ARO-MURI on Cyber-Situation Awareness Review Meeting Phoenix AZ, 2013

Slides:



Advertisements
Similar presentations
SISTEMA DIÉDRICO Rectas del plano. Rectas en Plano Oblícuo PV PH PV h v h v HsHs VsVs s HsHs VsVs s2s2 s1s1 Recta oblícua.
Advertisements

Cyber-Security: Some Thoughts
Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.
Beyond Reactive Management of Network Intrusions Professor Sushil Jajodia Professor Sushil Jajodia Center for Secure Information Systems
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Distance Education Team 2 Security Architectures and Analysis.
Defence Research and Development Canada Recherche et développement pour la défense Canada Canada Social Cyber Networks Joanne Treurniet 18 October 2005.
National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,
Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.
OU INFORMATION SECURITY & RISK MANAGEMENT ISA – February 4, 2015.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
Join Our Research Efforts in CCAA to Improve Cybersecurity Robustness, Resiliency and Management in Enterprises Information Slides to Encourage Your Organization.
Probabilistic Inference Lecture 4 – Part 2 M. Pawan Kumar Slides available online
E m p o w e r i n g i n n o v a t i o n s. “OCEAN TECHNOSYS” is founded with a goal to provide the highest level of professional services thru our expertise.
Topological Vulnerability Analysis
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.
Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.
A Mission-Centric Framework for Cyber Situational Awareness Metrics, Lifecycle of Situational Awareness, and Impact of Automated Tools on Analyst Performance.
SQL Server 2014: The Data Platform for the Cloud.
1 MURI: Computer-aided Human Centric Cyber Situation Awareness Peng Liu Professor & Director, Lions Center Pennsylvania State University ARO Cyber Situation.
Security Could Ruin Everything! Source: 451 Research, Dec 2012.
Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.
1 MURI: Computer-aided Human Centric Cyber Situation Awareness Peng Liu Professor & Director, The LIONS Center Pennsylvania State University ARO Cyber.
Capita Selecta Distributed Systems Danny Hughes, Wouter Joosen, Sam Michiels, Eddy Truyen IBBT-DistriNet, KULeuven September
ARO–MURI Thoughts on Visualization for Cyber Situation Awareness MURI Meeting July 8–9, 2015 Christopher G. Healey Lihua Hao Steve E. Hutchinson CS Department,
Enterprise GIS Benchmark Update Presented by David James, Business Technology Services EGIS Committee Meeting7 th July 2011 Enterprise GIS Steering Committee.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Michael Miller, CISSP Chief Marketing Officer Renesys Corporation.
Corporate Information Reconnaissance Cell (CIRC).
WHAT – DEMO DEMO 2. WHAT – Demo Scenario Disaster Happens: Terrorist attack in an Iraqi marketplace and civilians are hurt. Assistance is needed by support.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
4H1767 B 1.PPT INTRODUCTION STRATEGIC PLANNING METHOD OVERVIEW SITUATIONAL ANALYSIS POSITION IMPLEMENTATION PROGRAMS GOALS OBJECTIVES CONCLUSIONS PROJECTS.
How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.
Advanced Technology Assessment – Jan 2006 DYNET - A dynamic, hierarchical perspective on massive relational data Dedicated solutions allow analysts to.
A Mission-Centric Framework for Cyber Situational Awareness Assessing the Risk Associated with Zero-day Vulnerabilities: Automated Methods for Efficient.
Security Trends & Industry Insights
MURI Research on Computer Security V.S. Subrahmanian Lab for Computational Cultural Dynamics Computer Science Dept. & UMIACS University of Maryland
Evolution of Technical Insider Threat at the FBI and Lessons Learned
© 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Cyber Security and the National.
Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”
Emerging and Evolving Cyber Threats Require Sophisticated Response and Protection Capabilities  Advanced Algorithms  Cyber Attack Detection and Machine.
UCI Large-Scale Collection of Application Usage Data to Inform Software Development David M. Hilbert David F. Redmiles Information and Computer Science.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
From Technology to Intelligence from. The Current Cyber Discussion Business leaders are more aware of Cyber Risk but ….. ‒ struggle to connect Cyber issues.
1 Cloud-Native Data Warehousing Bob Muglia. 2 Scenarios with affinity for cloud Gartner 2016 Predictions: By 2018, six billion connected things will be.
Agenda Enterprise Situational Awareness Active Defense
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
DART Technology Nicole Fontayne-Bardowell, MPA Vice President & CIO
Xiaohong (Dorothy) Yuan North Carolina A&T State University 11/16/2017
Topological Vulnerability Analysis
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
Scalable Web Apps Target this solution to brand leaders responsible for customer engagement and roll-out of global marketing campaigns. Implement scenarios.
I have many checklists: how do I get started with cyber security?
Modeling Cyberspace Operations
Data/Analysis Challenges in the Electronic Business Environment
DeFacto Planning on the Powerful Microsoft Azure Platform Puts the Power of Intelligent and Timely Planning at Any Business Manager’s Fingertips Partner.
Multi-Step Attack Defense Operating Point Estimation via Bayesian Modeling under Parameter Uncertainty Peng Liu, Jun Dai, Xiaoyan Sun, Robert Cole Penn.
CYBERTHON Use-cases.
Security Essentials for Small Businesses
Data/Analysis Challenges in the Electronic Business Environment
Agenda Why context-aware apps and Web Services?
Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.
In the attack index…what number is your Company?
Mark Quirk Head of Technology Developer & Platform Group
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

