UIUC. Application of Game Theory to High Assurance Cloud Computing. 20 September 2016
|
|
- Jasmin Henry
- 5 years ago
- Views:
Transcription
1 UIUC Application of Game Theory to High Assurance Cloud Computing 20 September 2016 Integrity Service Excellence Charles Kamhoua, Ph.D. Research Electronics Engineer Air Force Research Laboratory Cyber Assurance Branch 1
2 Project involvement PI: AFOSR STORM project FY 13 FY 16 PI: AFOSR Window on the World at Oxford University Feb 2015 April 2015 PM: AFRL Cloud Security Center of Excellence at University of Illinois at Urbana Champaign FY 11 FY 17 PM: DoD Cyber Security Center of Excellence for HBCU/MI at Norfolk State university, Old Dominion University and Tennessee State University FY 15 FY 20 Advisor: National Research Council Research Associateship Program Air Force Summer Faculty Fellowship Program 2
3 Outline Cyber Playing Field Public Cloud Computing Challenges Game Theory Multi-layers of Defense Open Implementation Cloud Security-aware Virtual Machine Allocation in the Cloud Game Theory with Learning for Cloud Monitoring Conclusions 3
4 Cyber in the news (2015) Breach at Office of Personnel Management Hacked Ashley Madison site reveals >15,000.gov/.mil addresses; leads to blackmail Reported JPMorgan Chase, Target, Home Depot Sony vs North Korea South Korea blames North Korea for cyber attacks against Korean Hydro & Nuclear power Russia: Ukraine, Georgia and Cyber Crime U.S. Military command officials overseeing Middle East operations experience Twitter and YouTube account hacking Cyber is a highly contested domain! 4
5 Source: 2012 AF CV2025 5
6 Game Theory in the Cloud? Source: 6
7 Benefits Faster deployment Infrastructure flexibility No up-front Investment Fine-grained billing (e.g. hourly) Pay-as-you-go Improved productivity Benefits and Risks of Public Cloud Computing Risks Availability of services and data Complexity Performance Trust Privacy Security Interdependency Negative externalities Difficult to monitor Quick adoption from small users, i.e., low risks High risk applications with sensitive data require high assurance 7
8 Game Theory in Public Cloud Game Theory is the study of mathematical models of conflict and cooperation between intelligent rational decision-makers [Myerson, R. Game theory: analysis of conflict, Harvard University Press, 1997] The attackers, the cloud providers and all cloud users are intelligent and rational Rational attackers, cloud providers and users interact in a way that can be predicted and modeled Game Theory allows for reasoning quantitatively about cyber-attacks An increased level of sophistication of cyber attacks demonstrates intelligent behaviors 8
9 Decision Loop in Game Theory Identify all the players, their strategies, and payoffs. Monitoring: Observe others actions, Update your belief Information: Does each player know about others strategies and payoffs? Nash Equilibrium: Play your best response to other players strategies 9
10 Nash Equilibrium Every game has at least one Nash Equilibrium (NE) in either pure or mixed strategies A strategy profile is an NE if no player can unilaterally change its strategy and increase its payoff Each player plays its best response to other players strategies The NE of a security game can be used to: Predict attacker strategy Allocate cyber security resources Protect against worse-case scenarios Develop cyber defense algorithms Form the basis for formal decision making 10
11 Multi-layers of Defense ATTACKS Trust & Verification Layers of Defense VM Allocation Cloud Monitoring Mathematical abstractions provide a rigorous scientific basis for cyber security Manage cloud security on an end-to-end basis An attack may be able to cross a layer of defense But crossing all layers is less likely 11
12 Outline Cyber Playing Field Public Cloud Computing Challenges Game Theory Multi-layers of Defense Open Implementation Cloud Security-aware Virtual Machine Allocation in the Cloud Game Theory with Learning for Cloud Monitoring Conclusions 12
13 Traditional Cloud Closed Implementation Hides the implementation and configuration details Difficult to discover vulnerabilities Limitations: Difficult to audit Difficult to establish trust between users & providers Difficult to share cyber threat information [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 13
