SlideShare a Scribd company logo

DARPA: Cyber Analytical Framework (Kaufman)

Michael Scovetta
Michael Scovetta

Presentation from the Colloquium on Future Directions in Cyber Security on Nov 7, 2011.

Technology
1 of 23
Download to read offline
Dan Kaufman Director, Information Innovation Office An analytical framework for cyber security Approved for Public Release, Distribution Unlimited.
An analytical framework for cyber security November 2011 Approved for Public Release, Distribution Unlimited
What we hear. Approved for Public Release, Distribution Unlimited.
Attackers penetrate the architecture easily… Goal Hijacked • Demonstrate web page asymmetric ease of exploitation of DoD computer versus efforts to defend. Infected .pdf document Result • Multiple remote compromises of fully security compliant and patched HBSS‡ computer within days: • 2 remote accesses. • 25+ local privilege HBSS Workstation escalations. Penetration Demonstration • Undetected by host defenses. Total Effort: 2 people, 3 days, $18K HBSS Costs: Millions of dollars a year for software and licenses alone (not including man hours) ‡ = Host Based Security System (HBSS) Approved for Public Release, Distribution Unlimited
Users are the weak link… Approved for Public Release, Distribution Unlimited
The supply chain is potentially compromised… Approximately 3500 ICs. • 200 unique chip types. • 208 field programmable gate arrays (FPGAs). • 64 FPGA and 9 ASIC types across 12 subsystems. 78% of FPGAs and 66% of ASICs manufactured in China and Taiwan. FPGA ASIC JSF FPGA & ASIC Usage Manufacture Location Manufacture Location FPGA Asia Asia Europe USA Europe USA Approved for Public Release, Distribution Unlimited.
Our physical systems are vulnerable to cyber attacks… Chinese cyber attack: “Highly sophisticated and targeted attack” on Google corporate infrastructure (known as Aurora) Small group of academics took control of a car using Bluetooth and OnStar. They were able to disable the brakes, control the accelerator, and turn on the interior microphone.[1] False speedometer reading [1] K. Koscher, et al. "Experimental Security Analysis of a Modern Automobile," in Proceedings of Note that the car is in park… the IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010. Approved for Public Release, Distribution Unlimited
We are doing a lot, but we are losing ground… Approved for Public Release, Distribution Unlimited
Ground truth… 45,000 40,000 35,000 30,000 10.0 Cyber Incidents Reported to 25,000 8.0 US-CERT [1] Federal Defensive by Federal 20,000 Cyber Spending [2] agencies 6.0 ($B) 15,000 4.0 10,000 2.0 5,000 0 0.0 2006 2007 2008 2009 2010 Federal Cyber Incidents and Defensive Cyber Spending fiscal years 2006 – 2010 [1] GAO analysis of US-CERT data. GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements [2] INPUT reports 2006 – 2010 Approved for Public Release, Distribution Unlimited.
Why? Approved for Public Release, Distribution Unlimited
We are divergent with the threat… x Unified Threat 10,000,000 Management 8,000,000 Lines of Code Security software 6,000,000 4,000,000 x Network Flight 2,000,000 Recorder Milky Way Malware: DEC Seal Stalker x Snort 125 lines of code* x x x 0 1985 1990 1995 2000 2005 2010 * Public sources of malware averaged over 9,000 samples (collection of exploits, worms, botnets, viruses, DoS tools) Approved for Public Release, Distribution Unlimited
User patterns are exploitable… A recent Defcon contest challenged participants to crack 53,000 passwords. In 48 hours, the winning team had 38,000. # Passwords Profile for the winning team, Team Hashcat Time Approved for Public Release, Distribution Unlimited
