefits of innovation
  • Not create policy and regulation that inhibits
    innovation
  • Maintain National Security/Emergency Preparedness
    Capabilities

33
White House Cybersecurity PlanRSA 03/2010
  • The Comprehensive National Security Initiative
    (12 items)
  • Manage the Federal Enterprise Network as a single
    network enterprise with Trusted Internet
    Connections
  • Deploy an intrusion detection system of sensors
    across the Federal enterprise
  • Deploy intrusion prevention systems across the
    Federal enterprise
  • Coordinate and redirect RD efforts
  • Connect current cyber ops centers to enhance
    situational awareness
  • Develop a government-wide cyber counter
    intelligence plan

34
White House Cybersecurity Plan Revealed at RSA
03/2010
  • The Comprehensive National Security Initiative
    (12 items)
  • Increase the security of our classified networks
  • Expand cyber education
  • Define and develop enduring "leap-ahead"
    technology, strategies, and programs
  • Develop enduring deterrence strategies and
    programs
  • Develop a multi-pronged approach for global
    supply chain risk management
  • Define the Federal role for extending
    cybersecurity into critical infrastructure domains

35
Cybersecurity PlanTechnical aspects
  • Deploy an ID system of sensors across the Federal
    enterprise
  • Einstein 2 capability Signature-based sensors
    that analyze network flow information to identify
    potential malicious activity while conducting
    automatic full packet inspection of traffic
    entering or exiting U.S. Government networks for
    malicious activity
  • Deploy IP systems across the Federal enterprise
  • Einstein 3 capability Real-time full packet
    inspection and threat-based decision-making on
    network traffic entering or leaving these
    Executive Branch networks
  • Identify and characterize malicious network
    traffic to enhance cybersecurity analysis,
    situational awareness and security response
  • Automatically detect and respond appropriately to
    cyber threats before harm is done, providing an
    intrusion prevention system supporting dynamic
    defense

36
Cybersecurity PlanTechnical analysis
  • Einstein 2 capability Signature-based sensors
    will only detect copycat attacks one-off
    attacks will not be checked
  • Einstein 3 capability will not detect
    unpredictable attacks that mimic normal behavior
  • Threat-based decision-making on network traffic
    however may deal with the consequences of such
    attacks
  • Markovian profiling is a good approach for
    threat based decision making

37
The most important technical point in this review
is the realization that one cannot achieve
cybersecurity solely by protecting individual
components there is no way to determine what
happens when NIAP-reviewed products are all
combined into a composite IT system. Quite
right, and too little appreciated security is a
systems property, and in fact, part of the entire
design-and-build processSteven M Bellovin
  • Holistic Security

. . . the Universal-Composability Framework may
ultimately prove to be just a first step toward a
complete solutionJoan Feigenbaum
. . . the main feature of the UC Framework is
that the security of a composite system can
derived from the security of its components
without need for holistic reassessment Mike
Burmester
38
Thanks for listening!
39
.Raise your hands if you have any questions
Write a Comment
User Comments (0)
About PowerShow.com