14 Trusted Cloud Open implementation Detailed implementations and configurations of all its software components can be examined by any third parties Including competitors, system s users and potential attackers Mis-configurations or out-of-date security patches are easier to be identified All its users are able to examine its correctness Security breaches are easier to identify and prove Demerits: Facilitate targeted attacks Extra cost to providers Contrast is similar to Open vs. Closed source software [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 14
15 Remote Attestations [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] Trusted Platform Module (TPM) is a hardware module serve as a Root of Trust for a platform Measure all loaded executables by hashing each piece of software into the TPM before loading it The platform is bootstrapped by the CRTM (Core Root of Trust for Measurement), which is trusted by Default CRTM measures the BIOS and the boot loader to construct a chainof-trust After loading the kernel, this chain is extended through every operating system components up to the applications and their configuration files 15
16 Trusted Cloud Model Kamhoua et al. On the Feasibility of an Open-Implementation loud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] To attest to a VM, the attester should examine: Attestations to a virtualized platform require the supports from the virtualized TPMs (vtpm) vtpm are managed by the vtpm Manager, an additional hypervisor component Chain-of-trust for the software system in a VM is rooted from the hardware TPM The properties of the software in supporting for bootstrapping the VM: the CRTM, BIOS, bootloader, and the hypervisor The properties of the software loaded inside the VM Attesters cannot attest to the VMs sharing the same hypervisor 16
17 Game Model Determine when both the users & provider find Trusted Cloud in their best interest Our Subgame Perfect Nash Equilibrium shows when an Open implementation is feasible in cloud computing [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 17
18 Game Analysis Theorem 1: The strategy profile (TC, TC) is a Subgame Perfect Nash Equilibrium if the cloud provider charges per user for using a Trusted Cloud ff TT and the charges per user for using a non-trusted Cloud ff NN are such that: rr TT dd TT rr NN dd NN LL + cc + dd TT gg + ll ff TT ff NN rr NN 1 dd NN rr TT 1 dd TT LL + dd TT gg II Otherwise, the cloud provider will play Non-TC. [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 18
19 Cyber-threats Monitoring Notations p: Probability to discover a given vulnerability in a Trusted Cloud q: Probability to discover a given vulnerability in a Non-Trusted Cloud Assumption: qq < pp n: Total Number of users m: Number of malicious users The rate of successful attack in a Trusted Cloud rr TT = 1 1 pp mm 1 pp nn mm+1 The rate of successful attack in a Non-Trusted Cloud rr NN = 1 1 qq mm 1 pp [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 19
20 Results Proposition 1: The strategy profile (TC, TC) cannot be a Subgame Perfect Nash Equilibrium if the rate of successful attack in a Trusted Cloud rr TT is not lower than the rate of successful attack in a Non-Trusted Cloud rr NN Proposition 2: A Trusted Cloud can only be of interest to a user when the potential loss from a cyber security breach is greater than or equal to a threshold LL TTTTTTTTT = cc + II + ll rr NN rr TT Proposition 3: Cyber threat monitoring and sharing decreases the rate of successful attack in a Trusted Cloud rr TT as the number of users increases [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 20
21 Numerical Results Rate of successful attack vs. probability of vulnerability discovery in a Trusted Cloud 0.25 Rate of successful attack Probability of vulnerability discovery in a trusted cloud Total number of Users: nn = 10 Number of malicious users: mm = 5 rr TTmmmmmm = pp = [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 21
22 Trusted Cloud vs. Non-Trusted Cloud Rate of successful attack Trusted Cloud vs. Non-Trusted Cloud Trusted Cloud Non-Trusted Cloud pp = nn = 10 mm = Probability of vulnerability discovery in a Non-Trusted Cloud Non-Trusted Cloud can be preferable if closed implementation will make vulnerability discovery really difficult. [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 22
