ConfigSynth: A Formal Framework for Network Security Design Synthesis
|
|
|
- Brett Ferguson
- 5 years ago
- Views:
Transcription
1 ConfigSynth: A Formal Framework for Network Security Design Synthesis Mohammad Ashiqur Rahman and Ehab Al-Shaer CyberDNA Research Center, UNC Charlotte
2 Motivation Complexity of Security Configuration is a major source of network vulnerability: inappropriate or incorrect security configurations were responsible for 80% of United States Air Force vulnerabilities., Center for Strategic and International Studies Report on "Securing Cyberspace for the 44th Presidency, December human error is blamed for 50 to 80% of network outages., Juniper Networks Report, May 2008 the human factor themselves cause more than 30% of network outages, a major concern for carriers and causes big revenue-loss., British Telecom 2009 Lack of security design analytics and automation tools
3 Security Design Automation Problem Automating the design synthesis of security configurations by determining security countermeasures along with device placements that reduces risk (attack surface) while satisfying different constraints: Security requirements Business (Usability and Cost) constraints Mission objective (Connectivity requirements)
4 Challenge: 1 Contention between the security and usability constraints. Lack of metrics to measure these factors. Budget constraints. Security architecture should consider large-scale networks.
5 Challenges: 2 Contention between the security and usability constraints. Lack of metrics to measure these factors. Budget constraints. Security architecture should consider large-scale networks.
6 Challenge: 3 Contention between the security and usability constraints. Lack of metrics to measure these factors. Budget constraints. Security architecture should consider large-scale networks.
7 Challenge: 4 Contention between the security and usability constraints. Lack of metrics to measure these factors. Budget constraints. Security architecture should consider largescale networks.
8 Architecture Network Topology and Placement Strategy Connectivity Requirements User-defined Constraints Security Device Placement Model Security Policy Usability Constraint Model ConfigSynth SMT Solver Configuration Synthesis Cost Isolation, Usability, and Cost Model ConfigSynth Security-Device Placements Security Specifications Usability Specifications Cost Specifications
9 Architecture Network Topology and Placement Strategy Connectivity Requirements User-defined Constraints Security Device Placement Model Security Policy Usability Constraint Model SMT Solver Configuration Synthesis Cost Security, Usability, and Cost Model ConfigSynth Security-Device Placements Security Specifications Usability Specifications Cost Specifications
10 Architecture Network Topology and Placement Strategy Connectivity Requirements User-defined Constraints Security Device Placement Model Security Policy Usability Constraint Model SMT Solver Configuration Synthesis Evaluation Cost Security, Usability, and Cost Model ConfigSynth Security-Device Placements Security Specifications Usability Specifications Cost Specifications
11 Security in terms of Isolation Security requirements are indicated by isolation measures between the hosts. An isolation pattern signifies the type of security resistance. Network level isolation patterns: Access deny Trusted communication, i.e., authenticated/encrypted communication. Payload inspection. Source identity hiding communication. Traffic forwarding through proxy.
12 Isolation Model
13 Isolation Score
14 Isolation Requirement
15 Usability Constraint
16 Cost Constraint
17 Miscellaneous Constraints
18 Analytical Result The maximum possible isolation with respect to the usability constraint considering a fixed cost constraint
