2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by.

Slides:

Advertisements

Similar presentations

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

Advertisements

LONG: Laboratories Over Next Generation Networks. Project Description & WP1: Management.

Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

ARE YOU READY FOR TEST AUTOMATION GAME? - Kerry Zallar (STQE Magazine) (Nov/Dec 2001 Issue) CONCEPT/ DEFINITION:  Use of software to control the execution.

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.

1 12/10/03CCM Workshop QoS Engineering and Qoskets George Heineman Praveen Sharma Joe Loyall Richard Schantz BBN Technologies Distributed Systems Department.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

Page 1 R Risk-Driven and Iterative Development. Page 2 R Copyright © 1997 by Rational Software Corporation What the Iterative Life Cycle Is Not It is.

System Integration Management (SIM)

EC Review – 01/03/2002 – G. Zaquine – Quality Assurance – WP12 – CS-SI – n° 1 DataGrid Quality Assurance Gabriel Zaquine Quality Engineer - WP12 – CS-SI.

1 ECE 453 – CS 447 – SE 465 Software Testing & Quality Assurance Case Studies Instructor Paulo Alencar.

Release & Deployment ITIL Version 3

QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Effective Methods for Software and Systems Integration

Student Learning Objectives The SLO Process Student Learning Objectives Training Series Module 3 of 3.

NDIA SE Division Meeting February 13, Developmental Test and Evaluation Committee Beth Wilson, Raytheon Steve Scukanec, Northrop Grumman Industry.

Surveyors Conference Project Update for the as of March 2007 Right of Way Data Management System (RWDMS)

Best Practices By Gabriel Rodriguez

Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Future support of EGI services Tiziana Ferrari/EGI.eu Future support of EGI.

1 21 July 00 Joint PI Meeting FTN Applications that Participate in their Own Defense (APOD) BBN Technologies Franklin Webber, Ron Scott, Partha Pal, Michael.

Nicholas LoulloudesMarch 3 rd, 2009 g-Eclipse Testing and Benchmarking Grid Infrastructures using the g-Eclipse Framework Nicholas Loulloudes On behalf.

1 APOD 10/5/2015 NCA 2003Christopher Jones APOD Network Mechanisms and the APOD Red-team Experiments Chris Jones Michael Atighetchi, Partha Pal, Franklin.

MILCOM 2001 October page 1 Defense Enabling Using Advanced Middleware: An Example Franklin Webber, Partha Pal, Richard Schantz, Michael Atighetchi,

DSN 2002 June page 1 BBN, UIUC, Boeing, and UM Intrusion Tolerance by Unpredictable Adaptation (ITUA) Franklin Webber BBN Technologies ParthaPal.

WDMS 2002 June page 1 Middleware Policies for Intrusion Tolerance QuO Franklin Webber, Partha Pal, Chris Jones, Michael Atighetchi, and Paul Rubel.

BBN Technologies a part of page 118 January 2001 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting January.

1 APOD 10/19/2015 DOCSEC 2002Christopher Jones Defense Enabling Using QuO: Experience in Building Survivable CORBA Applications Chris Jones Partha Pal,

1 06/ /21/2015 ECOOP 2000 Workshop QoS in DOSJohn Zinky BBN Technologies Quality Objects (QuO) Middleware Framework ECOOP 2000 Workshop QoS in DOS.

2001 July page 1 Applications that Participate in their Own Defense (APOD) BBN Technologies FTN PI Meeting 2001 July 30 Franklin Webber QuO.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen.

Innovation: The Key to the Future of Security  Douglas Maughan, Division Director, DHS S&T  Moderator: Illena Armstrong.

Jackie Voss Manager, Global Standards Development ATIS All-IP Transition Initiatives September 30, 2015.

S E C U R E C O M P U T I N G Not For Public Release 1 Intrusion Tolerant Server Infrastructure Dick O’Brien OASIS PI Meeting July 25, 2001.

PerfSONAR-PS Functionality February 11 th 2010, APAN 29 – perfSONAR Workshop Jeff Boote, Assistant Director R&D.

TGDC Meeting, July 2011 Voluntary Voting System Guidelines Roadmap Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

SCORM Status. 2 Stabilization, Clarification and Issue Resolution Bug Fixes, Corrections & Clarifications SCORM 2004 January 2004 SCORM nd Edition.

TGDC Meeting, Jan 2011 Help America Vote Act (HAVA) Roadmap Nelson Hastings National Institute of Standards and Technology

Test status report Test status report is important to track the important project issues, accomplishments of the projects, pending work and milestone analysis(

System Maintenance Modifications or corrections made to an information system after it has been released to its customers Changing an information system.

Process Asad Ur Rehman Chief Technology Officer Feditec Enterprise.

Intelligence and Information Systems 1 3/17/2004 © 2004 Raytheon Company USC/CSE Executive Workshop on Agile Experiences March 17, 2004 A Raytheon Agile.

D4Science and ETICS Building and Testing gCube and gCore Pedro Andrade CERN EGEE’08 Conference 25 September 2008 Istanbul (Turkey)

HP-PPM Work Plan Configuration Options Project & Time Management Version 7 Implementation Project\Work Plan and Time Management\Work Plan Configuraiton.ppt.

For Presentation at 28 th APEC Transportation Working Group Meeting Vancouver, Canada Walter Kulyk Director, Office of Mobility Innovation Federal Transit.

Quad Chart – Format Photograph or artist’s concept of the project end- item. Ideally, this will convey the main idea of the final capability/use of the.

1 SCR756 – Enhancements to the MarkeTrak application –Fondly called - MarkeTrak Phase 3 –ERCOT CEO determined that SCR756 is not necessary prior to the.

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.

ISIS Project Status Report May 18, 2006 Prepared by MAXIMUS, Inc Education Systems Division for the ABT Committee.

Viewpoint Modeling and Model-Based Media Generation for Systems Engineers Automatic View and Document Generation for Scalable Model- Based Engineering.

Planning the Digital Transformation Readiness Check for SAP S/4HANA

Right of Way Data Management System (RWDMS)

INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS

DataGrid Quality Assurance

Middleware Policies for Intrusion Tolerance

Improving Mission Effectiveness By Exploiting the Command’s Implementation Of the DoD Enterprise Services Management Framework - DESMF in the [name the.

JTAMS PRE-MILESTONE B ANALYSIS

UK Link Technology Refresh

Using An Isolated Network to Teach Advanced Networks and Security

ONGARD Modernization Closeout Certification Presentation for PCC Energy, Minerals and Natural Resources Department State Land Office Taxation and Revenue.

1915(i)& (k) Implementation Update

Course: Module: Lesson # & Name Instructional Material 1 of 32 Lesson Delivery Mode: Lesson Duration: Document Name: 1. Professional Diploma in ERP Systems.

DSC ChMC CSS update 7th November 2018

Amendment Invoice Task Force Progress Report

Executive Order No. 23 Update Air & Waste Management Association Conference November 16, 2018 Presentation will focus on the latest policy development.

MVD System Modernization Certification Change Request

Presentation transcript:

2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by Franklin Webber BBN Technologies QuO

2001 November13 -- page 2 Applications That Participate in Their Own Defense New Ideas ImpactSchedule Involve application software in its own defense Use quality-of-service management to aid intrusion diagnosis and to resist attacks Provide a language for building a defense strategy from simple intrusion responses Use middleware to coordinate application’s defense strategy Provide tools to help developers configure application defenses for survivability Systems with more survivability, built with less effort Defense of critical applications without need for perfect security in infrastructure; cost- efficient: can use COTS A set of example defense-enabled applications A collection of validated defense strategies that application developers and/or security specialists can apply July 1999 Start July 2000July 2001 July 2002 End Proof of Concept SW Release Final Survivability Tools Delivery Defense-Enabled App SW Releases Initial validation experiments complete Validation experiments technical report Application Attacker Raw Resources QoS Management CryptoCrypto OSs and NetworkIDSsFirewalls

2001 November13 -- page 3 Summary of Accomplishments Developed concept of defense enabling Integrated a variety of defense mechanisms –resource QoS managers: replication, RSVP bandwidth –resource modulation: port hopping –intrusion detection: Snort, Tripwire –firewall: IPTables –security: IP-to-IPsec switching, OODTE access control Created some basic defense strategies –coordination of mechanisms to enhance defense –QuO middleware used for integration and specification Defense-enabled several applications

2001 November13 -- page 4 Tasks Remaining in Current Contract Design and perform Red Team experiments –defense-enabled image server application –strategies using subsets of existing defense mechanisms Harden existing mechanisms –Incorporate NCSU security-enhanced RSVP –Port to Security-Enhanced Linux Begin classification of defense strategies –precursor to a strategy specification language Deliver final version of defense-enabling toolkit

2001 November13 -- page 5 Experiment Planning Participants: –BBNT: APOD group –BBNT: Experimentation group: Theriault, Nelson –Sandia: Kaufman –Spawar: Huffstetler

2001 November13 -- page 6 Experiment Planning Issues What are the Red Team “flags”? –for availability –for integrity What is to be measured? What attacks are off-limits for Red Team? How can defense enabling, a given defense strategy, and several defense mechanisms be evaluated independently in a limited set of experiments?

2001 November13 -- page 7 Rough Experiment Schedule November: draft experiment plan December: do whiteboard analysis; prepare application January: execute experiment February: analyze data and report results

2001 November13 -- page 8 Where To Next For APOD Concept And Technology? Improvements to technology –lessons learned from experiments –more complete coverage of potential attack scenarios 2nd round of Red Team experiments –fewer attacks out of bounds –using SE Linux Technology transition –transition to Coronado? UltraLog? –domain-specific defense strategies, mechanisms Assuming successful or mixed results from experiments with a Phase I APOD, then Phase II could include:

2001 November13 -- page 9 Improvements to Technology Further development and packaging of defense strategies –effective parameterization –game-theoretic analysis –automatic generation from specifications New and improved defense mechanisms –shorter response time –diffserv vs. RSVP? more and better IDSs? –SPIE to aid defenses against flooding –real-time scheduling for detection and response Extend to heterogeneous environment –used to confine attacks better

2001 November13 -- page 10 Topics For Discussion Since September 11, what cyber-threats does DoD consider highest priority, and can APOD technology address them? What is the potential impact of the new federal cyber-security office on APOD goals? What might be potential funding vehicles for continued APOD activities?