Additional security layers often create vulnerabilities… October 2010 vulnerability watchlist Vulnerability Title Fix Avail? Date Added XXXXXXXXXXXX XXXXXXXXXXXX Local Privilege Escalation Vulnerability No 8/25/2010 XXXXXXXXXXXX XXXXXXXXXXXX Denial of Service Vulnerability Yes 8/24/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 8/20/2010 XXXXXXXXXXXX XXXXXXXXXXXX Sanitization Bypass Weakness No 8/18/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security Bypass Vulnerability No 8/17/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities Yes 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Use-After-Free Memory Corruption Vulnerability No 8/12/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Buffer Overflow Vulnerabilities No 6 of the 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Stack Buffer Overflow Vulnerability Yes vulnerabilities 8/09/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security-Bypass Vulnerability No 8/06/2010 in security are XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities No software 8/05/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 7/29/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Privilege Escalation Vulnerability No 7/28/2010 XXXXXXXXXXXX XXXXXXXXXXXX Cross Site Request Forgery Vulnerability No 7/26/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Denial Of Service Vulnerabilities No 7/22/2010 Color Code Key: Vendor Replied – Fix in development Awaiting Vendor Reply/Confirmation Awaiting CC/S/A use validation Approved for Public Release, Distribution Unlimited
These layers increase the attack surface… Constant surface area available to attack Regardless of the application size, DLLs: run-time environment the system loads = more commonality the same number of support For every 1,000 lines functions. of code, 1 to 5 bugs are introduced. Application specific functions Approved for Public Release, Distribution Unlimited
We amplify the effect by mandating uniform architectures Approved for Public Release, Distribution Unlimited
The US approach to cyber security is dominated by a strategy that layers security on to a uniform architecture. We do this to create tactical breathing space, but it is not convergent with an evolving threat. Approved for Public Release, Distribution Unlimited
Technology is not the only culprit… nor the only answer. Approved for Public Release, Distribution Unlimited
Economics matter… There are multiple choices for addressing the supply chain vulnerability: • Resort to manufacturing all chips in trusted foundries. This is not feasible or sustainable. • Screen all chips in systems critical to National Security or our economic base. Despite recent advances in screening technology, this is not feasible, affordable, or sustainable at the scales required. • 3,500 IC’s on the F-35 • Single FPGA = 400 million transistors • Modern chips = 2.5 billion transistors Selective screening coupled with diplomatic sanctions may create new solutions that are both feasible and sustainable. Approved for Public Release, Distribution Unlimited
Business incentives matter… Understanding them in the context of ‘game theory’ reveals the problem. Bot Herder strategy example: Traditional Bot Herder C2 Botnet Bot Herder Return Antivirus Antivirus Cost Cost Return Strategy 1: Short Long “Storm” XOR‡ branch Solution exists: Botnet weekly patch, kills branch Small High High Low High New P2P Botnet Solution needed: Small High 0 High Low high cost solution, Strategy 2: kills tree AES* branch Root Tree Branch The security layering strategy and antitrust has created cross incentives that contribute to divergence. ‡ = “exclusive or” logical operation * = Advanced Encryption Standard Approved for Public Release, Distribution Unlimited
Layering and uniformity have created unintended consequences… we are in need of new choices… Examples: Unintended Belief Approach Example consequence Defense in depth Uniform, layered Host Based Security Larger attack surface network defense System introduces more areas of exploitability for attackers… Homogeneous targets that amplify effects… Users are best line of Operator hygiene 15 character password Users take short cuts defense and become enemy assets… The interplay of technology, Antitrust law Competition and Cross incentives that policy, incentives will favor rulings, use of independence in undermine security better security. COTS security software and COTS We need new choices that create: Users as the best line of defense without impeding operations. Layered defense without increasing surface area for attack. Heterogeneous systems that are inherently manageable. Approved for Public Release, Distribution Unlimited
We missed it too… Approved for Public Release, Distribution Unlimited
…let’s fix it. Approved for Public Release, Distribution Unlimited
#DARPACyber

