A Quantitative Framework for Cyber Moving Target Defenses
|
|
- Darcy Campbell
- 5 years ago
- Views:
Transcription
1 A Quantitative Framework for Cyber Moving Target Defenses Warren Connell 29 Aug 17 Massimiliano Albanese, co-director Daniel Menascé, co-director Sushil Jajodia Rajesh Ganesan 7/6/2017 1
2 Outline Introduction Background Problem Statement Thesis Contributions MTD Quantification Framework Performance Modeling of Moving Target Defenses Conclusion and Future Work 7/6/2017 2
3 Moving Target Defenses Current state of cyber defense: attackers have natural advantage Near-unlimited time for reconnaissance / preparation Access to 0-day vulnerabilities Attacker only needs to find a single vulnerable entry point Moving Target Defenses (MTDs): change properties of a system Introduces asymmetric uncertainty that favors defender over attacker Attackers do not have adequate time to find vulnerabilities / create exploits 7/6/2017 Jajodia, Sushil, AnupK. Ghosh, VipinSwarup, Cliff Wang, and X. Sean Wang, eds.moving target defense: creating 3 asymmetric uncertainty for cyber threats. Vol. 54. Springer Science & Business Media, 2011.
4 Background 2013 Survey: 39 MTDs organized across 5 categories Taxonomy Dynamic Platforms Dynamic Runtime Environments Dynamic Software Dynamic Data Dynamic Networks Okhravi, Hamed, M. A. Rabe, T. J. Mayberry, W. G. Leonard, T. R. Hobson, D. Bigelow, and W. W. Streilein.Survey of cyber moving target techniques. No. MIT/LL-TR MASSACHUSETTS INST OF TECH LEXINGTON LINCOLN LAB, 2013.
5 2015 Expert Survey: Several recommended methods for measurement Qualitative estimations of effectiveness / cost Background 7/6/ Farris, Katheryn A., and George Cybenko. "Quantification of moving target cyber defenses."spie Defense+ Security. International Society for Optics and Photonics, 2015.
6 MTD Analysis / Tradeoff Example Reconfigure a percentage of network addresses per cycle Analysis using probabilistic models Static case: Pr >0 =1 Pr =0 =1 Dynamic case: Pr >0 =1 Pr =0 =1 (1 ) Tradeoffs between attacker success and connection loss Shuffle rate 7/6/2017 Carroll, Thomas E., Michael Crouse, ErrinW. Fulp, and Kenneth S. Berenhaut. "Analysis of network address shuffling as a moving target 6 defense." 2014 IEEE International Conference on Communications (ICC). IEEE, Probability
7 Problem Statement Existing MTDs are very diverse Often specialized against specific attack vectors No uniform / accepted way to quantify MTDs Objective: Develop a unified framework to comparatively measure Moving Target Defenses Quantification measures should be uniform across MTDs Must measure effectiveness against known and unknown attack paths Must uniformly measure cost 7/6/2017 7
8 Thesis It is possible to quantify the performance of MTDs by analytically predicting their effectiveness and cost in response time, and to use this quantification to determine the optimal configuration for any combination of varying MTDs. 7/6/2017 8
9 Contributions MTD Quantification Framework: Captures the relationships between available MTDsand the knowledgesuch MTDs may affect using probabilistic measures Captures the relationships between services, their software weaknesses, and the knowledge required to exploit such weaknesses Probabilistically determines the effectiveness of any given technique or set of techniques, regardless of how they operate Analytic Model: Use of Continuous Time Markov Chainsto predict MTD security and performance Method to determine optimal reconfiguration rate to maximize utility 7/6/2017 9
10 Outline Introduction MTD Quantification Framework Attack Model Model Overview Basic Example Detailed Example / Solution Method Performance Modeling of Moving Target Defenses Conclusion and Future Work 7/6/
11 Attack Model Static defenses give attackers virtually unlimited time to plan / execute attacks Attacks can be thwarted / delayed by introducing uncertainty Attackers can exploit any known or unknown vulnerabilities in target system Most MTDs only protect against a narrow subset of possible attacks Multiple MTDs will be required for complete coverage 7/6/
12 MTD Quantification Model Can measure a wide variety of MTDs Uses single measure of effectiveness based on knowledge disruption Uses probabilistic calculations Inspired by attack graphs Computes utility Based on additional provided security & cost Inspired by autonomic systems MTD 1 Service Rotation P 1 = 0.25 P 2 = 0.75 (1,service) SQL Injection MTD 2 IP Rotation (1,IP) Buffer Overflow MTD 3 ASLR (1,memory) P 3 = 0.5 P SQL = P buf = U = Service 1 (SQL DB) 7/6/
13 Model Overview 4-layer model Layer 1: defines the servicesto be protected It is time and MTD invariant Assumption: services are independent Service 1 (SQL DB) Service 2 (Web Server) 7/6/
14 Model Overview Layer 2: defines classes of weaknesses / vulnerabilities for each service Avoids modeling specific vulnerabilities / exploits Instead, uses Common Weakness Enumeration (CWE) E.g., 2011 CWE/SANS Top 25 Most Dangerous Software Errors ( Also time and MTD invariant SQL Injection Buffer Overflow Buffer Overflow Cross-site scripting Service 1 (SQL DB) Service 2 (Web Server) 7/6/
