Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

Autonomic Computing Shafay Shamail Malik Jahan Khan.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Lecture 11 Reliability and Security in IT infrastructure.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

The Socket Handoff Defense to DoS Attacks Katia Sycara, PI Overview Key Benefits of Socket Handoff Discovery Features.

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Lecture 11 Intrusion Detection (cont)

Department Of Computer Engineering

A Survey on Interfaces to Network Security

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

23 September 2004 Evaluating Adaptive Middleware Load Balancing Strategies for Middleware Systems Department of Electrical Engineering & Computer Science.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Storage Security and Management: Security Framework

Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.

IA&S July 17, Fault Tolerant Networks (FTN) Research Program Joint Information Assurance & Survivability (IA&S) Principal Investigator Meeting Honolulu,

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

D. Schmidt DARPA Example: Navy UAV Concept & Representative Scenario 1. Video feed from off-board source (UAV) 2. Video distributor sends video to hosts.

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

1 21 July 00 Joint PI Meeting FTN Applications that Participate in their Own Defense (APOD) BBN Technologies Franklin Webber, Ron Scott, Partha Pal, Michael.

SALSA-NetAuth Joint Techs Vancouver, BC July 2005.

1 APOD 10/5/2015 NCA 2003Christopher Jones APOD Network Mechanisms and the APOD Red-team Experiments Chris Jones Michael Atighetchi, Partha Pal, Franklin.

MILCOM 2001 October page 1 Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi,

Sungkyunkwan University (SKKU) Security Lab. A Framework for Security Services based on Software-Defined Networking Jaehoon (Paul) Jeong 1, Jihyeok Seo.

DSN 2002 June page 1 BBN, UIUC, Boeing, and UM Intrusion Tolerance by Unpredictable Adaptation (ITUA) Franklin Webber BBN Technologies ParthaPal.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

WDMS 2002 June page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

BBN Technologies a part of page 118 January 2001 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting January.

1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,

Future of the Server Room Tour. Ottawa Montreal Calgary Vancouver Toronto Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization.

2001 July page 1 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting 2001 July 30 Franklin Webber QuO.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

SAM-21 Fortress Model and Defense in Depth Some revision on Computer Architecture.

1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000.

7.5 Intrusion Detection Systems Network Security / G.Steffen1.

GRID ARCHITECTURE Chintan O.Patel. CS 551 Fall 2002 Workshop 1 Software Architectures 2 What is Grid ? "...a flexible, secure, coordinated resource- sharing.

2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by.

1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.

Integrity Through Mediated Interfaces PI Meeting: July 19-21, 2000 Bob Balzer Teknowledge Legend: Turquoise Changes from July 99.

1 010/02 Aspect-Oriented Interceptors Pattern 1/4/2016 ACP4IS 2003John Zinky BBN Technologies Aspect-Oriented Interceptors Pattern Dynamic Cross-Cutting.

Multi-Tier Communication Abstractions for Distributed Multi-Agent Systems Michael Thome

Networking Aspects in the DPASA Survivability Architecture: An Experience Report Michael Atighetchi BBN Technologies.

Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.

Role Of Network IDS in Network Perimeter Defense.

Carnegie Mellon University Software Engineering Institute Lecture 4 The Survivable Network Analysis Method: Evaluating Survivability of Critical Systems.

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.

SECURITY IN MOBILE NETWORKS Bharat Bhargava CERIAS and Computer Sciences Departments Purdue University, W. Lafayette, IN Supported.

Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

Middleware Policies for Intrusion Tolerance

Intrusion Tolerance by Unpredictable Adaptation

Anna Giannakou Christine Morin, Jean-Louis Pazat, Louis Rilling

Presentation transcript:

Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored by AFRL (Mr. Patrick Hurley) Demo slides for FTN Winter PI Meeting St Petersburg, Florida Januray 16-19, 2001

Defense Enabling: increasing resistance to malicious attacks even though the environment in which the applications run is untrustworthy Defense enabled applications have ‘defense strategies’, which are supported by ‘defense mechanisms’ coordinated via an adaptive middleware (QuO) in a systematic (as opposed to ad-hoc) manner with minimal changes in the application Example defense strategies: try to defeat the attack, try to work around the attack, try to impose a stronger barrier against future attacks etc. These strategies can be at various levels: application level, QoS/Resource Mgmt level, network/OS infrastructure level etc. Example defense mechanisms: adaptive behavior, access control, IDS, network filtering, replication management This demo presents an example defense enabled application capturing a cross-section of multiple defense mechanisms we have developed It is a 3GS approach to survivability: adaptive use multiple mechanisms including 1GS (access control), 2GS (IDS) and others (replication) The APOD Technical Approach BBN Technologies

Database Radar DisplayAdministrator Attacker BBN Technologies The Air Space Monitoring (ASM) Application and example attacks senses Fuses sensed data displays Observes/tunes parameters Invokes unauthorized operations destroys Attacker’s motive keep ASM from being useful Example attacker strategies (only the blue ones are in the demo): invoke methods on application objects kill key application processes/take down hosts that run them flood networks

Individual Defense mechanisms: Replication: a key object (database) is replicated using Proteus (developed under Quorum) dependability management mechanism Dynamic Access Control: all objects are subject to OODTE access control policy which allows only a specific set of inter-object interaction Packet Filtering: a COTS packet filtering mechanism (IPChains) is used as a representative example IDS: a COTS IDS (Tripwire) is used as a representative example Adaptive behavior includes adaptive use of most of the above. Some examples: Application level adaptation: switching to back up database when multiple hosts running database replicas are suspect Adaptive use of replication: pattern of replica crashes on a host causes moving the replica to a different host Adaptive use of IDS: running Tripwire when multiple hosts are suspect Adaptive use of access control: changing access control policies Adaptive use of packet filtering: tightening the firewall to increase security of the backup Defense Enabled ASM BBN Technologies

Database replica Radar DisplayAdministratorAttacker BBN Technologies tomatojackfruituglimacoun winesap simulated simulatedc simulated replication hosts Main display Proteus display Backup db host Demo Organization Because of limited number of hosts, we share the hosts among multiple processes