Recommended

Lung Cancer Detection Using Convolutional Neural Network
Lung Cancer Detection Using Convolutional Neural NetworkLung Cancer Detection Using Convolutional Neural Network
Lung Cancer Detection Using Convolutional Neural NetworkIRJET Journal
 
Introduction to multiple object tracking
Introduction to multiple object trackingIntroduction to multiple object tracking
Introduction to multiple object trackingFan Yang
 
Presentation3.pdf
Presentation3.pdfPresentation3.pdf
Presentation3.pdfsanjaysriram9
 
Detection of Fake Accounts in Instagram Using Machine Learning
Detection of Fake Accounts in Instagram Using Machine LearningDetection of Fake Accounts in Instagram Using Machine Learning
Detection of Fake Accounts in Instagram Using Machine LearningAIRCC Publishing Corporation
 
Social Cloud: Cloud Computing in Social Networks
Social Cloud: Cloud Computing in Social NetworksSocial Cloud: Cloud Computing in Social Networks
Social Cloud: Cloud Computing in Social NetworksSimon Caton
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
Cloud computing using Eucalyptus
Cloud computing using EucalyptusCloud computing using Eucalyptus
Cloud computing using EucalyptusAbhishek Dey
 
Clique
Clique Clique
Clique sk_klms
 

Recommended

Lung Cancer Detection Using Convolutional Neural Network
Lung Cancer Detection Using Convolutional Neural NetworkLung Cancer Detection Using Convolutional Neural Network
Lung Cancer Detection Using Convolutional Neural NetworkIRJET Journal
 
Introduction to multiple object tracking
Introduction to multiple object trackingIntroduction to multiple object tracking
Introduction to multiple object trackingFan Yang
 
Presentation3.pdf
Presentation3.pdfPresentation3.pdf
Presentation3.pdfsanjaysriram9
 
Detection of Fake Accounts in Instagram Using Machine Learning
Detection of Fake Accounts in Instagram Using Machine LearningDetection of Fake Accounts in Instagram Using Machine Learning
Detection of Fake Accounts in Instagram Using Machine LearningAIRCC Publishing Corporation
 
Social Cloud: Cloud Computing in Social Networks
Social Cloud: Cloud Computing in Social NetworksSocial Cloud: Cloud Computing in Social Networks
Social Cloud: Cloud Computing in Social NetworksSimon Caton
 
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfCYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdf
CYBERBULLYING DETECTION USING MACHINE LEARNING-1 (1).pdfKumbidiGaming
 
Cloud computing using Eucalyptus
Cloud computing using EucalyptusCloud computing using Eucalyptus
Cloud computing using EucalyptusAbhishek Dey
 
Clique
Clique Clique
Clique sk_klms
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Distributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions ManualDistributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions Manualkyxeminut
 
1.6.data preprocessing
1.6.data preprocessing1.6.data preprocessing
1.6.data preprocessingKrish_ver2
 
Designing Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas StudyDesigning Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas StudyMeysam Javadi
 
8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computingMajid Hajibaba
 
Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...Nadeer Abu Jraerr
 
Clique and sting
Clique and stingClique and sting
Clique and stingSubramanyam Natarajan
 
Complex networks - Assortativity
Complex networks - AssortativityComplex networks - Assortativity
Complex networks - AssortativityJaqueline Passos do Nascimento
 
A review of machine learning based anomaly detection
A review of machine learning based anomaly detectionA review of machine learning based anomaly detection
A review of machine learning based anomaly detectionMohamed Elfadly
 
Week 3 lecture material cc
Week 3 lecture material ccWeek 3 lecture material cc
Week 3 lecture material ccAnkit Gupta
 
Data cleaning-outlier-detection
Data cleaning-outlier-detectionData cleaning-outlier-detection
Data cleaning-outlier-detectionChathurangi Shyalika
 
Apriori algorithm
Apriori algorithm Apriori algorithm
Apriori algorithm DHIVYADEVAKI
 
5.2 mining time series data
5.2 mining time series data5.2 mining time series data
5.2 mining time series dataKrish_ver2
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computingGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Temporal data mining
Temporal data miningTemporal data mining
Temporal data miningReachLocal Services India
 
High Dimensional Data Visualization
High Dimensional Data VisualizationHigh Dimensional Data Visualization
High Dimensional Data VisualizationFabian Keller
 
Cloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceCloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceANUSUYA T K
 
2.3 bayesian classification
2.3 bayesian classification2.3 bayesian classification
2.3 bayesian classificationKrish_ver2
 
DARPA FALCON PROJECT
DARPA FALCON PROJECTDARPA FALCON PROJECT
DARPA FALCON PROJECTAbhijith C
 
The design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocolsThe design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocolsYansi Keim
 