15 Model Overview Layer 3: defines required knowledge to exploit each vulnerability (1,service) (1,IP) (1,memory) SQL Injection Buffer Overflow Buffer Overflow Cross-site scripting Service 1 (SQL DB) Service 2 (Web Server) 7/6/
16 Model Overview Layer 4: models the relationship between available MTDs and knowledge blocks Assumption: When no MTDs are deployed, the probability of an attacker acquiring knowledge = 1 P(attack success) = 1 MTDs will reduce this probability MTD 1 Service Rotation (1,service) SQL Injection MTD 2 IP Rotation (1,IP) Buffer Overflow MTD 3 Dynamic ASLR (1,memory) Buffer Overflow Cross-site scripting Assume MTDs are independent Service 1 (SQL DB) Service 2 (Web Server) 7/6/
17 Model Overview MTDs affect weights of edges leading to knowledge blocks The weight P i of an edge from MTD i to a knowledge block can be computed as the attacker s success rate P i = 0 perfect protection P i = 1 no effect MTD 1 Service Rotation MTD 2 IP Rotation MTD 3 Dynamic ASLR P 1 P 2 P 3 (1,service) (1,IP) (1,memory) SQL Injection Buffer Overflow Buffer Overflow Cross-site scripting Service 1 (SQL DB) Service 2 (Web Server) 7/6/
18 MTD 1 : Service rotation 4 different versions of DB service P 1 = 0.25 MTD 2 : IP rotation Perfect shuffling: ~0.63 P 2 = 0.75 Joint probability P SQL = 0.75 * 0.25 = Basic Example P 1 = 0.25 MTD 1 Service Rotation (1,service) P SQL = SQL Injection P 2 = 0.75 MTD 2 IP Rotation (1,IP) Buffer Overflow MTD 3 Dynamic ASLR (1,memory) Buffer Overflow Cross-site scripting Accuracy of the model is dependent upon the accuracy of P i for each MTD Service 1 (SQL DB) Service 2 (Web Server) 7/6/
19 Basic Example MTD 2 : IP rotation Perfect shuffling: ~0.63 P 2 = 0.75 MTD 3 : Dynamic ASLR Reduces probability by a factor of 2 compared to static ASLR P 3 = 0.5 Joint probability P buf = 0.75 * 0.5 = MTD 1 Service Rotation P 1 = 0.25 P 2 = 0.75 (1,service) P SQL = SQL Injection MTD 2 IP Rotation (1,IP) Buffer Overflow MTD 3 Dynamic ASLR P 3 = 0.5 (1,memory) P buf = Buffer Overflow Cross-site scripting Service 1 (SQL DB) Service 2 (Web Server) 7/6/
20 Basic Example Define utility as P(0 attacks succeed) = 1 (P SQL + P buf P SQL buf ) P SQL buf = P 1 P 2 P 3 Emphasizes some protection against all weaknesses MTD 1 Service Rotation P 1 = 0.25 P 2 = 0.75 (1,service) MTD 2 IP Rotation (1,IP) MTD 3 Dynamic ASLR P 3 = 0.5 (1,memory) SQL Injection Buffer Overflow Buffer Overflow Cross-site scripting P SQL = P buf = U = Service 1 (SQL DB) Service 2 (Web Server) 7/6/
21 Detailed Example MTD8 ASLR P 8 MTD9 TALENT P 91 P 92 MTD2 Intrusion- Tolerant Sys MTD5 OS Rotation MTD7 Multivariant Systems P 21 P 22 P 23 P 5 P 71 P 72 MTD1 Service Rotation MTD4 IP Rotation (MOTAG) MTD6 Mutable Networks MTD10 Reverse Stack Execution P 1 P 4 MTD3 SQLRand P 61 P 62 P 10 MTD11 Distraction Cluster P 31 P 32 P 11 (1,application) (1,keyword) (1,DBschema) (1,IP) (1,OS) (1, syscall_mapping) (1, Mem_Address) (1,stack_dir) (1,instr_set) (1,path) SQL OS Buffer W 1 Injection W 2 Injection W 3 Overflow W 4 Eavesdropping Service 1 (SQL DB) 7/6/
22 Detailed Example MTD8 ASLR P 8 MTD9 TALENT P 91 P 92 MTD2 Intrusion- Tolerant Sys MTD5 OS Rotation MTD7 Multivariant Systems P 21 P 22 P 23 P 5 P 71 P 72 MTD1 Service Rotation MTD4 IP Rotation (MOTAG) MTD6 Mutable Networks MTD10 Reverse Stack Execution P 1 P 4 MTD3 SQLRand P 61 P 62 P 10 MTD11 Distraction Cluster P 31 P 32 P 11 (1,application) (1,keyword) (1,DBschema) (1,IP) (1,OS) (1, syscall_mapping) (1, Mem_Address) (1,stack_dir) (1,instr_set) (1,path) SQL OS Buffer W 1 Injection W 2 Injection W 3 Overflow W 4 Eavesdropping Maximize,,, s.t. ( ) 0,1 Service 1 (SQL DB) 7/6/
23 Example Solution Method Maximize,,, s.t. ( ) 0,1 MTDs expressed as binary variables If MTD present: MTD effect applied to knowledge MTD cost applied to budget Solve using optimization method of your choice e.g., Generalized Reduced Gradient, heuristic methods MTD Px attack success rate C (cost) Active? P(effective) C(effective) MTD1 P MTD2 P P P MTD3 P P MTD4 P MTD5 P MTD6 P P MTD7 P P MTD8 P MTD9 P P MTD10 P MTD11 P Knowledge: Total Cost 0 (1,application) Total Budget 120 (1,keyword) (1,DBschema) Cost: (1,IP) High 25 (1,OS) Medium 15 (1, syscall_mapping) Low 5 (1, Mem_Address) (1,stack_dir) Effectiveness: (1,instr_set) High 0.3 (1,path) Medium 0.5 Low 0.9 Chance of attack success: SQL Injection OS Injection Buffer Overflow Easvesdropping Chance of attacker success: Utility
24 Example Solution Selected 6 out of 11 MTDs At least 1 MTD per weakness Cost within budget constraints MTD Px attack success rate C (cost) Active? P(effective) C(effective) MTD1 P MTD2 P P P MTD3 P P MTD4 P MTD5 P MTD6 P P MTD7 P P MTD8 P MTD9 P P MTD10 P MTD11 P Knowledge: Total Cost 110 (1,application) Total Budget 120 (1,keyword) (1,DBschema) Cost: (1,IP) High 25 (1,OS) Medium 15 (1, syscall_mapping) Low 5 (1, Mem_Address) (1,stack_dir) Effectiveness: (1,instr_set) High 0.3 (1,path) Medium 0.5 Low 0.9 Chance of attack success: SQL Injection OS Injection Buffer Overflow Easvesdropping Chance of attacker success: Utility /6/