23 Increase in the number of users Rate of successful attack Rate of successful attack vs. number of users Trusted Cloud Non-Trusted Cloud mm = Number of users As the number of users increases, the security of Trusted Cloud improves and outperforms Non-Trusted Cloud [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 23
24 Decrease in threshold 1000 L threshold vs. number of users L threshold Number of users As the number of users increases, the loss threshold to adopt Trusted Cloud decreases [Kamhoua et al. On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis IEEE UCC 2015.] 24
25 Data Validation Real data to validate our model Challenge: Trusted Cloud not yet widely deployed Dr. Anbang Ruan, new PhD graduate from Oxford currently works with a Trusted Cloud Service Provider Real data to come 25
26 Summary An Open Implementation Cloud is feasible Mutual benefit to cloud providers and Users Increased benefit with the number of users Higher payoff from cyber threat monitoring and sharing REFERENCE: Charles A. Kamhoua, Anbang Ruan, Andrew Martin, Kevin Kwiat, On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis in proceedings of the 2015 IEEE/ACM International Conference on Utility and Cloud Computing. 26
27 Outline Cyber Playing Field Public Cloud Computing Challenges Game Theory Multi-layers of Defense Open Implementation Cloud Security-aware Virtual Machine Allocation in the Cloud Game Theory with Learning for Cloud Monitoring Conclusions 27
28 System Model Two hypervisors: One with higher security than the other, but more costly to use. [Kwiat et al. Security-aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach IEEE CLOUD 2015] For each user, the best strategy (Invest or Not invest) depends on other users actions. A compromised hypervisor makes all users vulnerable on that hypervisor. Model extendable to m hypervisors 28
29 Externality Reduction Our Nash allocation minimizes the impact of side-channel attack [Kwiat et al. Security-aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach IEEE CLOUD 2015] 29
30 Summary Previous research shows that each user s decision to Invest or Not Invest depends on the potential loss from the neighbors after a security breach VMs that have similar potential loss from a security breach should be on the same physical machine The allocation method based on Nash Equilibrium was shown to reduce externalities compared to other allocation methods The expense factor e can be set by cloud provider to achieve desirable VM allocation preferences REFERENCE: Luke Kwiat, Charles A. Kamhoua, Kevin Kwiat, Jian Tang, Andrew Martin Security-aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach in proceedings of the IEEE International Conference on Cloud Computing, (IEEE CLOUD 2015), New York, June
31 Outline Cyber Playing Field Public Cloud Computing Challenges Game Theory Multi-layers of Defense Open Implementation Cloud Security-aware Virtual Machine Allocation in the Cloud Game Theory with Learning for Cloud Monitoring Conclusions 31
32 Summary Motivated the need for an automated decision making process Discussed the advantage and limitation of machine learning approaches for the intrusion response problem Proposed Q-Learning for a more realistic decision making model under limited information Naïve Q-Learning Study on impact of parameters Future Work: Application of the response model to Security analytics framework for real-time evaluation on real incident data REFERENCE: Keywhan Chung, Charles A. Kamhoua, Kevin A. Kwiat, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Game Theory with Learning for Cyber Security Monitoring in the proceedings of the 2016 IEEE High Assurance Systems Engineering Symposium (HASE), Orlando, Florida, January
33 Outline Cyber Playing Field Public Cloud Computing Challenges Game Theory Multi-layers of Defense Open Implementation Cloud Security-aware Virtual Machine Allocation in the Cloud Game Theory with Learning for Cloud Monitoring Conclusions 33
34 Conclusion Motivated the application of game theory to address cyber security problem Game Theory as a mature mathematical framework to advance the scientific foundation of cyber security Learning can complement game theory when limited information is available 34