19 Evaluation The model synthesis time with respect to the number of hosts.
20 Summary Our work has been accepted for publication in IEEE ICDCS 2013 (13% acceptance rate). Future works We are investigating the methodologies for the risk evaluation of the synthesized security design, and hypothesis generation for feedback controls to the synthesis engine. Interactive security analytics Thanks
CSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers
CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee
Cyber Defense & Network Assurance (CyberDNA) Center. Professor Ehab Al Shaer, Director of CyberDNA Center UNC Charlotte
Cyber Defense & Network Assurance (CyberDNA) Center Professor Ehab Al Shaer, Director of CyberDNA Center UNC Charlotte March 5, 2012 About CyberDNA Vision CyberDNA Center is to enable assurable and usable
UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
CYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management
CYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management Instructor: Dr. Kun Sun Outline 1. Risk management 2. Standards on Evaluating Secure System 3. Security Analysis using Security Metrics
New Project Proposal Status Report Final Report
Title: Models and Software Tools for Managing Network Complexity Date: May 16, 2018 Researcher Name(s): Xin Sun University: Ball State University Long Term Goal(s) New Project Proposal Status Report Final
CSC 6575: Internet Security Fall 2017
CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols Attacks at Upper OSI Layers Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee Tech University
UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
GARNET. Graphical Attack graph and Reachability Network Evaluation Tool* Leevar Williams, Richard Lippmann, Kyle Ingols. MIT Lincoln Laboratory
GARNET Graphical Attack graph and Reachability Network Evaluation Tool* Leevar Williams, Richard Lippmann, Kyle Ingols 15 September 2008 9/15/2008-1 R. Lippmann, K. Ingols *This work is sponsored by the
Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management
Seven Habits of Cyber Security for SMEs Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management Security Policy is an important
The Eight Rules of Security
The Eight Rules of Security The components of every security decision. Understanding and applying these rules builds a foundation for creating strong and formal practices through which we can make intelligent
MOHAMMAD ASHIQUR RAHMAN
1033 NOTTINGHAM DR (APT: A), COOKEVILLE, TENNESSEE, USA Phone: +17042419165 (Cell) +19313723525 (Office) E-mail: marahman@tntech.edu; ashiq2503@gmail.com LinkedIn: http://www.linkedin.com/pub/mohammad-ashiqur-rahman/72/b71/a59/
An Approach to Information Security Policy Modeling for Enterprise Networks
An Approach to Information Security Policy Modeling for Enterprise Networks Dmitry Chernyavskiy and Natalia Miloslavskaya Information Security of Banking Systems Department National Research Nuclear University
Automated Synthesis of NFV Topology: A Security Requirement-Oriented Design
Automated Synthesis of NFV Topology: A Security Requirement-Oriented Design A H M Jakaria, Mohammad Ashiqur Rahman, and Carol J Fung Department of Computer Science, Tennessee Tech University, Cookeville,
2. INTRUDER DETECTION SYSTEMS
1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding
EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.
EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT An Insight Cyber White Paper Copyright Insight Cyber 2018. All rights reserved. The Need for Expert Monitoring Digitization and external connectivity
Firewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
Managing the Migration to IPv6 Throughout the Service Provider Network White Paper
Managing the Migration to IPv6 Throughout the Service Provider Network Managing the Migration to IPv6 Throughout the Service Provider Network White Paper Introduction Service providers are feeling increasing
CSC 6575: Internet Security Fall 2017
CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols Hackers and System Security Transport Layer Protocols Mohammad Ashiqur Rahman Department of Computer Science College of Engineering
COMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls
Symantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
CERT C++ COMPLIANCE ENFORCEMENT
CERT C++ COMPLIANCE ENFORCEMENT AUTOMATED SOURCE CODE ANALYSIS TO MAINTAIN COMPLIANCE SIMPLIFY AND STREAMLINE CERT C++ COMPLIANCE The CERT C++ compliance module reports on dataflow problems, software defects,
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
Firewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
Analysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs
Analysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs by Charikleia Zouridaki Charikleia Zouridaki 1, Marek Hejmo 1, Brian L. Mark 1, Roshan K. Thomas 2, and Kris Gaj 1 1 ECE
Certified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($ in Millions)
NetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion. Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev
NetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev I shouldn t be the one giving this talk Third year PhD student
J. Haadi Jafarian CV June J. Haadi Jafarian
J. Haadi Jafarian Assistant Professor Dept. of Computer Science and Engineering University of Colorado Denver 704-408-3264 haadi.jafarian@ucdenver.edu EDUCATION Ph.D. 2017 University of North Carolina
EXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
EXCERPT NIST Special Publication 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations An Excerpt Listing All: Security Requirement Families & Controls Security
The threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center
Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center Leverage Analytics To Protect and Optimize Your Business Infrastructure SOLUTION PROFILE Managing a data center and the
Secure Cloud Computing Architecture (SCCA)
Secure Cloud Computing Architecture (SCCA) Susan Casson PM, SCCA December 12, 2017 UNITED IN IN SERVICE TO OUR NATION 1 Unclassified DoD Commercial Cloud Deployment Approach Cyber Command C2 Operations
In this unit we are going to review a set of computer protection measures also known as countermeasures.
1 In this unit we are going to review a set of computer protection measures also known as countermeasures. A countermeasure can be defined as an action, device, procedure, or technique that reduces a threat,
United States Small Business Administration Office of Hearings and Appeals
Cite as: NAICS Appeal of RCF Information Systems, Inc., SBA No. NAICS-5653 (2015) United States Small Business Administration Office of Hearings and Appeals NAICS APPEAL OF: RCF Information Systems, Inc.,
ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems
ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been
Chapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
SDLC Maturity Models
www.pwc.com SDLC Maturity Models SecAppDev 2017 Bart De Win Bart De Win? 20 years of Information Security Experience Ph.D. in Computer Science - Application Security Author of >60 scientific publications
Cyber Resilience. Think18. Felicity March IBM Corporation
Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
V A Physical Security Assessments LESSONS LEARNED
1 V A Physical Security Assessments LESSONS LEARNED 2 Program Goals What threats should be guarded against? How best to evaluate healthcare, cemetery, as well as office facilities against these threats?
Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II
Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Yes: Creating a secure channel for communication (Part I) Protecting
Threat Hunting in Modern Networks. David Biser
Threat Hunting in Modern Networks David Biser What is Threat Hunting? The act of aggressively pursuing and eliminating cyber adversaries as early as possible in the Cyber Kill Chain. Why Perform Threat
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
Engineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
FOUNDATIONS OF INTENT- BASED NETWORKING
FOUNDATIONS OF INTENT- BASED NETWORKING Loris D Antoni Aditya Akella Aaron Gember Jacobson Network Policies Enterprise Network Cloud Network Enterprise Network 2 3 Tenant Network Policies Enterprise Network
Robust Networking with IPv6
Robust Networking with IPv6 Phil Edholm, CTO, Enterprise Networks December 10, 2003 Nortel Networks Restricted PG 1 Nortel Networks Solutions for Mission-critical Government Networks Credentials for Network
Maximise your return in search. Mark Lilley
Maximise your return in search Mark Lilley 19.10.2017 Hello Mark Lilley Co- Founder & Director Groundswell groundswellgrowth.com Head of Ecommerce Chain Reaction Cycles 5 years Who are Groundswell? Ecommerce
STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
Classification of Log Files with Limited Labeled Data
Classification of Log Files with Limited Labeled Data Stefan Hommes, Radu State, Thomas Engel University of Luxembourg 15.10.2013 1 Motivation Firewall log files store all accepted and dropped connections.
Can t You Hear Me Knocking: Security and Privacy Threats from ML Application to Contextual Information
Can t You Hear Me Knocking: Security and Privacy Threats from ML Application to Contextual Information Contextual Security Workshop Contextual Security: Quo Vadis? Aalto University, Helsinki - December
AMP-Based Flow Collection. Greg Virgin - RedJack
AMP-Based Flow Collection Greg Virgin - RedJack AMP- Based Flow Collection AMP - Analytic Metadata Producer : Patented US Government flow / metadata producer AMP generates data including Flows Host metadata
Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring
Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring Learning Objective Explain the importance of security audits, testing, and monitoring to effective security policy.
High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity
Distribution A: SSC17-V-01 High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity Daria C. Lane, Enrique S. Leon, Francisco C. Tacliad, Dexter H. Solio, Ian L. Rodney, Dmitriy
DoD Guidance for Reviewing System Security Plans and the NIST SP Security Requirements Not Yet Implemented This guidance was developed to
DoD Guidance for Reviewing System Security Plans and the s Not Yet Implemented This guidance was developed to facilitate the consistent review and understanding of System Security Plans and Plans of Action,
Exam Code: Exam Code: Exam Name: Advanced Borderless Network Architecture Systems Engineer test.
Exam Code: 700-303 Number: 700-303 Passing Score: 800 Time Limit: 120 min File Version: 41.2 http://www.gratisexam.com/ Exam Code: 700-303 Exam Name: Advanced Borderless Network Architecture Systems Engineer
Program Review for Information Security Management Assistance. Keith Watson, CISSP- ISSAP, CISA IA Research Engineer, CERIAS
Program Review for Information Security Management Assistance Keith Watson, CISSP- ISSAP, CISA IA Research Engineer, CERIAS Disclaimer and Purpose PRISMA, FISMA, and NIST, oh my! PRISMA versus an Assessment
Evolution of Cyber Attacks
Update from the PCI Security Standards Council Troy Leach, CTO, PCI Security Standards Council Evolution of Cyber Attacks Viruses Worms Trojan Horses Custom Malware Advanced Persistent Threats 1 Modern
Development of an automated testing tool for identifying discrepancies between model implementations
Development of an automated testing tool for identifying discrepancies between model implementations 1 Freebairn, A., 1 J. Rahman, 1 S. Seaton, 1 J-M. Perraud, 1 P. Hairsine and 1 H. Hotham 1 CSIRO Land