More Related Content

What's hot

Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Distributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions ManualDistributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions Manualkyxeminut
 
1.6.data preprocessing
1.6.data preprocessing1.6.data preprocessing
1.6.data preprocessingKrish_ver2
 
Designing Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas StudyDesigning Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas StudyMeysam Javadi
 
8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computingMajid Hajibaba
 
Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...Nadeer Abu Jraerr
 
A review of machine learning based anomaly detection
A review of machine learning based anomaly detectionA review of machine learning based anomaly detection
A review of machine learning based anomaly detectionMohamed Elfadly
 
Week 3 lecture material cc
Week 3 lecture material ccWeek 3 lecture material cc
Week 3 lecture material ccAnkit Gupta
 
Apriori algorithm
Apriori algorithm Apriori algorithm
Apriori algorithm DHIVYADEVAKI
 
5.2 mining time series data
5.2 mining time series data5.2 mining time series data
5.2 mining time series dataKrish_ver2
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
High Dimensional Data Visualization
High Dimensional Data VisualizationHigh Dimensional Data Visualization
High Dimensional Data VisualizationFabian Keller
 
Cloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceCloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceANUSUYA T K
 
2.3 bayesian classification
2.3 bayesian classification2.3 bayesian classification
2.3 bayesian classificationKrish_ver2
 

What's hot (20)

Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
Distributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions ManualDistributed and Cloud Computing 1st Edition Hwang Solutions Manual
Distributed and Cloud Computing 1st Edition Hwang Solutions Manual
 
1.6.data preprocessing
1.6.data preprocessing1.6.data preprocessing
1.6.data preprocessing
 
Designing Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas StudyDesigning Distributed Systems: Google Cas Study
Designing Distributed Systems: Google Cas Study
 
8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing8 secure distributed data storage in cloud computing
8 secure distributed data storage in cloud computing
 
Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...Iris segmentation analysis using integro differential operator and hough tran...
Iris segmentation analysis using integro differential operator and hough tran...
 
Clique and sting
Clique and stingClique and sting
Clique and sting
 
Complex networks - Assortativity
Complex networks - AssortativityComplex networks - Assortativity
Complex networks - Assortativity
 
A review of machine learning based anomaly detection
A review of machine learning based anomaly detectionA review of machine learning based anomaly detection
A review of machine learning based anomaly detection
 
Week 3 lecture material cc
Week 3 lecture material ccWeek 3 lecture material cc
Week 3 lecture material cc
 
Data cleaning-outlier-detection
Data cleaning-outlier-detectionData cleaning-outlier-detection
Data cleaning-outlier-detection
 
Apriori algorithm
Apriori algorithm Apriori algorithm
Apriori algorithm
 
5.2 mining time series data
5.2 mining time series data5.2 mining time series data
5.2 mining time series data
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computing
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Temporal data mining
Temporal data miningTemporal data mining
Temporal data mining
 
High Dimensional Data Visualization
High Dimensional Data VisualizationHigh Dimensional Data Visualization
High Dimensional Data Visualization
 
Cloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a serviceCloud Computing Environment using Cluster as a service
Cloud Computing Environment using Cluster as a service
 
2.3 bayesian classification
2.3 bayesian classification2.3 bayesian classification
2.3 bayesian classification
 

Viewers also liked

DARPA FALCON PROJECT
DARPA FALCON PROJECTDARPA FALCON PROJECT
DARPA FALCON PROJECTAbhijith C
 
The design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocolsThe design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocolsYansi Keim
 
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...Beyond The Euclidean Distance: Creating effective visual codebooks using the ...
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...Shao-Chuan Wang
 
Proposal program kreativitas mahasiswa- Penelitian
Proposal program kreativitas mahasiswa- PenelitianProposal program kreativitas mahasiswa- Penelitian
Proposal program kreativitas mahasiswa- PenelitianRenny Lidya
 
Plus Eight Star Web20 Orange Labs
Plus Eight Star Web20 Orange LabsPlus Eight Star Web20 Orange Labs
Plus Eight Star Web20 Orange LabsBenjamin Joffe
 
Thi cong coc khoan nhoi va coc barret pgs.ts le kieu
Thi cong coc khoan nhoi va coc barret pgs.ts le kieuThi cong coc khoan nhoi va coc barret pgs.ts le kieu
Thi cong coc khoan nhoi va coc barret pgs.ts le kieuĐỗ Quang Định
 
By Phasse - Catalogue-ing
By Phasse - Catalogue-ingBy Phasse - Catalogue-ing
By Phasse - Catalogue-ingKent Phan
 
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...ecommerce poland expo
 
Ciclo basico diurno vigencia 2009 scp
Ciclo basico diurno vigencia 2009 scpCiclo basico diurno vigencia 2009 scp
Ciclo basico diurno vigencia 2009 scpRuth Santana
 
‘Poder influência’, adverte o procurador
‘Poder influência’, adverte o procurador‘Poder influência’, adverte o procurador
‘Poder influência’, adverte o procuradorRadar News
 
44 tushaal
44 tushaal44 tushaal
44 tushaalrtumur
 
HugeTable:Application-Oriented Structure Data Storage System
HugeTable:Application-Oriented Structure Data Storage SystemHugeTable:Application-Oriented Structure Data Storage System
HugeTable:Application-Oriented Structure Data Storage Systemqlw5
 
Learning organization may2010
Learning organization may2010Learning organization may2010
Learning organization may2010Michael Jones
 
im watcing you
im watcing youim watcing you
im watcing youpisha
 
China's Younger Architects 2014
China's Younger Architects 2014China's Younger Architects 2014
China's Younger Architects 2014Joe Carter
 

Viewers also liked (19)

DARPA FALCON PROJECT
DARPA FALCON PROJECTDARPA FALCON PROJECT
DARPA FALCON PROJECT
 
The design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocolsThe design philosophy of DARPA internet protocols
The design philosophy of DARPA internet protocols
 
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...Beyond The Euclidean Distance: Creating effective visual codebooks using the ...
Beyond The Euclidean Distance: Creating effective visual codebooks using the ...
 
Jst part1
Jst part1Jst part1
Jst part1
 
Proposal program kreativitas mahasiswa- Penelitian
Proposal program kreativitas mahasiswa- PenelitianProposal program kreativitas mahasiswa- Penelitian
Proposal program kreativitas mahasiswa- Penelitian
 
Plus Eight Star Web20 Orange Labs
Plus Eight Star Web20 Orange LabsPlus Eight Star Web20 Orange Labs
Plus Eight Star Web20 Orange Labs
 
Thi cong coc khoan nhoi va coc barret pgs.ts le kieu
Thi cong coc khoan nhoi va coc barret pgs.ts le kieuThi cong coc khoan nhoi va coc barret pgs.ts le kieu
Thi cong coc khoan nhoi va coc barret pgs.ts le kieu
 
sdfghjk
sdfghjksdfghjk
sdfghjk
 
By Phasse - Catalogue-ing
By Phasse - Catalogue-ingBy Phasse - Catalogue-ing
By Phasse - Catalogue-ing
 
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...
II Kongres eHandlu: Piotr Chmielewski, Social Media Now - "Kampanie reklamowe...
 
Ciclo basico diurno vigencia 2009 scp
Ciclo basico diurno vigencia 2009 scpCiclo basico diurno vigencia 2009 scp
Ciclo basico diurno vigencia 2009 scp
 
C11 nhandangtamgiac
C11 nhandangtamgiacC11 nhandangtamgiac
C11 nhandangtamgiac
 
‘Poder influência’, adverte o procurador
‘Poder influência’, adverte o procurador‘Poder influência’, adverte o procurador
‘Poder influência’, adverte o procurador
 
44 tushaal
44 tushaal44 tushaal
44 tushaal
 
HugeTable:Application-Oriented Structure Data Storage System
HugeTable:Application-Oriented Structure Data Storage SystemHugeTable:Application-Oriented Structure Data Storage System
HugeTable:Application-Oriented Structure Data Storage System
 
Learning organization may2010
Learning organization may2010Learning organization may2010
Learning organization may2010
 
Excellence land rover
Excellence land roverExcellence land rover
Excellence land rover
 
im watcing you
im watcing youim watcing you
im watcing you
 
China's Younger Architects 2014
China's Younger Architects 2014China's Younger Architects 2014
China's Younger Architects 2014
 

Similar to DARPA: Cyber Analytical Framework (Kaufman)

Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)Michael Scovetta
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Intel IT Center
 
DevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @CrowdstrikeDevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @CrowdstrikeCosmin Bratu
 
2018 NAMIC Farm Forum
2018 NAMIC Farm Forum2018 NAMIC Farm Forum
2018 NAMIC Farm ForumPhil Reynolds
 
IBC-Feb-2020-1.pptx
IBC-Feb-2020-1.pptxIBC-Feb-2020-1.pptx
IBC-Feb-2020-1.pptxRuchi Gandhi
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Ulf Mattsson
 
Cloud Computing - Myths & Reality
Cloud Computing - Myths & RealityCloud Computing - Myths & Reality
Cloud Computing - Myths & RealityErik Riedel
 
It aac defense-it-cloud2013
It aac defense-it-cloud2013It aac defense-it-cloud2013
It aac defense-it-cloud2013John Weiler
 
OIT Technology, Communications, Japan
OIT Technology, Communications, JapanOIT Technology, Communications, Japan
OIT Technology, Communications, JapanChristos Makiyama
 
Oil and gas cyber security nov 2012
Oil and gas cyber security nov 2012Oil and gas cyber security nov 2012
Oil and gas cyber security nov 2012Dale Butler
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...NUS-ISS
 
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】Hacks in Taiwan (HITCON)
 

Similar to DARPA: Cyber Analytical Framework (Kaufman) (20)

Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network Security
 
Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018Conférence ARBOR ACSS 2018
Conférence ARBOR ACSS 2018
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
DevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @CrowdstrikeDevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @Crowdstrike
 
2018 NAMIC Farm Forum
2018 NAMIC Farm Forum2018 NAMIC Farm Forum
2018 NAMIC Farm Forum
 
IBC-Feb-2020-1.pptx
IBC-Feb-2020-1.pptxIBC-Feb-2020-1.pptx
IBC-Feb-2020-1.pptx
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011
 
2 21916 wp_asert_en
2 21916 wp_asert_en2 21916 wp_asert_en
2 21916 wp_asert_en
 
Cloud Computing - Myths & Reality
Cloud Computing - Myths & RealityCloud Computing - Myths & Reality
Cloud Computing - Myths & Reality
 
It aac defense-it-cloud2013
It aac defense-it-cloud2013It aac defense-it-cloud2013
It aac defense-it-cloud2013
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
OIT Technology, Communications, Japan
OIT Technology, Communications, JapanOIT Technology, Communications, Japan
OIT Technology, Communications, Japan
 
Oil and gas cyber security nov 2012
Oil and gas cyber security nov 2012Oil and gas cyber security nov 2012
Oil and gas cyber security nov 2012
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...Architecting cybersecurity to future proof smart cities against emerging cybe...
Architecting cybersecurity to future proof smart cities against emerging cybe...
 
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
 

More from Michael Scovetta

Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Michael Scovetta
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesMichael Scovetta
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State MachinesMichael Scovetta
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesMichael Scovetta
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client BackdoorMichael Scovetta
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForMichael Scovetta
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesMichael Scovetta
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst PracticesMichael Scovetta
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsMichael Scovetta
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)Michael Scovetta
 
Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Michael Scovetta
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationMichael Scovetta
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Michael Scovetta
 

More from Michael Scovetta (20)

Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 
Strategic Surprise
Strategic SurpriseStrategic Surprise
Strategic Surprise
 
Stackjacking
StackjackingStackjacking
Stackjacking
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and Techniques
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State Machines
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade Machines
 
Attacking the WebKit Heap
Attacking the WebKit HeapAttacking the WebKit Heap
Attacking the WebKit Heap
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client Backdoor
 
Smooth CoffeeScript
Smooth CoffeeScriptSmooth CoffeeScript
Smooth CoffeeScript
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking For
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android Smartphones
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst Practices
 
HTML5 Web Security
HTML5 Web SecurityHTML5 Web Security
HTML5 Web Security
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programs
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)
 
Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal Verification
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

DARPA: Cyber Analytical Framework (Kaufman)

  • 1. Dan Kaufman Director, Information Innovation Office An analytical framework for cyber security Approved for Public Release, Distribution Unlimited.
  • 2. An analytical framework for cyber security November 2011 Approved for Public Release, Distribution Unlimited
  • 3. What we hear. Approved for Public Release, Distribution Unlimited.
  • 4. Attackers penetrate the architecture easily… Goal Hijacked • Demonstrate web page asymmetric ease of exploitation of DoD computer versus efforts to defend. Infected .pdf document Result • Multiple remote compromises of fully security compliant and patched HBSS‡ computer within days: • 2 remote accesses. • 25+ local privilege HBSS Workstation escalations. Penetration Demonstration • Undetected by host defenses. Total Effort: 2 people, 3 days, $18K HBSS Costs: Millions of dollars a year for software and licenses alone (not including man hours) ‡ = Host Based Security System (HBSS) Approved for Public Release, Distribution Unlimited
  • 5. Users are the weak link… Approved for Public Release, Distribution Unlimited
  • 6. The supply chain is potentially compromised… Approximately 3500 ICs. • 200 unique chip types. • 208 field programmable gate arrays (FPGAs). • 64 FPGA and 9 ASIC types across 12 subsystems. 78% of FPGAs and 66% of ASICs manufactured in China and Taiwan. FPGA ASIC JSF FPGA & ASIC Usage Manufacture Location Manufacture Location FPGA Asia Asia Europe USA Europe USA Approved for Public Release, Distribution Unlimited.
  • 7. Our physical systems are vulnerable to cyber attacks… Chinese cyber attack: “Highly sophisticated and targeted attack” on Google corporate infrastructure (known as Aurora) Small group of academics took control of a car using Bluetooth and OnStar. They were able to disable the brakes, control the accelerator, and turn on the interior microphone.[1] False speedometer reading [1] K. Koscher, et al. "Experimental Security Analysis of a Modern Automobile," in Proceedings of Note that the car is in park… the IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010. Approved for Public Release, Distribution Unlimited
  • 8. We are doing a lot, but we are losing ground… Approved for Public Release, Distribution Unlimited
  • 9. Ground truth… 45,000 40,000 35,000 30,000 10.0 Cyber Incidents Reported to 25,000 8.0 US-CERT [1] Federal Defensive by Federal 20,000 Cyber Spending [2] agencies 6.0 ($B) 15,000 4.0 10,000 2.0 5,000 0 0.0 2006 2007 2008 2009 2010 Federal Cyber Incidents and Defensive Cyber Spending fiscal years 2006 – 2010 [1] GAO analysis of US-CERT data. GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements [2] INPUT reports 2006 – 2010 Approved for Public Release, Distribution Unlimited.
  • 10. Why? Approved for Public Release, Distribution Unlimited
  • 11. We are divergent with the threat… x Unified Threat 10,000,000 Management 8,000,000 Lines of Code Security software 6,000,000 4,000,000 x Network Flight 2,000,000 Recorder Milky Way Malware: DEC Seal Stalker x Snort 125 lines of code* x x x 0 1985 1990 1995 2000 2005 2010 * Public sources of malware averaged over 9,000 samples (collection of exploits, worms, botnets, viruses, DoS tools) Approved for Public Release, Distribution Unlimited
  • 12. User patterns are exploitable… A recent Defcon contest challenged participants to crack 53,000 passwords. In 48 hours, the winning team had 38,000. # Passwords Profile for the winning team, Team Hashcat Time Approved for Public Release, Distribution Unlimited
  • 13. Additional security layers often create vulnerabilities… October 2010 vulnerability watchlist Vulnerability Title Fix Avail? Date Added XXXXXXXXXXXX XXXXXXXXXXXX Local Privilege Escalation Vulnerability No 8/25/2010 XXXXXXXXXXXX XXXXXXXXXXXX Denial of Service Vulnerability Yes 8/24/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 8/20/2010 XXXXXXXXXXXX XXXXXXXXXXXX Sanitization Bypass Weakness No 8/18/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security Bypass Vulnerability No 8/17/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities Yes 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/16/2010 XXXXXXXXXXXX XXXXXXXXXXXX Use-After-Free Memory Corruption Vulnerability No 