35 Reference Charles A. Kamhoua, Anbang Ruan, Andrew Martin, Kevin Kwiat, On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis in proceedings of the 2015 IEEE/ACM International Conference on Utility and Cloud Computing. Luke Kwiat, Charles A. Kamhoua, Kevin Kwiat, Jian Tang, Andrew Martin Security-aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach in proceedings of the IEEE International Conference on Cloud Computing, (IEEE CLOUD 2015), New York, June Keywhan Chung, Charles A. Kamhoua, Kevin A. Kwiat, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Game Theory with Learning for Cyber Security Monitoring in the proceedings of the 2016 IEEE High Assurance Systems Engineering Symposium (HASE), Orlando, Florida, January
36 36
Game Theory with Learning for Cybersecurity Monitoring
Game Theory with Learning for Cybersecurity Monitoring Keywhan Chung advised by : Professor Ravishankar Iyer Professor Zbigniew Kalbarczyk In collaboration with Dr. Charles Kamhoua, Dr. Kevin Kwiat at
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationSachin Shetty Old Dominion University April 10, Cyber Risk Scoring and Mitigation(CRISM)
Sachin Shetty Old Dominion University sshetty@odu.edu April 10, 2019 Cyber Risk Scoring and Mitigation(CRISM) Customer Need - Life in the Security Operation Center Intrusion Detection System alerts Prioritized
More informationWeb Security Vulnerabilities: Challenges and Solutions
Web Security Vulnerabilities: Challenges and Solutions A Tutorial Proposal for ACM SAC 2018 by Dr. Hossain Shahriar Department of Information Technology Kennesaw State University Kennesaw, GA 30144, USA
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
More informationCybersecurity in Government
Cybersecurity in Government Executive Development Course: Digital Government Ng Lup Houh, Principal Cybersecurity Specialist Cybersecurity Group 03 April 2018 Agenda Cyber Threats & Vulnerabilities Cyber
More informationGame Theoretic Modeling of Security and Interdependency in a Public Cloud
Game Theoretic Modeling of Security and Interdependency in a Public Cloud Charles A. Kamhoua 1, Luke Kwiat 2, Kevin A. Kwiat 1, Joon S. Park 3, Ming Zhao 4, Manuel Rodriguez 1 charles.kamhoua.1; luke.kwiat.ctr;
More informationDigital Forensic Science: Ideas, Gaps and the Future. Dr. Joshua I. James
Digital Forensic Science: Ideas, Gaps and the Future Dr. Joshua I. James Joshua@cybercrimetech.com 2015-08-09 Overview Digital Forensic Science where are we now? Past Present Where are we going? Future
More informationGame Theoretic Solutions to Cyber Attack and Network Defense Problems
Game Theoretic Solutions to Cyber Attack and Network Defense Problems 12 th ICCRTS "Adapting C2 to the 21st Century Newport, Rhode Island, June 19-21, 2007 Automation, Inc Dan Shen, Genshe Chen Cruz &
More informationCOST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE
2017 COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE NUMBER OF SECURITY BREACHES IS RISING AND SO IS SPEND Average number of security breaches each year 130 Average
More informationA Game-Theoretic Framework for Congestion Control in General Topology Networks
A Game-Theoretic Framework for Congestion Control in General Topology SYS793 Presentation! By:! Computer Science Department! University of Virginia 1 Outline 2 1 Problem and Motivation! Congestion Control
More informationSimple Channel-Change Games for Spectrum- Agile Wireless Networks
1 Proceedings of Student/Faculty Research Day, CSIS, Pace University, May 5 th, 26 Simple Channel-Change Games for Spectrum- Agile Wireless Networks Roli G. Wendorf and Howard Blum Abstract The proliferation
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationBuilding Secure Systems
Building Secure Systems Antony Selim, CISSP, P.E. Cyber Security and Enterprise Security Architecture 13 November 2015 Copyright 2015 Raytheon Company. All rights reserved. Customer Success Is Our Mission
More informationHacker Academy UK. Black Suits, White Hats!
Hacker Academy UK Black Suits, White Hats! Cyber Security Training and Services Do your devices Protect you against Cyber-attacks? Chinese hackers have allegedly stolen 50 terabytes of data on F-35 aircraft,
More informationGames and Cyber Security
Games and Cyber Security Seminar at University of Bristol Manos Panaousis June 3, 2015 Outline 1 Why and how game theory can support decision-making in cyber security 2 Discuss fundamental concepts of
More informationPlenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.
Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m. Cybersecurity is a top priority for the financial services industry. Firms dedicate significant resources every
More informationCyber-threats Information Sharing in Cloud Computing: A game Theoretic Approach
Cyber-threats Information Sharing in Cloud Computing: A game Theoretic Approach Charles Kamhoua 1, Andrew Martin 2, Deepak K. Tosh 3, Kevin A. Kwiat 1, Chad Heitzenrater 2, Shamik Sengupta 3 1 Air Force
More informationGREEN HILLS SOFTWARE: EAL6+ SECURITY FOR MISSION CRITICAL APPLICATIONS
GREEN HILLS SOFTWARE: EAL6+ SECURITY FOR MISSION CRITICAL APPLICATIONS 15 December 2008: EAL6+ Security for Mission Critical Applications INTERVIEWEE. DAVID KLEIDERMACHER CHIEF TECHNOLOGY OFFICER TEL.
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationIBM PowerSC. Designed for Enterprise Security & Compliance in Cloud and Virtualised environments. Highlights
IBM PowerSC Designed for Enterprise Security & Compliance in Cloud and Virtualised environments Highlights Simplify management and measurement for security & compliance Quickly view security compliance
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Introduction to Trusted Computing Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Summer Term 2017 Roadmap: Trusted Computing Motivation
More informationProtect Your Organization from Cyber Attacks
Protect Your Organization from Cyber Attacks Leverage the advanced skills of our consultants to uncover vulnerabilities our competitors overlook. READY FOR MORE THAN A VA SCAN? Cyber Attacks by the Numbers
More informationCyber Security Issues and Responses. Andrew Rogoyski Head of Cyber Security Services CGI UK
Cyber Security Issues and Responses Andrew Rogoyski Head of Cyber Security Services CGI UK andrew.rogoyski@cgi.com CGI in cyber security Credentials Clients We have over 35 years of experience working
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationSecure Multi-Party Computation of Probabilistic Threat Propagation
Secure Multi-Party Computation of Probabilistic Threat Propagation Emily Shen Nabil Schear, Ellen Vitercik, Arkady Yerukhimovich Graph Exploitation Symposium 216 DISTRIBUTION STATEMENT A. Approved for
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationSecurity and Privacy in Cloud Computing
Security and Privacy in Cloud Computing Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Securing Clouds Goal: Learn about different techniques for protecting a cloud against
More informationOn Bounded Rationality in Cyber-Physical Systems Security: Game-Theoretic Analysis with Application to Smart Grid Protection
On Bounded Rationality in Cyber-Physical Systems Security: Game-Theoretic Analysis with Application to Smart Grid Protection CPSR-SG 2016 CPS Week 2016 April 12, 2016 Vienna, Austria Outline CPS Security
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationNetwork Virtualization Business Case
SESSION ID: GPS2-R01 Network Virtualization Business Case Arup Deb virtual networking & security VMware NSBU adeb@vmware.com I. Data center security today Don t hate the player, hate the game - Ice T,
More informationSTANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
More informationAgenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2
GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS Agenda GDPR Overview & Requirements IBM Secure
More informationStochastic Coalitional Games with Constant Matrix of Transition Probabilities
Applied Mathematical Sciences, Vol. 8, 2014, no. 170, 8459-8465 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ams.2014.410891 Stochastic Coalitional Games with Constant Matrix of Transition Probabilities
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationeguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments
eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCourse Curriculum for Master Degree in Network Engineering and Security
Course Curriculum for Master Degree in Network Engineering and Security The Master Degree in Network Engineering and Security is awarded by the Faculty of Graduate Studies at Jordan University of Science
More informationCyber Security Incident Response Fighting Fire with Fire
Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the
More informationBring Your Own Device (BYOD)
Bring Your Own Device (BYOD) An information security and ediscovery analysis A Whitepaper Call: +44 345 222 1711 / +353 1 210 1711 Email: cyber@bsigroup.com Visit: bsigroup.com Executive summary Organizations
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationDmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices
Dmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices Against Cyber Attacks (CODEF) Cyber Security of the
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationCYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management
CYSE 411/AIT 681 Secure Software Engineering Topic #3. Risk Management Instructor: Dr. Kun Sun Outline 1. Risk management 2. Standards on Evaluating Secure System 3. Security Analysis using Security Metrics
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationOS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
More informationTech Advantage Benchmarking Your Cyber Security Program. March 5, 2014
Tech Advantage Benchmarking Your Cyber Security Program March 5, 2014 Elements of Cyber Security Confidentiality Integrity C Security Availability I A Perfect security is unattainable Overview What is
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($