Cyber Challenges and Acquisition One Corporate View
Sentar Inc 315 Wynn Dr Huntsville, AL 35805 256-430-0860 www.sentar.com Cyber Challenges and Acquisition One Corporate View Defense Acquisition University Conference Huntsville, AL February 22-23, 2011
Carl Herron, Senior Manager Physical Security Analyst NPCC Fall Workshop November 8, 2017 Hartford Connecticut
Physical Security Analysis of Substations Carl Herron, Senior Manager Physical Security Analyst NPCC Fall Workshop November 8, 2017 Hartford Connecticut NPCC Fall Workshop Substation Review Vulnerabilities
Configuring F5 for SSL Intercept
Configuring F5 for Welcome to the F5 deployment guide for configuring the BIG-IP system for SSL intercept (formerly called with Air Gap Egress Inspection). This document contains guidance on configuring
Anti-Tamper Protection of Critical Information. Todd Lowe SiCore Technologies 8 November 2010
Anti-Tamper Protection of Critical Information Todd Lowe SiCore Technologies TLowe@sicore-tech.com 8 November 2010 Threats Increase TICKETS TYPE Years Tickets 2008 39% 2008 2104 2009 3085 2010 +6000* projected
SSL Visibility and Troubleshooting
Page 1 of 6 view online Avi Vantage provides a number of features to help understand the utilization of SSL traffic and troubleshoot SSL-related issues. Visibility Every virtual service provides a number
Ontology- and Bayesian- based Information Security Risk Management
Ontology- and Bayesian- based Information Security Risk Management Stefan Fenz sfenz@securit 4 th ETSI Security Workshop 13 14 January 2009 ETSI, Sophia Antipolis, France Motivation Almost every business
Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response
Security Operations Flexible and Scalable Solutions to Improve Your Security Capabilities Security threats continue to rise each year and are increasing in sophistication and malicious intent. Unfortunately,
Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries
Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries Chris Calvert, CISSP, CISM Director of Solutions Innovation Copyright 2013 Hewlett-Packard Development
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs
Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs Dominic Cussatt Acting Deputy Assistant Secretary / Chief Information Security Officer (CISO) February 20, 2017 The Cyber
CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE
Instructor: Prof Aftab Ahmad Office: NB 612 Telephone No. (212)393-6314 Email Address: aahmad@jjay.cuny.edu Office Hours: By appointment TEXT & REFERENCE MATERIAL Text Notes from instructor posted on Blackboard
National Cyber R&D Framework: Changing The Game Recommendations from the NITRD Senior Steering Group on Cybersecurity R&D
Presentation to ACSAC 2009 National Cyber R&D Framework: Changing The Game Recommendations from the NITRD Senior Steering Group on Cybersecurity R&D Tomas Vagoun Technical Coordinator vagoun@nitrd.gov
CompTIA. SY0-401 EXAM CompTIA Security+ Certification Exam. m/ Product: Demo. For More Information:
Page No 1 https://www.dumpsplanet.com m/ CompTIA SY0-401 EXAM CompTIA Security+ Certification Exam Product: Demo For More Information: SY0-401-dumps Page No 2 Question: 1 Which of the following components
A Methodology to Build Lasting, Intelligent Cybersecurity Programs
EBOOK Risk-Centric Cybersecurity Management : A Methodology to Build Lasting, Intelligent Cybersecurity Programs A Brinqa ebook Think InfoSec is ready to keep your enterprise secure through the next transformative
Conducted by Vanson Bourne Research
Conducted by Vanson Bourne Research N o v e m b e r 2 0 1 3 1 3200 INTERVIEWS ALTOGETHER, 1600 IT & 1600 BUSINESS DECISION- MAKERS 100 & 100 IT BUSINESS DECISION- DECISION- MAKERS MAKERS COUNTRIES USA
Trusted Network Access Control Experiences from Adoption
Trusted Network Access Control Experiences from Adoption Joerg Vieweg joerg.vieweg@fh-hannover.de Trust@FHH Research Group University of Applied Sciences and Arts Hanover https://trust.inform.fh-hannover.de
BSIT 1 Technology Skills: Apply current technical tools and methodologies to solve problems.