25 Example Solution MTD8 ASLR P 8 MTD9 TALENT P 91 P 92 MTD2 Intrusion- Tolerant Sys MTD5 OS Rotation MTD7 Multivariant Systems P 21 P 22 P 23 P 5 P 71 P 72 MTD1 Service Rotation MTD4 IP Rotation (MOTAG) MTD6 Mutable Networks MTD10 Reverse Stack Execution P 1 P 4 MTD3 SQLRand P 61 P 62 P 10 MTD11 Distraction Cluster P 31 P 32 P 11 (1,application) (1,keyword) (1,DBschema) (1,IP) (1,OS) (1, syscall_mapping) (1, Mem_Address) (1,stack_dir) (1,instr_set) (1,path) SQL OS Buffer W 1 Injection W 2 Injection W 3 Overflow W 4 Eavesdropping Service 1 (SQL DB) 7/6/
26 Example Solution MTD8 ASLR P 8 MTD9 TALENT P 91 P 92 MTD2 Intrusion- Tolerant Sys MTD5 OS Rotation MTD7 Multivariant Systems P 21 P 22 P 23 P 5 P 71 P 72 MTD1 Service Rotation MTD4 IP Rotation (MOTAG) MTD6 Mutable Networks MTD10 Reverse Stack Execution P 1 P 4 MTD3 SQLRand P 61 P 62 P 10 MTD11 Distraction Cluster P 31 P 32 P 11 (1,application) (1,keyword) (1,DBschema) (1,IP) (1,OS) (1, syscall_mapping) (1, Mem_Address) (1,stack_dir) (1,instr_set) (1,path) SQL OS Buffer W 1 Injection W 2 Injection W 3 Overflow W 4 Eavesdropping How to calculate values of P i? How to better compute cost? Service 1 (SQL DB) 7/6/
27 Outline Introduction MTD Quantification Framework Performance Modeling of Moving Target Defenses Model Overview Reconfiguration / Performance Models Simulation / Experiments Conclusion and Future Work 7/6/
28 Model Overview α c resources available Reconfiguration requests Arrival rate α Reconfiguration time S Arrive independently for each resource Incoming service requests Arrival rate λ Service time T Queued if no resource available Reconfiguring reduces availability, increases response time λ being reconfigured in use by a service request available for use c 7/6/
29 Analytic Reconfiguration and Performance Models Reconfiguration Model Determines reconfiguration probability distribution and availability Performance Model Determines response time based on reconfiguration probability distribution 7/6/
30 Reconfiguration Model (Markov Chain) At any given time, k resources are reconfiguring αc α(c-1) α(c-k+1) α(c-k) 2 α α k... c-2 c-1 c 1/S 2/S k/s (k+1)/s (c-1)/s c/s General birth-death equations for Markov Chains ( =1 7/6/
31 Managing Server Overload on Response Time Determine maximum # of resources c*that can be reconfiguring at one time Server utilization = Select c* s.t. < 1 at all times 2 Possible policies: Drop: If c* resources are reconfiguring, drop the request Wait: If c* resources are reconfiguring, wait until k < c* Response Time (sec) α(rec/sec) Simulation Analytic /6/
32 Drop and Wait Policies Modified Markov Chains for Drop and Wait Polices: Drop Policy: Wait Policy: 7/6/
33 Determining Attacker Success Rate No MTD: attacker has unlimited time to plan and execute attack Represent attacker s success rate as function of resource age Assumes attacker has increasing probability of success over time Reconfigurations disrupt that probability E.g.: linear probes, malware infections that spread exponentially Ps Time (sec) Linear Ps Exponential Ps 7/6/
34 Average Resource Age Based on probability distribution, we can compute: % dropped reconfiguration requests Average reconfiguration delay Average age is (1/α) + delay Age (sec) α(rec/sec) Drop Wait 7/6/
35 Analytic Reconfiguration and Performance Models Reconfiguration Model Determines reconfiguration probability distribution and availability Performance Model Determines response time based on reconfiguration probability distribution 7/6/
36 Performance Model (Markov Chain) λ: arrival rate of service requests μδ k : average departure rate of service requests μ: departure rate of service requests (1/T) δ k : # of resources available (weighted sum of probabilities from distribution) = π j : probability there are j resources available λ λ λ λ λ c... k k+1... µδ 1 µδ 2 µδ c µδ c µδ c 7/6/
37 Performance Model (Calculations) Use generalized Birth-Death equations to calculate average # of requests in system: = = Response Time (sec) α(rec/sec) Drop Wait Response time R = N s / λ(little s Law) 7/6/
38 Experimental Setup SimPy library for Python Discrete event generator to run simulations or control system in real time XenServer open-source VM platform Multiple concurrent processes: a) c independent processes to generate reconfiguration requests (arrival rate α) b) 1 process to generate independent service requests (arrival rate λ) c) Monitor process # of requests in system # of queued requests Average VM age VM Management console 7/6/ c) a) b)... VM 1 VM 2 VM c
39 Implementation Resource locking / queuing: a) incoming requests (both service and reconfiguration) b) service request queue c) resource lock on VM pool Synchronizes multiple processes E.g.: reconfiguration request to busy VM Flag it for reconfiguration Reconfigure before returning to idle pool a) b) c) Idle pool Shuffle pool VM Pools Use pool Goal: Make reconfiguration as transparent as possible without affecting response times VM Movement Requests 7/6/
40 Analytic vs. Simulation Results Drop Policy α(rec/sec) Analytic Simulation 7/6/ Availability Age (sec) Availability: Average VM Age: Response Time: Response Time (sec) α(rec/sec) α(rec/sec) Analytic Simulation Analytic Simulation