8/12/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Code Execution Vulnerability No 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Buffer Overflow Vulnerabilities No 6 of the 8/10/2010 XXXXXXXXXXXX XXXXXXXXXXXX Stack Buffer Overflow Vulnerability Yes vulnerabilities 8/09/2010 XXXXXXXXXXXX XXXXXXXXXXXX Security-Bypass Vulnerability No 8/06/2010 in security are XXXXXXXXXXXX XXXXXXXXXXXX Multiple Security Vulnerabilities No software 8/05/2010 XXXXXXXXXXXX XXXXXXXXXXXX Buffer Overflow Vulnerability No 7/29/2010 XXXXXXXXXXXX XXXXXXXXXXXX Remote Privilege Escalation Vulnerability No 7/28/2010 XXXXXXXXXXXX XXXXXXXXXXXX Cross Site Request Forgery Vulnerability No 7/26/2010 XXXXXXXXXXXX XXXXXXXXXXXX Multiple Denial Of Service Vulnerabilities No 7/22/2010 Color Code Key: Vendor Replied – Fix in development Awaiting Vendor Reply/Confirmation Awaiting CC/S/A use validation Approved for Public Release, Distribution Unlimited
  • 14. These layers increase the attack surface… Constant surface area available to attack Regardless of the application size, DLLs: run-time environment the system loads = more commonality the same number of support For every 1,000 lines functions. of code, 1 to 5 bugs are introduced. Application specific functions Approved for Public Release, Distribution Unlimited
  • 15. We amplify the effect by mandating uniform architectures Approved for Public Release, Distribution Unlimited
  • 16. The US approach to cyber security is dominated by a strategy that layers security on to a uniform architecture. We do this to create tactical breathing space, but it is not convergent with an evolving threat. Approved for Public Release, Distribution Unlimited
  • 17. Technology is not the only culprit… nor the only answer. Approved for Public Release, Distribution Unlimited
  • 18. Economics matter… There are multiple choices for addressing the supply chain vulnerability: • Resort to manufacturing all chips in trusted foundries. This is not feasible or sustainable. • Screen all chips in systems critical to National Security or our economic base. Despite recent advances in screening technology, this is not feasible, affordable, or sustainable at the scales required. • 3,500 IC’s on the F-35 • Single FPGA = 400 million transistors • Modern chips = 2.5 billion transistors Selective screening coupled with diplomatic sanctions may create new solutions that are both feasible and sustainable. Approved for Public Release, Distribution Unlimited
  • 19. Business incentives matter… Understanding them in the context of ‘game theory’ reveals the problem. Bot Herder strategy example: Traditional Bot Herder C2 Botnet Bot Herder Return Antivirus Antivirus Cost Cost Return Strategy 1: Short Long “Storm” XOR‡ branch Solution exists: Botnet weekly patch, kills branch Small High High Low High New P2P Botnet Solution needed: Small High 0 High Low high cost solution, Strategy 2: kills tree AES* branch Root Tree Branch The security layering strategy and antitrust has created cross incentives that contribute to divergence. ‡ = “exclusive or” logical operation * = Advanced Encryption Standard Approved for Public Release, Distribution Unlimited
  • 20. Layering and uniformity have created unintended consequences… we are in need of new choices… Examples: Unintended Belief Approach Example consequence Defense in depth Uniform, layered Host Based Security Larger attack surface network defense System introduces more areas of exploitability for attackers… Homogeneous targets that amplify effects… Users are best line of Operator hygiene 15 character password Users take short cuts defense and become enemy assets… The interplay of technology, Antitrust law Competition and Cross incentives that policy, incentives will favor rulings, use of independence in undermine security better security. COTS security software and COTS We need new choices that create: Users as the best line of defense without impeding operations. Layered defense without increasing surface area for attack. Heterogeneous systems that are inherently manageable. Approved for Public Release, Distribution Unlimited
  • 21. We missed it too… Approved for Public Release, Distribution Unlimited
  • 22. …let’s fix it. Approved for Public Release, Distribution Unlimited