Bachelor of Science in Information Technology At Purdue Global, we employ a method called Course-Level Assessment, or CLA, to determine student mastery of Course Outcomes. Through CLA, we measure how well
Understanding Managed Services
Understanding Managed Services The buzzword relating to IT Support is Managed Services, and every day more and more businesses are jumping on the bandwagon. But what does managed services actually mean
Secure Interworking Between Networks in 5G Service Based Architecture
Secure Interworking Between Networks in 5G Service Based Architecture Silke Holtmanns Nokia 1 Nokia 2016 Nokia Future Attacks and Mitigation Research that
Development, Analysis and Evaluation of Cyber Resilience Strategies
Development, Analysis and Evaluation of Cyber Resilience Strategies Prof. Dr. Axel Lehmann Prof. Dr. Udo Helmbrecht Institut für Technische Informatik, Universität der Bundeswehr München, Germany European
Applications of PTP in non-telecom networks. Anurag Gupta November 1 st -3 rd 2011, ITSF 2011
Applications of PTP in non-telecom networks Anurag Gupta angupta@juniper.net November 1 st -3 rd 2011, ITSF 2011 Introduction PTP/ 1588 has grown from its initial objective of Synchronization of real-time
Synthesis of Fault-Attack Countermeasures for Cryptographic Circuits
Synthesis of Fault-Attack Countermeasures for Cryptographic Circuits Hassan Eldib, Meng Wu, and Chao Wang CAV, July 23, 2016 Cryptographic Algorithm: an example Plaintext Chip Ciphertext 0110 1001 1011
UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete Total Cost Total Program Element 8.306 7.299 10.429-10.429 11.464 12.492 12.840 13.010 Continuing Continuing
Failure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data
Failure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data Anurag Srivastava, Bo Cui, P. Banerjee Washington State University NASPI March 2017 Outline
Security and privacy in the smartphone ecosystem: Final progress report
Security and privacy in the smartphone ecosystem: Final progress report Alexios Mylonas Athens University of Economics & Business Overview 2 Research Motivation Related work Objective Approach Methodology
Web Security. Outline
Security CS 161/194-1 Anthony D. Joseph November 21, 2005 s Outline Static and Dynamic Content Firewall review Adding a DMZ Secure Topologies 2 1 Polls How many people have set up a personal web server?
UNCLASSIFIED R-1 ITEM NOMENCLATURE
Exhibit R-2, RDT&E Budget Item Justification: PB 2014 Air Force DATE: April 2013 COST ($ in Millions) # ## FY 2015 FY 2016 FY 2017 FY 2018 Program Element - 0.000 0.000 5.853-5.853 5.961 6.181 6.290 6.404
Countering the Insider Threat: Behavioral Analytics Security Intelligence Cell (BASIC)
Countering the Insider Threat: Behavioral Analytics Security Intelligence Cell (BASIC) Jesse Hughes CSG LLP Tammy Torbert Solution Architect, HP ESP In the next 35 minutes we ll cover the following: The
UNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400:,, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology (ATD) COST ($ in Millions)
Courses. X E - Verify that system acquisitions policies and procedures include assessment of risk management policies X X
4016 Points * = Can include a summary justification for that section. FUNCTION 1 - INFORMATION SYSTEM LIFE CYCLE ACTIVITIES Life Cycle Duties No Subsection 2. System Disposition/Reutilization *E - Discuss
Retail Security in a World of Digital Touchpoint Complexity
Retail Security in a World of Digital Touchpoint Complexity Author Greg Buzek, President of IHL Services Sponsored by Cisco Systems Inc. Featuring industry research by Previously in part 1 and part 2 of
Business Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
Make IR Effective with Risk Evaluation and Reporting
SESSION ID: AIR-R02 Make IR Effective with Risk Evaluation and Reporting Mischel Kwon President/CEO MKA Cyber @mkacyber Justin Monti Sr. VP Security Engineering MKA Cyber You ve Got an Incident Now What?
CTS2134 Introduction to Networking. Module 08: Network Security
CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting
Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks
Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks In an ARP spoofing attack, the attacker associates its own MAC address with the IP address of a network device
over-satellite Technology Development
International Telecommunication Union NASA s IP-over over-satellite Technology Development Andrew Z. Dowen Data Standards Program Office Mgr., NASA Robert C. Durst The MITRE Corporation Workshop on Satellites
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017 Traditional Ethernet Challenges Plug-and-play Allow all ROOT D D D D Nondeterministic Reactive failover Difficult
Network Anomaly Detection Using Autonomous System Flow Aggregates
Network Anomaly Detection Using Autonomous System Flow Aggregates Thienne Johnson 1,2 and Loukas Lazos 1 1 Department of Electrical and Computer Engineering 2 Department of Computer Science University
IPv6, The Pathway to Improved IT & IoT Security.
IPv6, The Pathway to Improved IT & IoT Security www.disrupt6.com @JoeKlein Joe.Klein@Disrupt6.com AGENDA IPv6 is now a Business Decision! New Security Features SOC s & Sensors Next Steps I LIKE A GOOD
Lecture 4: Threats CS /5/2018
Lecture 4: Threats CS 5430 2/5/2018 The Big Picture Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures. Once Upon a Time Bugs "bug":
Express Monitoring 2019
Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities