ADAM: Active Defense Algorithm and Model Sergio Caltagirone University of Idaho

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

Primary Benefit Types Value Discipline Benefits – Operating Excellence Reduce Cost Reduce Risk – Product Leadership Increase Revenue – Customer Intimacy.

Legal aspects of quality Michel ISNARD Insee – Legal Affairs.

Lecture 1: Overview modified from slides of Lawrie Brown.

FIGHT AGAINST CORRUPTION: THE LITHUANIAN WAY. CONTENTS Factors Decision Challenges Dilemmas Priorities.

How Actions Can Be Morally Evaluated l Teleological Ethics: morality is defined in terms of the consequences of actions l Deontological Ethics: morality.

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 5, 2003.

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 25, 2004.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Social and Economic Impacts of IT Professor Matt Thatcher.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

Introduction to Network Defense

1 Business Continuity. 2 Continuity strategy Business impact Incident response Disaster recovery Business continuity.

California Common Operating Picture (Cal COP) for Public Safety

Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.

SafeZone® patent pending 1 Detect. Inform. Prevent. NERC Physical Security Standards and Guidelines SafeZone® Detect. Inform. Prevent.

BUSINESS B1 Information Security.

1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk analysis approaches/technologies –Security scanning –Intrusion.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

INTRODUCTION Why AIS threats are increasing

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Active Response Sergio Caltagirone Master’s Thesis Defense May 9, 2005 Major Professor: Deb Frincke.

IPR Issues: What ’ s New (and a little of what ’ s old) Scott Brim IETF 61.

IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.

Applications in Acquisition Decision-Making Process.

Operational Risk Ruth Hanna Strong FIRMA Conference San Francisco March 31, 2010 © 2010 Wells Fargo Bank, N.A. All rights reserved. For public use.

April 14, 2005Sergio Caltagirone The Essence of Sergio Caltagirone April 14, 2005 Active Response.

PRESCRIPTIVE APPROACHES TO ETHICAL DECISION-MAKING IN BUSINESS referencing Chapter 4 Trevino & Nelson, Managing Business Ethics. NY: Wiley, 1999.

McGraw-Hill© 2003 The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill© 2003 The McGraw-Hill Companies, Inc. All rights reserved Chapter.

12/5/2003Sergio Caltagirone University of Idaho An Active Defense Decision Model Sergio Caltagirone Major Professor: Deborah Frincke, PhD University of.

AP Statistics Section 11.4 B

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory.

Ethics in Business and the Christian Life 5 Night 5 Thursday September 10, 2015.

Dr. Bruce Gabrielson Keynote.  Five years since the release of the first Insider Threat State of the Art Report ◦ In reality, it’s been almost 7 years.

Market Failures. 1) Inadequate Competition Inefficient resource allocation Higher prices and reduced output Economic and political power.

3/30/04Sergio Caltagirone Human/Computer Interaction Security and Privacy in the Digital Age Sergio Caltagirone University of Idaho 3/30/04.

Engineering Secure Software. Does Security Even Matter?  Find two other people near you Introduce yourself What is your favorite software development.

DARSHANA RAGHU MANAGEMENT. Risk Management Risk management is the identification, assessment, and prioritization of risks followed by coordinated and.

PRESENTATION TOPIC TRACKING ENTERPRISE RISKS AND LEARNING BY TRACKING.

Trinity Industries, Inc. FEI Presentation May 31, 2012.

2007 Office of Risk Management Annual Conference 2007 David M. Shapiro Disaster Planning & Recovery Consultants

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.

The Technicalities of Active Response Sergio Caltagirone April 26, 2005 CS 523 – Net Sec.

The Ethics of Care According to this method, we have an obligation to exercise special care toward the people with whom we have valuable, close relationships.

CS457 Introduction to Information Security Systems

and Security Management: ISO 28000

Network Security Analysis Name : Waleed Al-Rumaih ID :

Compliance with hardening standards

Portfolio theory Lecture 7.

AF NL Force Integration

Figure 3: TSN Analysis Methodology

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Tool Server Workstation Router Universal

Unit 7 – Organisational Systems Security

NRC Cyber Security Regulatory Overview

Reconnaissance Report Trillium Technologies

High-Level Synthesis for Side-Channel Defense

Skybox Cyber Security Best Practices

The MobileIron® Threat Detection difference:

GRC - A Strategic Approach

CHAPTER 10 Corporate Governance

Chapter 5 Ethical Issues in Services Marketing

And now the Framework WP4.

PFMEA Summary Process Steps

Presentation transcript:

ADAM: Active Defense Algorithm and Model Sergio Caltagirone University of Idaho

Active Defense  “Any action sequence performed by an individual or organization between the time an attack is detected and has completed, in an automated or non-automated fashion, to mitigate a threat against a particular asset.”  More than hacking back! Firewall rules, Notifying Authorities, etc. (along with the other stuff)

Goals of ADAM  Provide a generalizable, extendable model for any organization Completely model the risk of the threat and AD actions Find best active defense solution for the threat (allow for automation) – maximize benefit, minimize risk Provide legal (and ethical) due diligence  Why? Current tools are inefficient and sometimes critically ineffective If you want to respond to an attack, no way to determine which response is best

Active Defense Problems  Ethicalness  Legal  Unintended Consequences  Risk Valuation

Solutions Provided by ADAM  Ethicalness Incorporates Teleological and Deontological ethical concerns  Legal No precedent: minimal force, proportional force, immediate threat  Unintended Consequences Statistical measure of confidence in action performing as expected  Risk Valuation Provides statistical bounds for potential risk

Future and Upcoming Work  Current: (For Fun) Using competitive co- evolution to determine effective active defense strategies  Near Future (2-3 mo): Simulate Model for validation  Far Future (4-5 mo): Formal validation