Cybersecurity: defending our digital future - PowerPoint PPT Presentation

View by Category
About This Presentation

Cybersecurity: defending our digital future


Talkthrough. Background. the White House Cyberspace Policy Review. Emerging network technologies . Wireless, ubiquitous . Cloud applications, intelligent networks – PowerPoint PPT presentation

Number of Views:163
Avg rating:3.0/5.0
Slides: 40
Provided by: csFsuEdu7
Learn more at:


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Cybersecurity: defending our digital future

Cybersecurity defending our digital future
  • Mike Burmester
  • Center for Security and Assurance in IT,
    Florida State University,3rd Annual TechExpo,
    Tallahassee May 6th 2010

  • Background
  • the White House Cyberspace Policy Review
  • Emerging network technologies
  • Wireless, ubiquitous
  • Cloud applications, intelligent networks
  • What next!
  • The adversary
  • We are behind the learning curve the hackers
    are ahead
  • Security threats
  • How can we defend our digital future?
  • Near-term and midterm plans
  • Methodology
  • Technical aspects, technical analysis

  • In Feb 2009 the President directed a 60-day
    clean-slate review to assess U.S. policies and
    structures for cybersecurity.
  • In March 2009 the Cyberspace Policy Review was
  • The Cybersecurity Review recommends general
    guidelines, regarding the
  • Strategy
  • Policy, and
  • Standards
  • for securing operations in cyberspace.

our approach over the past 15 years has failed
to keep pace with the threat.
  • What is Cyberspace?
  • . . . the interdependent network of information
    technology infrastructures, including
  • the Internet
  • Telecommunications networks
  • Computer systems
  • Embedded processors and
  • Controllers in critical industries
  • Common usage of the term also refers to the
  • Virtual environment of information and
    interactions between people

  • What is Cyberspace? ---a historical perspective
  • 1985 a system of mainframe computers (NSFNET)
  • 1990 the Internet and Web applications
  • 2000 Wireless networks
  • 2008 Cloud applications
  • 20?? The Internet of Things
  • 20?? Virtual life?
  • How can we secure a structure that keeps morphing?

Emerging Network Technologiesthe wireless
medium, at the beginning . . .
  • Wireless technology offers unparalleled
  • Some time ago
  • Telegraph
  • Radio communication
  • Amateur radio
  • TV

Emerging Network Technologiesthe wireless
medium, more recently
  • Wireless technology offers unparalleled
  • Wireless technology
  • Cellular systems
    (3G and beyond)

Emerging Network TechnologiesBluetooth, Wi-Fi,
sensors, RFIDs
  • Short range point-to-point
  • Bluetooth
    Personal Area networks
  • Wi-Fi technologies
  • Wireless sensor networks
  • RFID (Radio Frequency Identification) systems

Emerging Network TechnologiesSensor networks
  • Factory floor automation
  • Boarder fencing
  • Military applications

RFID deployments
  • A RFID road pricing gantry
  • in Singapore an RFID tag
  • RFIDs tags used in libraries
  • Airports checking luggage
  • U.S. (electronic) passports

Wireless technologies
  • Long range point-to-point
  • WiMAX technologies

Wireless technologieswith no infrastructure
  • Mobile ad hoc networks
  • (MANETs)
  • Disaster recovery

Vehicle-to-Vehicle communication
  • VANETs

Ubiquitous networks
  • Network all applications ! The Internet of Things

What next !
  • Cloud applications ???
  • Delegate applications
  • Start with the Internet cloud
  • Delegate applications to the cloud

. . . and next! Emerging technologies
  • Robotics
  • Nanotechnology
  • molecular self-assembly
  • developing new materials
  • Biotechnology
  • Analyzing the myriad simultaneous cellular
  • Living systems can be regarded as communication
    systems they transmit the genome of the organism
    by replication/transcription and translation.

Beyond next !
  • Intelligent Networking ???