41 Experimental vs. Simulation Results Further validation of simulation results by implementing MTD in XenServer to reconfigure VMs Availability Response Time α Simulation Experimental Error Simulation Experimental Error ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % ± ± % 7/6/
42 Computing Utility Choose sigmoid parameters and weight factors for user goals β R = 0.55 sec, β S = 0.2, σ= 10, W R = 0.5, W S = US(Ps) Ug α(rec/sec) α(rec/sec) α(rec/sec) 7/6/ UR(tr) US
43 Utility Values for Various Weight Combinations Utility α(rec/sec) wr = 0.5, ws = 0.5 wr = 0.75, ws = 0.25 wr = 0.25, ws = /6/
44 Outline Introduction MTD Quantification Framework Performance Modeling of Moving Target Defenses Model Overview Reconfiguration / Response time Models Simulation / Experiments Conclusion and Future Work Conclusions Future Work Publications 7/6/
45 Conclusions Introduced framework for quantifying MTDs Single probability-based utility measure Can accommodate any existing or future MTD Captures relationship between MTDs, knowledge, weaknesses, and services Introduced analytic model to assess performance Optimized reconfiguration rate that maximizes effectiveness and minimizes response time 7/6/
46 Future Work Experiments with multiple MTDs Further validate model / capture interactions between MTDs Experimental proof-of-concept already built Application to multiple cyber attack phases Reconnaissance important, but need defense-in-depth Application to multiple services w/ dependencies E.g. attacker needs to compromise service A before service B Autonomic Controllers Change reconfiguration rate to adapt to changing conditions 7/6/
47 Publications Published: Connell, Warren, Albanese, Massimiliano, and Sridhar Venkatesan. "A Framework for Moving Target Defense Quantification."IFIP International Information Security and Privacy Conference.Springer International Publishing, Under review: Connell, Warren, Menasce, Daniel, and Albanese, Massimiliano. Performance Modeling of Moving Target Defenses with Reconfiguration Limits. IEEE Transactions on Information Forensics and Security. Connell, Warren, Menasce, Daniel, and Albanese, Massimiliano. Performance Modeling of Moving Target Defenses. FourthACM Workshop on Moving Target Defense(MTD), October /6/
48 Questions? MTD 1 Service Rotation P 1 = 0.25 P 2 = 0.75 MTD 2 IP Rotation MTD 3 Dynamic ASLR P 3 = 0.5 (1,service) (1,IP) (1,memory) K 1 = 0.25 K 2 = 0.75 K 3 = 0.5 P SQL = SQL Injection Buffer Overflow P buf = U = Service 1 (SQL DB) 7/6/
A Framework for Moving Target Defense Quantification
A Framework for Moving Target Defense Quantification Warren Connell, Massimiliano Albanese (B), and Sridhar Venkatesan George Mason University, Fairfax, VA 22030, USA {wconnel2,malbanes,svenkate}@gmu.edu
More informationCombining Moving Target Defense with Autonomic Systems. Warren Connell 7 Dec 15
Combining Moving Target Defense with Autonomic Systems Warren Connell 7 Dec 15 Problem / Motivation Related to area of Moving Target Defense (MTD) Few research papers devoted to effectiveness Few devoted
More informationAnalysis of Concurrent Moving Target Defenses
Analysis of Concurrent Moving Target Defenses Warren Connell George Mason University Fairfax, Virginia wconnel2@gmu.edu Luan Huy Pham George Mason University Fairfax, Virginia lpham6@gmu.edu Samuel Philip
More informationSmart Attacks require Smart Defence Moving Target Defence
Smart Attacks require Smart Defence Moving Target Defence Prof. Dr. Gabi Dreo Rodosek Executive Director of the Research Institute CODE 1 Virtual, Connected, Smart World Real World Billions of connected
More informationProbabilistic Performance Analysis of Moving Target and Deception Reconnaissance Defenses
Probabilistic Performance Analysis of Moving Target and Deception Reconnaissance Defenses Michael Crouse, Bryan Prosser and Errin W. Fulp WAKE FOREST U N I V E R S I T Y Department of Computer Science
More informationCyber Moving Targets. Yashar Dehkan Asl
Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target techniques, their threat models, and their technical details. Cyber moving target technique: Defend a system
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationAn Autonomic Framework for Integrating Security and Quality of Service Support in Databases
An Autonomic Framework for Integrating Security and Quality of Service Support in Databases Firas Alomari The Volgenau School of Engineering George Mason University Daniel A. Menasce Department of Computer
More informationSecure Mission-Centric Operations in Cloud Computing
Secure Mission-Centric Operations in Cloud Computing Massimiliano Albanese, Sushil Jajodia, Ravi Jhawar, Vincenzo Piuri George Mason University, USA Università degli Studi di Milano, Italy ARO Workshop
More informationAnalysis of Network Address Shuffling as a Moving Target Defense
Analysis of Network Address Shuffling as a Moving Target Defense Thomas E. Carroll Pacific Northwest National Laboratory Richland, Washington 99352 Email: Thomas.Carroll@pnl.gov Michael Crouse Computer
More informationMoving Target Techniques: Cyber Resilience through Randomization, Diversity, and Dynamism
