The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory.

Slides:



Advertisements
Similar presentations
ETHICAL HACKING A LICENCE TO HACK
Advertisements

Engineering Secure Software. Does Security Even Matter?  At your table, introduce yourselves: Your name, degree, & app domain What is your favorite software.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Lecture 1: Overview modified from slides of Lawrie Brown.
1 CHAPTER 1 POLITICS. 2 Definitions Of The Word Hacker Hacker – someone who has achieved some level of expertise with a computer Hacker – someone who.
FIGHT AGAINST CORRUPTION: THE LITHUANIAN WAY. CONTENTS Factors Decision Challenges Dilemmas Priorities.
Introducing Computer and Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
“ACTIVE DEFENSE”AGORA: 7-8 June, 2001 AGENDA General comments / background Point-of-departure definitions Discussion.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.
Risk Management Vs Risk avoidance William Gillette.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Ethical issues in psychology Focus on the important questions: Why are ethics important? What are the issues? What is and isn’t acceptable? How should.
Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Active Defense Team BAM! Scott Amack, Everett Bloch, and Maxine Major.
SafeZone® patent pending 1 Detect. Inform. Prevent. NERC Physical Security Standards and Guidelines SafeZone® Detect. Inform. Prevent.
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
BUS1MIS Management Information Systems Semester 1, 2012 Week 7 Lecture 1.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
© Pearson Prentice Hall 2009 Part 4-1 Using MIS 2e Part 4 The International Dimension: International IT Development & Management David Kroenke.
BUSINESS B1 Information Security.
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
CSCE 548 Secure Software Development Test 1 Review.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
U. S. Coast Guard Requirements Maritime Security.
Active Response Sergio Caltagirone Master’s Thesis Defense May 9, 2005 Major Professor: Deb Frincke.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
Global Health Engagement (GHE): What it is, what it is not, and relevant DoD issues within the legal and physician practitioner arena.
Universiteitstraat 4, B-9000 Ghent, Belgium T +32 (0) , F +32 (0) Tom Vander Beken – Anticipating.
Information Warfare Summary. Information Security Information Assurance Information Warfare Information Dominance.
STUDYING BEHAVIOR © 2009 The McGraw-Hill Companies, Inc.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
April 14, 2005Sergio Caltagirone The Essence of Sergio Caltagirone April 14, 2005 Active Response.
ENISA efforts for securing European Internet Infrastructure
Human Error and Biases. Human Error - Definition  An inappropriate or undesirable human decision or behavior that reduces, or has the potential for reducing,
8/24/04History, Perspectives Research Methods How should we find out about human thought and behavior? (Epistemological question) Guess? (intuition, gut.
CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.
12/5/2003Sergio Caltagirone University of Idaho An Active Defense Decision Model Sergio Caltagirone Major Professor: Deborah Frincke, PhD University of.
IT Controls Global Technology Auditing Guide 1.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Decision Support Systems: Modern information systems on the modern battlefield Steven P. Frysinger, Ph.D. Integrated Science and Technology and Computer.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
ADAM: Active Defense Algorithm and Model Sergio Caltagirone University of Idaho
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
AUSTRALIA. A National Strategy for Enhancing the Safety and Security of our Food Supply ที่มา : We pride ourselves on our high safety and security standards.
UNECE – SC2 Rail Security Analysis and economic assessment of rail transport security 1st October 2009 Andrew Cook.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Gregory Saathoff, Troy Nold &Christopher Holstege Chapter 3 - We Have Met the Enemy and They Are Us: Insider.
IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.
CJ 333 Unit 9. Minneapolis Domestic Violence Experiment –Arrest the suspect –Order one party out of the residence –Advise couple how to solve their problems.
Engineering Secure Software. Does Security Even Matter?  Find two other people near you Introduce yourself What is your favorite software development.
Incident Response Christian Seifert IMT st October 2007.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
SEC 480 assist Expect Success/sec480assistdotcom FOR MORE CLASSES VISIT
The Technicalities of Active Response Sergio Caltagirone April 26, 2005 CS 523 – Net Sec.
CSCE 548 Secure Software Development Test 1 Review
Security for Safety: Enabling Digitalization of Railway Systems
Final Conference 18 Set 2018.
Assessing organised crime: threat, anticipation and future
Prevention, Intelligence
Chapter 1 Key Security Terms.
Ethical Issues in Psychology
Presentation transcript:

The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory

Previous Responses… Clifford Stoll v. German Hackers (1986) C. Stoll, “Stalking the Wiley Hacker” in Communications of the ACM, vol 31, 1998, pp DoD v. Electronic Disturbance Theater (1998) Conxion v. E-Hippies (2000) FBI v. Russian Hackers (2001) a.k.a. ‘Invita’ Case

Where Is Everybody?

Primary focus to reduce system vulnerability and/or accurately/rapidly detect misuse Difficult to experiment with extreme or novel forms of response Folded in as part of detection Response == Advocacy of Vigilantism No reason to study response since detection cannot be done reliably

Where We’re At…

Where We Want To Be…

Goals Develop a framework to discuss response actions –Definition –Taxonomy –Summary of Challenges –Response Process Model

Elements of a Definition Time-bound –Subjective Purposeful –Not for retribution or revenge, but to return to a previous secure state Limited –Threat mitigation not elimination Controllable and Deliberate Sequence of Actions Technologically Independent

A Definition: Active Response Any action sequence deliberately performed by an individual or organization between the time an attack is detected and the time it is determined to be finished, in an automated or non-automated fashion, in order to mitigate the identified threat’s negative effects upon a particular asset set. Active does not modify response, but rather describes the state of the attack

Taxonomy of Responses 8 Types –No Action –Internal Notification –Internal Response –External Cooperative Response –Non-cooperative Intelligence Gathering –Non-cooperative ‘Cease and Desist’ –Counter-Strike (Direct vs. Passive) –Preemptive Defense

Challenges of Active Response Legal –Civil, Criminal, Domestic, International Ethical –Teleological, Deontological Technical –Traceback, Reliable IDS, Confidence Value, Real Time Risk Analysis –Measure ethical, legal risk effectively? Unintended Consequences –Attacker Action, Collateral Damage, Own Resources

Response Process Model

Future Work Increased Public Discussion Competitive Co-Evolution to Determine New Strategies Continue to Develop Response Models Increased Research in Response Technologies and Approaches

Conclusions A Need for Response –More Discussion –Greater Understanding A Definition Taxonomy Summary of Challenges Process Model

Contact Information Sergio Caltagirone

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.