Beyond . . . the beyond
  • Virtual Networking and Environments
  • Current Definition (academic)
  • A technology used to control remotely located
    computers and applications over the Internet
  • White House Policy Review definition of
  • A virtual environment of information and
    interactions between people
  • Cyberspace the digital network
  • cloud
  • virtual
    network technology
  • emerging
  • intelligent

Now, the bad . . .
The adversary (the hackers)
The adversary Portrait of a Computer Criminal
  • Amateurs
  • Normal people, maybe disgruntled over some
    negative work situation
  • Have committed most of computer crimes to date
  • Crackers or Hackers
  • Often high school/university students cracking
    is seen as the ultimate victimless crime
  • Attack for curiosity, self-satisfaction and
    personal gain
  • Career criminals
  • Understand the targets of computer crime
  • Usually begin as computer professionals who later
    engage in computer crime finding the prospects
    and payoff good.
  • Electronic spies and information brokers who
    recognize that trading in companies secrets can
    be lucrative

The adversary It is worse !
  • A simple Google search
  • key words Chinese, threat, cyberspace
  • MI5 alert on Chinas cyberspace spy threat (Times
    Online) Dec 1, 2007 . . . The Government has
    openly accused China of carrying out
    state-sponsored espionage against vital parts of
    Britain's economy, including . . .
  • U.S. military flags China cyber threat
  • 2008-03-06 . . . The U.S. DoD warned in an
    annual report released this week that China
    continues to develop its abilities to wage war in
    cyberspace as part of a doctrine of "non-contact"

The adversary . . . much worse !
  • key words France, threat, cyberspace
  • NATO chief calls attention to threats from
  • Mar 4, 2010 . . . NATO is facing new threats in
    cyberspace that cannot be met by lining up
    soldiers and tanks, the alliance's
    secretary-general said Thursday in an apparent
    reference to terror groups and criminal networks
  • key words International, threat, cyberspace
  • Threat of next world war may be in cyberspace
  • Oct 6, 2009 . . . The next world war could
    happen in cyberspace and that would be a
    catastrophe. We have to make sure that all
    countries understand that in that war . . .

The adversary New technologies can be abused
  • Are we prepared for intelligent networks ?
  • Who will manage them ?
  • Do we want
  • Centralized, or
  • Decentralized management
  • Who will protect our resources ?
  • What are the threats ?

Security Threats
  • Confidentiality
  • Eavesdropping (wiretapping)
  • Privacy
  • Anonymity (Big Brother)
  • Integrity
  • Data integrity protection against unauthorized
    modifications, data corruption, deletion . . .
  • Source or destination integrity protections
    against spoofing attacks, man-in-the middle
  • Availability
  • Coverage deployment
  • Information data accuracy traffic control
  • Dependable data transport what about
    transmission/ omission /congestion errors?
  • What about malicious faults ?

The Internet is hackers paradise
  • Security Threats Perceived or Real
  • Impersonation Attacks
  • Denial of Service Attacks
  • Session Tampering and Highjacking
  • Man-in-the-Middle Attacks

Can we protect Digital resources ?
  • There are some very good cryptographic tools that
    can be used to protect digital resources
  • Many of these tools have proven security
  • The problem is usually bad implementations
  • The best cryptographic security is point-to-point
    security (such as VPN)
  • The source destination
  • are mutually authenticated (with public key
  • exchange privately a fresh secret key (with
    public key cryptography)
  • use symmetric key encryption scheme to encrypt
    exchanged data

    (with symmetric key cryptography)

Can wireless technology be made secure ?
  • Point-to-point security
  • Authentication usually involves certificates (a
    trusted third party certifies the public key of
    the entities) and a cryptographic handshake
  • WIMAX uses the Extensible Authentication Protocol
    for this purpose
  • For encryption it uses block ciphers such as DES3
    or AES
  • This offers protection at the protocol layer
  • There are still problems at the physical layer,
    such as jamming attacks (Denial-of-Service), or
    flooding attacks
  • Security vs. functionality tradeoff
  • Rule of thumb the more security the less
  • Holistic security

Cybersecurity Policy ReviewNear-Term Plan
  • Appoint cybersecurity coordinator
  • Prepare a national strategy
  • Designate cyberscurity as a priority . . .
  • Designate a privacy/civil liberties official
  • Formulate coherent unified policy guidance that
    clarifies roles, responsibilities . . . for
    cybersecurity activities across the Federal
  • Initiate a public awareness and education
    campaign to promote cybersecurity

Cybersecurity Policy Review Near-Term Plan
  • Develop government positions for an international
    cybersecurity policy framework
  • Prepare a cybersecurity incident response plan
  • Develop a framework for RD strategies that
    focuses on game-changing technologies . . . to
    enhance the security, reliability, resilience,
    and trustworthiness . . .
  • Build a cybersecurity-based identity management
    vision and strategy that addresses privacy and
    civil liberties interests . . .

