Self-Securing Devices: Better Security via Smarter Devices Greg Ganger Director, Parallel Data Lab.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

What is Infrastructure Optimisation and Why should you care?

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Guide to Network Defense and Countermeasures Second Edition

PASIS: Perpetually Available and Secure Information Systems Greg Ganger, Pradeep Khosla, Chenxi Wang, Mehmet Bakkaloglu,

Is There a Security Problem in Computing? Network Security / G. Steffen1.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Firewall Configuration Strategies

Security Awareness: Applying Practical Security in Your World

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Operating Systems CS208. What is Operating System? It is a program. It is the first piece of software to run after the system boots. It coordinates the.

Network security Process in which digital information are protected.

Computer Networks IGCSE ICT Section 4.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Stuart Cunningham - Computer Platforms COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.

S E C U R E C O M P U T I N G Intrusion Tolerant Server Infrastructure Dick O’Brien, Tammy Kappel, Clint Bitzer OASIS PI Meeting March 14, 2002.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

COEN 252 Computer Forensics

What is FORENSICS? Why do we need Network Forensics?

Local Area Networks (LAN) are small networks, with a short distance for the cables to run, typically a room, a floor, or a building. - LANs are limited.

October 15, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint SOEN321-Information-Systems Security Revision.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

Client – Server Architecture. Client Server Architecture A network architecture in which each computer or process on the network is either a client or.

An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński

Inside your computer. Hardware Review Motherboard Processor / CPU Bus Bios chip Memory Hard drive Video Card Sound Card Monitor/printer Ports.

Linux Networking and Security

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

Security monitoring boxes Andrew McNab University of Manchester.

Bzupages.com. Operating System: Presented To: Sir. Ahsan Raza Presented By: Shaista Sumreen (06-04) Aliya Zafar (06-06) Mamoona Sadia (06-08) Javaria.

Oracle's Distributed Database Bora Yasa. Definition A Distributed Database is a set of databases stored on multiple computers at different locations and.

Module 6: Designing Security for Network Hosts

Distributed Databases

1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319.

MIS 7003 MIS Core Course The MBA Program The University of Tulsa Professor: Akhilesh Bajaj Security: Personal & Business © Akhilesh Bajaj 2004,2005, 2007,

CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.

Computer Security By Duncan Hall.

Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.

Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.

Client – Server Architecture A Basic Introduction 1.

Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.

A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.

IT 5433 LM1. Learning Objectives Understand key terms in database Explain file processing systems List parts of a database environment Explain types of.

By: Keith Reiter COSC 356. Today’s Agenda Introduction Types of firewalls Firewall Access Rules Firewall Logging Who needs a firewall Summary.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Securing Network Servers

Top 5 Open Source Firewall Software for Linux User

Click to edit Master subtitle style

An Introduction to Computer Networking

PLANNING A SECURE BASELINE INSTALLATION

Network Security Mark Creighton GBA 576 6/4/2019.

6. Application Software Security

Presentation transcript:

Self-Securing Devices: Better Security via Smarter Devices Greg Ganger Director, Parallel Data Lab

Greg Ganger November 2001http:// Motivation: Intrusion Survival Intrusions are a fact of modern computing worms, virus-infected software, crackers, … Never going to have rock-solid kernels or firewalls Dilemma: all hope placed in perimeter defense Difficult to defend fully Difficult to recover from breaches Difficulties scale with amount of stuff protected Better approach: many independent perimeters

Greg Ganger November 2001http:// Some components of a computer system Kernel Programs Main Memory NIC Network SIC Disks Graphics Card Video Capture

Greg Ganger November 2001http:// Today’s security perimeter Kernel Programs Main Memory NIC Network SIC Disks Graphics Card Video Capture

Greg Ganger November 2001http:// What makes the current model so bad? Large, singular borders must support many needs code too complex to get perfect system too complex to administer perfectly Successful intruder controls all resources no observations or state remain trustable no foothold for detection, diagnosis, or recovery Central security checks don’t scale result: trade-off between security and performance

Greg Ganger November 2001http:// Today’s security perimeter Kernel Programs Main Memory NIC Network SIC Disks Graphics Card Video Capture

Greg Ganger November 2001http:// Lots of distinct “computers” in this system SCSI cards Video cards Network cards … and disks too

Greg Ganger November 2001http:// More good places for security perimeters Kernel Programs Main Memory NIC Network SIC Disks Graphics Card Video Capture

Greg Ganger November 2001http:// What makes self-securing devices better? Many additional perimeters each is easier to harden (small, specialized) each is very different from others (heterogeneous) Successful intruder controls fewer resources many observations in system remain trustable many footholds for detection, diagnosis, or recovery Decentralized security checks do scale can be more aggressive in what checked when

Greg Ganger November 2001http:// Example: self-securing storage devices Protect stored data and audit storage accesses even if OS is compromised Can save and observe anything inside device retain all versions of all data collect audit log of all requests What self-securing storage enables storage-based intrusion detection faster, better recovery informed analysis of security compromises

Greg Ganger November 2001http:// Example: self-securing NICs Protect each side from the other especially when “the other” is not acting nice… Can observe, filter, modify communications Incoming: firewall, proxy, NAT, etc… Outgoing: throttle misbehaving system, tag traffic, … What self-securing NICs enable distributed, coordinated traffic analysis including insiders and more detailed checks rapid deployment of new policies dynamic response to attacks, worms, and partial compromises

Greg Ganger November 2001http:// Summary: device-embedded security Self-securing devices are an opportunity creates more and independent perimeters separate hardware+software gives strong base PDL is developing this new paradigm exploring what can be done behind each perimeter … and the associated hardware requirements developing tools for coordinating dynamic action automating detection, containment, diagnosis, recovery developing tools for administering devices

For more information: Director, Parallel Data Lab