More informationSun Tzu Meets the Cloud Everything Is Different Nothing Has Changed
Sun Tzu Meets the Cloud Everything Is Different Nothing Has Changed Sean Jennings, Co-founder & SVP Solutions Architecture EMEA & APAC @VCDX17 @virtustream Sun Who? The greatest victory is that which requires
More informationScotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage
Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage Kevin Leach 1, Fengwei Zhang 2, and Westley Weimer 1 1 University of Michigan, 2 Wayne State University
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationIntelligent Terminal System Based on Trusted Platform Module
American Journal of Mobile Systems, Applications and Services Vol. 4, No. 3, 2018, pp. 13-18 http://www.aiscience.org/journal/ajmsas ISSN: 2471-7282 (Print); ISSN: 2471-7290 (Online) Intelligent Terminal
More informationCyber Security CRA Overview
Cyber Security CRA Overview Patrick McDaniel (PM, PSU) & Edward Colbert (CAM, ARL) cra.psu.edu Approved for public release; distribution is unlimited. Cyber Security Collaborative Research Alliance A Collaborative
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationIllinois Cyber Navigator Program
Illinois Cyber Navigator Program Illinois State Board of Elections PA 100-0587 (10 ILCS 5/1A-55) Sec. 1A-55. Cyber security efforts. The State Board of Elections shall provide by rule, after at least 2
More informationISF Threat Horizon: Cybercrime and the banking industry
ISF Threat Horizon: Cybercrime and the banking industry Dr Adrian Davis, PhD, MBA, MBCS, CITP, CISMP Principal Research Analyst Information Security Forum Agenda: External threats Regulatory threats Internal
More informationAND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING
PROTECTING BANKING AND FINANCIAL INSTITUTIONS FROM CYBER FRAUD Enabling the financial industry to become proactively secure and compliant Overview In order to keep up with the changing digital payment
More informationCompTIA CASP (Advanced Security Practitioner)
CompTIA CASP (Advanced Security Practitioner) Course Length: 5 days (virtual) Click here to view the current class schedule! Overview: The CompTIA Advanced Security Practitioner (CASP) Certification is
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationNew Project Proposal Status Report Final Report
Title: Models and Software Tools for Managing Network Complexity Date: May 16, 2018 Researcher Name(s): Xin Sun University: Ball State University Long Term Goal(s) New Project Proposal Status Report Final
More informationTRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE
SESSION ID: TECH-F03 TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE Tom Dodson Supply Chain Security Architect Intel Corporation/Business Client Products Monty Wiseman Security
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More informationModelling Cyber Security Risk Across the Organization Hierarchy
Modelling Cyber Security Risk Across the Organization Hierarchy Security issues have different causes and effects at different layers within the organization one size most definitely does not fit all.
More informationSecurity in a Converging IT/OT World
Security in a Converging IT/OT World Introduction Around the winter solstice, darkness comes early to the citizens of Ukraine. On December 23, 2015, it came a little earlier than normal. In mid-afternoon,
More informationSymantec Cloud Workload Protection
Solution Brief Symantec Cloud Workload Protection Secure Your Public Cloud Deployments and Reduce Risk Executive Summary Organizations are rapidly adopting public cloud services such as Amazon Web Services
More informationSolutions of Stochastic Coalitional Games
Applied Mathematical Sciences, Vol. 8, 2014, no. 169, 8443-8450 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ams.2014.410881 Solutions of Stochastic Coalitional Games Xeniya Grigorieva St.Petersburg
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationPast, Present, and Future Justin Johnson Senior Principal Firmware Engineer
Dell Firmware Security Past, Present, and Future Justin Johnson Senior Principal Firmware Engineer justin.johnson1@dell.com Dell Security 2 What does BIOS do? Configure and Test System Memory Configure
More informationThe Challenge of Cloud Security
The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationSystemic Analyser in Network Threats
Systemic Analyser in Network Threats www.project-saint.eu @saintprojecteu #saintprojecteu John M.A. Bothos jbothos@iit.demokritos.gr Integrated System Laboratory Institute of Informatics & Telecommunication
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationAttackers Process. Compromise the Root of the Domain Network: Active Directory
Attackers Process Compromise the Root of the Domain Network: Active Directory BACKDOORS STEAL CREDENTIALS MOVE LATERALLY MAINTAIN PRESENCE PREVENTION SOLUTIONS INITIAL RECON INITIAL COMPROMISE ESTABLISH
More informationUsing Game Theory To Solve Network Security. A brief survey by Willie Cohen
Using Game Theory To Solve Network Security A brief survey by Willie Cohen Network Security Overview By default networks are very insecure There are a number of well known methods for securing a network
More informationEnd-to-end QoS negotiation in network federations
End-to-end QoS negotiation in network federations H. Pouyllau, R. Douville Avril, 2010 Outline Motivation for Network federations The problem of end-to-end SLA composition Scenario of composition and negotiation
More informationCyber Fraud What can you do about it?