Cybersecurity Policy Review Midterm-Plan (14
  • Support key education programs and RD research
    to ensure the Nations continued ability to
    compete in the information age economy
  • Expand and train the workforce, including
    attracting and retaining cybersecurity expertise
    in the Federal government.
  • Develop solutions for emergency communications
    capabilities during a time of natural disaster,
    crisis, or conflict . . .
  • Encourage collaboration between academic and
    industrial laboratories to develop migration
    paths and incentives for the rapid adoption of
    research and technology innovations

Are we willing to pay the price ?. . . . . . . .

we may have to . . .
whether we like it or not . . .
Methodology for Security
  • Resiliency
  • Against physical damage, unauthorized
    manipulation, and electronic assault. In addition
    to protection of the information itself,
  • A risk mitigation strategy with focus on devices
    used to access the infrastructure, the services
    provided by the infrastructure, the means of
    moving storing and processing information
  • A strategy for prevention, mitigation and
    response against threats
  • Encouraging innovation
  • Harness the benefits of innovation
  • Not create policy and regulation that inhibits
  • Maintain National Security/Emergency Preparedness

White House Cybersecurity PlanRSA 03/2010
  • The Comprehensive National Security Initiative
    (12 items)
  • Manage the Federal Enterprise Network as a single
    network enterprise with Trusted Internet
  • Deploy an intrusion detection system of sensors
    across the Federal enterprise
  • Deploy intrusion prevention systems across the
    Federal enterprise
  • Coordinate and redirect RD efforts
  • Connect current cyber ops centers to enhance
    situational awareness
  • Develop a government-wide cyber counter
    intelligence plan

White House Cybersecurity Plan Revealed at RSA
  • The Comprehensive National Security Initiative
    (12 items)
  • Increase the security of our classified networks
  • Expand cyber education
  • Define and develop enduring "leap-ahead"
    technology, strategies, and programs
  • Develop enduring deterrence strategies and
  • Develop a multi-pronged approach for global
    supply chain risk management
  • Define the Federal role for extending
    cybersecurity into critical infrastructure domains

Cybersecurity PlanTechnical aspects
  • Deploy an ID system of sensors across the Federal
  • Einstein 2 capability Signature-based sensors
    that analyze network flow information to identify
    potential malicious activity while conducting
    automatic full packet inspection of traffic
    entering or exiting U.S. Government networks for
    malicious activity
  • Deploy IP systems across the Federal enterprise
  • Einstein 3 capability Real-time full packet
    inspection and threat-based decision-making on
    network traffic entering or leaving these
    Executive Branch networks
  • Identify and characterize malicious network
    traffic to enhance cybersecurity analysis,
    situational awareness and security response
  • Automatically detect and respond appropriately to
    cyber threats before harm is done, providing an
    intrusion prevention system supporting dynamic

Cybersecurity PlanTechnical analysis
  • Einstein 2 capability Signature-based sensors
    will only detect copycat attacks one-off
    attacks will not be checked
  • Einstein 3 capability will not detect
    unpredictable attacks that mimic normal behavior
  • Threat-based decision-making on network traffic
    however may deal with the consequences of such
  • Markovian profiling is a good approach for
    threat based decision making

The most important technical point in this review
is the realization that one cannot achieve
cybersecurity solely by protecting individual
components there is no way to determine what
happens when NIAP-reviewed products are all
combined into a composite IT system. Quite
right, and too little appreciated security is a
systems property, and in fact, part of the entire
design-and-build processSteven M Bellovin
  • Holistic Security

. . . the Universal-Composability Framework may
ultimately prove to be just a first step toward a
complete solutionJoan Feigenbaum
. . . the main feature of the UC Framework is
that the security of a composite system can
derived from the security of its components
without need for holistic reassessment Mike
Thanks for listening!
.Raise your hands if you have any questions