Moving Target Techniques: Cyber Resilience through Randomization, Diversity, and Dynamism Hamed Okhravi and Howard Shrobe Overview: The static nature of computer systems makes them vulnerable to cyber
More informationVulnerabilities. To know your Enemy, you must become your Enemy. Information security: Vulnerabilities & attacks threats. difficult.
Vulnerabilities To know your Enemy, you must become your Enemy. "The Art of War", Sun Tzu André Zúquete Security 1 Information security: Vulnerabilities & attacks threats Discouragement measures difficult
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationSINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker
NH9000 Certified Ethical Hacker 104 Total Hours COURSE TITLE: Certified Ethical Hacker COURSE OVERVIEW: This class will immerse the student into an interactive environment where they will be shown how
More informationArchitecture-Based Self-Protecting Software Systems Adnan Alawneh CS 788
Architecture-Based Self-Protecting Software Systems Adnan Alawneh CS 788 Outline Introduction - What is the problem? - What is the solution? - Motivating Example - How ABSP addresses these challenges?
More informationCharacterizing the Power of Moving Target Defense via Cyber Epidemic Dynamics
Characterizing the Power of Moving Target Defense via Cyber Epidemic Dynamics Yujuan Han Wenlian Lu Shouhuai Xu Fudan U & UTSA Fudan U & U Warwick UTSA HotSoS 14 Moving Target Defense (MTD) MTD is believed
More information6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are
PROGRAM Objective Cyber Security is the most sought after domain, and NASSCOM projects a requirment of over 1 million trained professionals by 2025. Tevel training program is an industry & employability
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 9. Moving Target Defenser Instructor: Dr. Kun Sun Outline Introduction of Moving Target Defense How to defeat Buffer Overflow attacks? Address Space Layout Randomization
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationDDSS: Dynamic Dedicated Servers Scheduling for Multi Priority Level Classes in Cloud Computing
DDSS: Dynamic Dedicated Servers Scheduling for Multi Priority Level Classes in Cloud Computing Husnu Saner Narman Md. Shohrab Hossain Mohammed Atiquzzaman School of Computer Science University of Oklahoma,
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More informationCyber Defense & Network Assurance (CyberDNA) Center. Professor Ehab Al Shaer, Director of CyberDNA Center UNC Charlotte
Cyber Defense & Network Assurance (CyberDNA) Center Professor Ehab Al Shaer, Director of CyberDNA Center UNC Charlotte March 5, 2012 About CyberDNA Vision CyberDNA Center is to enable assurable and usable
More informationTowards Effective Cybersecurity for Modular, Open Architecture Satellite Systems
SSC16-IV-6 Towards Effective Cybersecurity for Modular, Open Architecture Satellite Systems Presented to: 30 th Annual AIAA/USU Conference on Small Satellites August 2016 Presented by: Geancarlo Palavicini
More informationTo Catch A Thief. Sam Curry Chief Technology Officer RSA, The Security Division of EMC
To Catch A Thief Sam Curry Chief Technology Officer RSA, The Security Division of EMC 2 Security is about Security isn t about security. It is about managing risk at some cost. In the absence of metrics,
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationBETTER Mobile Threat Defense (BMTD)
BETTER Mobile Threat Defense (BMTD) Powered by BETTER Mobile Security, Inc. Enterprise Challenges Today s enterprise IT managers are looking for better and more efficient ways to empower workforces utilizing
More informationMoving Target Techniques: Leveraging Uncertainty for Cyberdefense
Moving Target Techniques: Leveraging Uncertainty for Cyberdefense Hamed Okhravi, Kevin S. Bauer, and William W. Streilein Cyber moving target techniques involve randomizing cyber system components to reduce
More informationUniversity of Wisconsin-Stout Menomonie, WI
University of Wisconsin-Stout Menomonie, WI Applied Mathematics and Computer Science Program Diane Christie (Program Director) Terry Mason and Radi Teleb UW-Stout Menomonie, WI I-94 (~40 miles into Wisconsin)
More informationMaximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
More informationRiskSense Attack Surface Validation for Web Applications
RiskSense Attack Surface Validation for Web Applications 2018 RiskSense, Inc. Keeping Pace with Digital Business No Excuses for Not Finding Risk Exposure We needed a faster way of getting a risk assessment
More informationInformation Security Coding Rule Based on Neural Network and Greedy Algorithm and Application in Network Alarm Detection
2016 4 th International Conference on Advances in Social Science, Humanities, and Management (ASSHM 2016) ISBN: 978-1-60595-412-7 Information Security Coding Rule Based on Neural Network and Greedy Algorithm
More informationRiskSense Attack Surface Validation for IoT Systems
RiskSense Attack Surface Validation for IoT Systems 2018 RiskSense, Inc. Surfacing Double Exposure Risks Changing Times and Assessment Focus Our view of security assessments has changed. There is diminishing
More informationGENETIC ALGORITHM AND BAYESIAN ATTACK GRAPH FOR SECURITY RISK ANALYSIS AND MITIGATION P.PRAKASH 1 M.