Cyber Fraud What can you do about it? Eric Wright Shareholder June 10, 2014 What is Cyber Fraud? NetLingo definition: Cyber fraud refers to any type of deliberate deception for unfair or unlawful gain
More informationHuman Biases Meet Cybersecurity of Embedded and Networked Systems
Human Biases Meet Cybersecurity of Embedded and Networked Systems Saurabh Bagchi and Shreyas Sundaram School of Electrical and Computer Engineering CERIAS Purdue University Vision for Security of Embedded
More informationCapacity Assurance in Hostile Networks
PhD Dissertation Defense Wednesday, October 7, 2015 3:30 pm - 5:30 pm 3112 Engineering Building Capacity Assurance in Hostile Networks By: Jian Li Advisor: Jian Ren ABSTRACT Linear network coding provides
More informationTrusted Computing Group
Trusted Computing Group Backgrounder May 2003 Copyright 2003 Trusted Computing Group (www.trustedcomputinggroup.org.) All Rights Reserved Trusted Computing Group Enabling the Industry to Make Computing
More informationInternet of Things Security standards
Internet of Things Security standards Vangelis Gazis (vangelis.gazis@huawei.com) Chief Architect Security Internet of Things (IoT) Security Solution Planning & Architecture Design (SPD) Security standards
More informationAn Overview of Mobile Security
An Overview of Mobile Security Dr. Fan Wu Professor, Department of Computer Science, College of Business and Information Science (CBIS) Director, Center of Information Assurance Education (CIAE) Interim
More informationThe Road to a Secure, Compliant Cloud
The Road to a Secure, Compliant Cloud The Road to a Secure, Compliant Cloud Build a trusted infrastructure with a solution stack from Intel, IBM Cloud SoftLayer,* VMware,* and HyTrust Technology innovation
More informationCDG2A/CDZ4A/CDC4A/ MBT4A ELEMENTS OF OPERATIONS RESEARCH. Unit : I - V
CDG2A/CDZ4A/CDC4A/ MBT4A ELEMENTS OF OPERATIONS RESEARCH Unit : I - V UNIT I Introduction Operations Research Meaning and definition. Origin and History Characteristics and Scope Techniques in Operations
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationTHE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION
THE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION CONTENTS EXECUTIVE SUMMARY HANDLING CONFLICTING RESPONSIBILITIES WITH CARE DIGITAL TRANSFORMATION CREATES NEW
More informationA Network Coloring Game
A Network Coloring Game Kamalika Chaudhuri, Fan Chung 2, and Mohammad Shoaib Jamall 2 Information Theory and Applications Center, UC San Diego kamalika@soe.ucsd.edu 2 Department of Mathematics, UC San
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay
ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay Or We Can Remember It for You Wholesale (with apologies to Philip K. Dick) George Dunlap, Sam King, SukruCinar, MurtazaBasraiand
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationCyber Security Maturity Model
Cyber Security Maturity Model Robert Lentz Former DoD CISO / Deputy Assistant Secretary Cyber Facts Facts About About Intrusions Intrusions 2 Verizon 2010 Data Breach Investigation Report WHO IS BEHIND
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More information