ARO-MURI on Cyber-Situation Awareness Review Meeting Phoenix AZ, 2013 Cyber Situation Awareness from a Cyber Security Perspective Sushil Jajodia, Massimiliano Albanese George Mason University Peng Liu Pennsylvania State University Doug Reeves, Peng Ning, Christopher Healey North Carolina State University V. S. Subrahmanian University of Maryland ARO-MURI on Cyber-Situation Awareness Review Meeting Phoenix AZ, 2013

Sample Scenario: Enterprise Network Current situation. Is there any ongoing attack? If yes, where is the attacker? Impact. How is the attack impacting the enterprise or mission? Can we assess the damage? Evolution. How is the situation evolving? Can we track all the steps of an attack? Behavior. How are the attackers expected to behave? What are their strategies? Internet Web Server (A) Mobile App Server (C) Catalog Server (E) Order Processing Server (F) DB Server (G) Local DB Server (D) Local DB Server (B) Forensics. How did the attacker create the current situation? What was he trying to achieve? Information. What information sources can we rely upon? Can we assess their quality? Prediction. Can we predict plausible futures of the current situation? Scalability. How can we ensure that solutions scale well for large networks? ARO-MURI on Cyber-Situation Awareness Review Meeting

Desired CSA Capabilities Aspects of cyber situational awareness that need to be addressed in order to answers all the previous questions Be aware of current situation Identification of past and ongoing attacks Be aware of the impact of the attack Damage assessment Be aware of how situations evolve Real-time tracking of attacks Be aware of adversary behavior Integration of knowledge of the attacker’s behavior into the attack model Be aware of why and how the current situation is caused Forensics Be aware of quality of information Information sources, data integration, quality measures Assess plausible futures of the current situations Predict possible future and recommend corrective actions ARO-MURI on Cyber-Situation Awareness Review Meeting

System Architecture fd fs hA hC hE hF hG hD hB vD  vE  vF vB vC {(3,10),0.7} {(1,9),0.3} {(1,3),0.8} {(2,7),0.2} {(1,8),1} {(1,7),1} {(3,7),1} {(1,3),1} 0.8 1 0.7 vA vE vC vF vG vD hA,fs 8 hE, fs 7 hC, fs hF, fs hG hD, fd 5 hB, fd hS, fs 10 hT, fs vB Vulnerability Databases NVD OSVD CVE fd fs hA hC hE hF hG hD hB Online Shopping Mobile Order Tracking Scenario Analysis & Visualization Network Hardening Unexplained Activities Model Adversarial modeling Heavy Iron Analyst Order Processing Server (F) Mobile App Server (C) DB Server (G) Local DB Server (D) 0.7 0.3 1 No information about the impact on missions of different courses of actions Topological Vulnerability Analysis Index & Data Structures Graph Processing and Indexing Cauldron Switchwall Stochastic Attack Models Situation Knowledge Reference Model f_s: all the entities need to be fully operat f_r: at least one of the entities it depends on is fully operational. f_d: average Across-graph edge = the percentage reduction in the performance of an entity caused by an exploit Monitored Network Dependency Analysis NSDMiner Generalized Dependency Graphs Alerts/Sensory Data ARO-MURI on Cyber-Situation Awareness Review Meeting

System Architecture – Cyber Security Perspective

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.