GENETIC ALGORITHM AND BAYESIAN ATTACK GRAPH FOR SECURITY RISK ANALYSIS AND MITIGATION P.PRAKASH 1 M.SIVAKUMAR 2 1 Assistant Professor/ Dept. of CSE, Vidyaa Vikas College of Engineering and Technology,
More informationAdvanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More informationOutline. AIT 682: Network and Systems Security. Introduction of Moving Target Defense. How to defeat Buffer Overflow attacks?
AIT 682: Network and Systems Security Topic 10. Moving Target Defenser Instructor: Dr. Kun Sun Outline Introduction of Moving Target Defense How to defeat Buffer Overflow attacks? Address Space Layout
More informationOutline. Cyber Kill Chain. MTD Categories. Introduction of Moving Target Defense. How to defeat Buffer Overflow attacks?
Outline Introduction of Moving Target Defense AIT 682: Network and Systems Security Topic 10. Moving Target Defenser Instructor: Dr. Kun Sun How to defeat Buffer Overflow attacks? Address Space Layout
More informationVerification and Validation of X-Sim: A Trace-Based Simulator
http://www.cse.wustl.edu/~jain/cse567-06/ftp/xsim/index.html 1 of 11 Verification and Validation of X-Sim: A Trace-Based Simulator Saurabh Gayen, sg3@wustl.edu Abstract X-Sim is a trace-based simulator
More informationQueuing Networks Modeling Virtual Laboratory
Queuing Networks Modeling Virtual Laboratory Dr. S. Dharmaraja Department of Mathematics IIT Delhi http://web.iitd.ac.in/~dharmar Queues Notes 1 1 Outline Introduction Simple Queues Performance Measures
More informationSecurity: The Key to Affordable Unmanned Aircraft Systems
AN INTEL COMPANY Security: The Key to Affordable Unmanned Aircraft Systems By Alex Wilson, Director of Business Development, Aerospace and Defense WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY
More informationInternational Conference on Advances in Mechanical Engineering and Industrial Informatics (AMEII 2015)
International Conference on Advances in Mechanical Engineering and Industrial Informatics (AMEII 2015) A Cross Traffic Estimate Model for Optical Burst Switching Networks Yujue WANG 1, Dawei NIU 2, b,
More informationE ALLOCATION IN ATM BASED PRIVATE WAN
APPLICATION OF INT TEGRATED MODELING TECHNIQ QUE FOR DATA SERVICES E F. I. Onah 1, C. I Ani 2,, * Nigerian Journal of Technology (NIJOTECH) Vol. 33. No. 1. January 2014, pp. 72-77 Copyright Faculty of
More informationWorm Detection, Early Warning and Response Based on Local Victim Information
Worm Detection, Early Warning and Response Based on Local Victim Information Guofei Gu, Monirul Sharif, Xinzhou Qin, David Dagon, Wenke Lee, and George Riley Georgia Institute of Technology ACSAC'04 1
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationComputer Vision Group Prof. Daniel Cremers. 4. Probabilistic Graphical Models Directed Models
Prof. Daniel Cremers 4. Probabilistic Graphical Models Directed Models The Bayes Filter (Rep.) (Bayes) (Markov) (Tot. prob.) (Markov) (Markov) 2 Graphical Representation (Rep.) We can describe the overall
More informationThe Evolution of System-call Monitoring
The Evolution of System-call Monitoring Stephanie Forrest Steven Hofmeyr Anil Somayaji December, 2008 Outline of Talk A sense of self for Unix processes (Review) Emphasize method rather than results Evolutionary
More informationSecurity Solutions. Overview. Business Needs
Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.
More informationSoftware Vulnerabilities August 31, 2011 / CS261 Computer Security
Software Vulnerabilities August 31, 2011 / CS261 Computer Security Software Vulnerabilities...1 Review paper discussion...2 Trampolining...2 Heap smashing...2 malloc/free...2 Double freeing...4 Defenses...5
More informationThe Coral Project: Defending against Large-scale Attacks on the Internet. Chenxi Wang
1 The Coral Project: Defending against Large-scale Attacks on the Internet Chenxi Wang chenxi@cmu.edu http://www.ece.cmu.edu/coral.html The Motivation 2 Computer viruses and worms are a prevalent threat
More informationComputer Vision Group Prof. Daniel Cremers. 4. Probabilistic Graphical Models Directed Models
Prof. Daniel Cremers 4. Probabilistic Graphical Models Directed Models The Bayes Filter (Rep.) (Bayes) (Markov) (Tot. prob.) (Markov) (Markov) 2 Graphical Representation (Rep.) We can describe the overall
More informationIEEE Sec Dev Conference
IEEE Sec Dev Conference #23, Improving Attention to Security in Software Design with Analytics and Cognitive Techniques Jim Whitmore (former) IBM Distinguished Engineer Carlisle, PA jjwhitmore@ieee.org
More informationBUFFER STOCKS IN KANBAN CONTROLLED (TRADITIONAL) UNSATURATED MULTI-STAGE PRODUCTION SYSTEM
VOL. 3, NO., FEBRUARY 008 ISSN 89-6608 006-008 Asian Research Publishing Network (ARPN). All rights reserved. BUFFER STOCKS IN KANBAN CONTROLLED (TRADITIONAL) UNSATURATED MULTI-STAGE PRODUCTION SYSTEM
More informationHackveda Training - Ethical Hacking, Networking & Security
Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass
More informationComparing Different Moving Target Defense Techniques
Comparing Different Moving Target Defense Techniques Jun Xu Pennsylvania State University jxx13@ist.psu.edu Pinyao Guo Pennsylvania State University pug132@ist.psu.edu Robert F. Erbacher Minghui Zhu Army
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationProtect your apps and your customers against application layer attacks
Protect your apps and your customers against application layer attacks Development 1 IT Operations VULNERABILITY DETECTION Bots, hackers, and other bad actors will find and exploit vulnerabilities in web
More informationProbability-based catch levels: OFLs, ABCs, ACLs, & ACTs
Probability-based catch levels: OFLs, ABCs, ACLs, & ACTs AFSC Workshop May 2009 Kyle Shertzer, Mike Prager, Erik Williams NOAA-Beaufort, NC Outline Cliffs Notes review of probability-based approaches MSRA
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationDescriptions for CIS Classes (Fall 2017)
Descriptions for CIS Classes (Fall 2017) Major Core Courses 1. CIS 1015. INTRODUCTION TO COMPUTER INFORMATION SYSTEMS. (3-3-0). This course provides students an introductory overview to basic computer
More informationCSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
More informationMicrosoft SDL 한국마이크로소프트보안프로그램매니저김홍석부장. Security Development Lifecycle and Building Secure Applications
Release Conception Microsoft SDL Security Development Lifecycle and Building Secure Applications KRnet 2010 2010. 6. 22. 한국마이크로소프트보안프로그램매니저김홍석부장 Hongseok.Kim@microsoft.com Agenda Applications under Attack
More informationRanking Vulnerability for Web Application based on Severity Ratings Analysis
Ranking Vulnerability for Web Application based on Severity Ratings Analysis Nitish Kumar #1, Kumar Rajnish #2 Anil Kumar #3 1,2,3 Department of Computer Science & Engineering, Birla Institute of Technology,
More informationOn the Challenges of Effective Movement
On the Challenges of Effective Movement Thomas Hobson MIT Lincoln Laboratory 244 Wood St. Lexington, MA 02420 thomas.hobson@ll.mit.edu Robert Rudd MIT Lincoln Laboratory 244 Wood St. Lexington, MA 02420
More informationProduct Security Program
Product Security Program An overview of Carbon Black s Product Security Program and Practices Copyright 2016 Carbon Black, Inc. All rights reserved. Carbon Black is a registered trademark of Carbon Black,
More informationROBUST, quantitative measurement of cyber technology
Quantitative Evaluation of Moving Target Technology Paula J. Donovan, Jeffrey W. McLamb, Hamed Okhravi, James Riordan, Charles V. Wright ** Cyber Security and Information Sciences Division MIT Lincoln
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) Presented by Erland Jonsson Department of Computer Science and Engineering Intruders & Attacks Cyber criminals Activists State-sponsored organizations Advanced Persistent
More informationOn the Use of Performance Models in Autonomic Computing
On the Use of Performance Models in Autonomic Computing Daniel A. Menascé Department of Computer Science George Mason University 1 2012. D.A. Menasce. All Rights Reserved. 2 Motivation for AC main obstacle
More informationCombating Today s Cyber Threats Inside Look at McAfee s Security
Combating Today s Cyber Threats Inside Look at McAfee s Security Charles Ross, Director Sales Engineering Public Sector 2008 McAfee, Inc. Agenda Today s Threat Landscape McAfee s Security Challenges McAfee
More informationResource allocation for autonomic data centers using analytic performance models.
Bennani, Mohamed N., and Daniel A. Menasce. "Resource allocation for autonomic data centers using analytic performance models." Autonomic Computing, 2005. ICAC 2005. Proceedings. Second International Conference
More informationAgenda: Insurance Academy Event
Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security
More informationDeep instinct For MSSPs
Deep instinct For MSSPs Deep Instinct Solution Deep Instinct is the first and only Endpoint & Mobile Cybersecurity solution that is based on a proprietary deep learning framework that was specifically
More informationA Hybrid Intrusion Detection System Of Cluster Based Wireless Sensor Networks
A Hybrid Intrusion Detection System Of Cluster Based Wireless Sensor Networks An efficient intrusion detection framework in cluster-based wireless sensor networks Paper: A lightweight hybrid security framework
More informationOur Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II
Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Yes: Creating a secure channel for communication (Part I) Protecting
More informationMaster of Cyber Security, Strategy and Risk Management. CECS PG Information Session April 17, 2018
Master of Cyber Security, Strategy and Risk Management CECS PG Information Session April 17, 2018 2 Program Purpose Provide a working understanding of information, network and software security, across
More informationDetermining the Fundamental Basis of Software Vulnerabilities. Larry Wagoner NSA
Determining the Fundamental Basis of Software Vulnerabilities Larry Wagoner NSA Agenda Background Analogous background Matt Bishop work CWEs Tool reporting of CWEs KDM Analytics Determining the fundamental
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationApprenticeship Learning for Reinforcement Learning. with application to RC helicopter flight Ritwik Anand, Nick Haliday, Audrey Huang
Apprenticeship Learning for Reinforcement Learning with application to RC helicopter flight Ritwik Anand, Nick Haliday, Audrey Huang Table of Contents Introduction Theory Autonomous helicopter control
More informationDetecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017
Feeling lucky? Detecting breach There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017 Industry average is 100 days to detect a breach,
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationQueuing Systems. 1 Lecturer: Hawraa Sh. Modeling & Simulation- Lecture -4-21/10/2012
Queuing Systems Queuing theory establishes a powerful tool in modeling and performance analysis of many complex systems, such as computer networks, telecommunication systems, call centers, manufacturing
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationRubicon: Scalable Bounded Verification of Web Applications
Joseph P. Near Research Statement My research focuses on developing domain-specific static analyses to improve software security and reliability. In contrast to existing approaches, my techniques leverage
More informationEnergy-Efficient Security Threshold Determination Method for the Enhancement of Interleaved Hop-By-Hop Authentication
Vol. 9, No. 12, 218 Energy-Efficient Security Threshold Determination Method for the Enhancement of Interleaved Hop-By-Hop Authentication Ye Lim Kang 1, Tae Ho Cho *2 Department of Electrical and Computer
More informationCoreMax Consulting s Cyber Security Roadmap
CoreMax Consulting s Cyber Security Roadmap What is a Cyber Security Roadmap? The CoreMax consulting cyber security unit has created a simple process to access the unique needs of each client and allows
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationData Mining. Jeff M. Phillips. January 8, 2014
Data Mining Jeff M. Phillips January 8, 2014 Data Mining What is Data Mining? Finding structure in data? Machine learning on large data? Unsupervised learning? Large scale computational statistics? Data
More informationAttack Vectors in Computer Security
Attack Vectors in Computer Security Who Am I @WillGoard My first proper hacksoc talk I speak fluent greek Sell more pizzas have more fun Why attack vectors? Didn t know what to do for my dissertation Started
More informationPieter Wigleven Windows Technical Specialist
Pieter Wigleven Windows Technical Specialist HOW DO BREACHES OCCUR? Malware and vulnerabilities are not the only thing to worry about 46% of compromised systems had no malware on them 99.9% of exploited
More informationFAULT TOLERANT SYSTEMS
FAULT TOLERANT SYSTEMS http://www.ecs.umass.edu/ece/koren/faulttolerantsystems Part 14 - Software Fault Tolerance I Chapter 4 Software Fault Tolerance Part.14.1 Causes of Software Errors Designing and
More informationIntroducing Cyber Resiliency Concerns Into Engineering Education
Introducing Cyber Resiliency Concerns Into Engineering Education Mr. Tom McDermott Georgia Tech Research Institute Mr. Barry Horowitz University of Virginia NDIA 20 th Annual Systems Engineering Conference
More informationIntroduction to Queuing Systems
Introduction to Queuing Systems Queuing Theory View network as collections of queues FIFO data-structures Queuing theory provides probabilistic analysis of these queues Examples: Average length Probability
More informationLA RELEVANCIA DEL ANALISIS POST- BRECHA
LA RELEVANCIA DEL ANALISIS POST- BRECHA Hillstone Networks Diego Amauri Orjuela Santamaria Director General ART2SEC 1 www. Data Breaches 2 $3.79M average cost of a data breach in 2015 23% increase since
More informationOutline. Application examples
Outline Application examples Google page rank algorithm Aloha protocol Virtual circuit with window flow control Store-and-Forward packet-switched network Interactive system with infinite servers 1 Example1:
More informationCS Introduction to Data Mining Instructor: Abdullah Mueen
CS 591.03 Introduction to Data Mining Instructor: Abdullah Mueen LECTURE 8: ADVANCED CLUSTERING (FUZZY AND CO -CLUSTERING) Review: Basic Cluster Analysis Methods (Chap. 10) Cluster Analysis: Basic Concepts
More information