CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 SEI is sponsored by the U.S. Department of Defense ©

Slides:



Advertisements
Similar presentations
Carnegie Mellon University Software Engineering Institute CERT® Knowledgebase Copyright © 1997 Carnegie Mellon University VU#14202 UNIX rlogin with stack.
Advertisements

OCTAVESM Process 4 Create Threat Profiles
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Sponsored by the U.S. Department of Defense © 2004 by Carnegie Mellon University page 1 Pittsburgh, PA Integrating Domain Specific Modeling.
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1998 by Carnegie Mellon.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2001 by Carnegie Mellon.
Sponsored by the U.S. Department of Defense © 2007 by Carnegie Mellon University 1 Pittsburgh, PA The Duties, Skills, and Knowledge of Software.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
© 2001 by Carnegie Mellon University PPA-1 OCTAVE SM : Participants Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
Copyright © 1997 Carnegie Mellon University Introduction to the Personal Software Process - Lecture 1 1 Introduction to the Personal Software Process Lecture.
© Carnegie Mellon University The CERT Insider Threat Center.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
Insurability of Cyber Risk: An Empirical Analysis
1  Carnegie Mellon University System Security and U. Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
Recognizing Attacks1. 2 Recognition Stances Recognizing Attacks3 Leading Questions Is it a real break-in? Was any damage really done? Is protecting evidence.
Pittsburgh, PA Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense.
1 Incident Analysis. 2 Why Incident Analysis? Bad Guys! Threats growing Vulnerabilities Increasing Internet now part of the social fabric Impact of major.
The Survivable Network Analysis Project: Project Introduction Nancy R. Mead CERT/Coordination Center Software Engineering Institute Carnegie Mellon University.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
© 2003 by Carnegie Mellon University page 1 Information Security Risk Evaluation for Colleges and Universities Carol Woody Senior Technical Staff Software.
1 Security Risk Analysis of Computer Networks: Techniques and Challenges Anoop Singhal Computer Security Division National Institute of Standards and Technology.
1 The planned use of DDI 3.0 within a German Research Data Center IASSIST, Session “Tools and Implementations of DDI 3.0”, May 27, 2009 Dana Müller.
A First Course in Information Security
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
© 2007 Carnegie Mellon University Secure Coding Initiative Jason A. Rafail Monday, May 14 th, 2007.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
1  Carnegie Mellon University Protecting Information Infrastructures Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh,
Introduction to Computer Ethics
Risk Management for Technology Projects Geography 463 : GIS Workshop May
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
Larry Clinton Operations Officer Internet Security Alliance
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
E-RA E-Authentication Risk and Requirements Assessment Mark Liegey USDA/National Finance Center “Getting to Green with E-Authentication” February 3, 2004.
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
CSCI 6231 – Final Lecture Additional Resources and Topics.
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Author Software Engineering Institute
Accessing News Video Libraries through Dynamic Information Extraction, Summarization, and Visualization Mike Christel Carnegie Mellon University, USA June.
Sponsored by the U.S. Department of Defense © 2008 by Carnegie Mellon University page 1 Pittsburgh, PA The Implications of a Single Mobile Computing.
Carnegie Mellon Software Engineering Institute © 2006 by Carnegie Mellon University Software Process Performance Measures James Over Software Engineering.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
A RESEARCH SUPPORT SYSTEM FRAMEWORK FOR WEB DATA MINING Jin Xu, Yingping Huang, Gregory Madey Department of Computer Science and Engineering University.
Pittsburgh, PA CMMI Acquisition Module - Page M5-1 CMMI ® Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University This.
Carnegie Mellon University Software Engineering Institute Lecture 4 The Survivable Network Analysis Method: Evaluating Survivability of Critical Systems.
1 /13 Risk Management What is Risk ?. 2 /13 Risk Management What is Risk ? Risk is the possibility of suffering loss. (Carnegie Mellon SEI definition)
1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.
Certification: CMMI Emerson Murphy-Hill. Capability Maturity Model Integration (CMMI) Creation of the Software Engineering Institute (SEI) at Carnegie.
S7-1 © 2001 Carnegie Mellon University OCTAVE SM Process 7 Conduct Risk Analysis Software Engineering Institute Carnegie Mellon University Pittsburgh,
Secure Software Workforce Development Panel Session
Building Global CSIRT Capabilities Barbara Laswell, Ph. D
Computer Security Incidents
Michael Spiegel, Esq Timothy Shimeall, Ph.D.
CERT Secure Coding OWASP Education Nishi Kumar Computer based training
Risk Management for Technology Projects
Process Maturity Profile
Secure Coding Initiative
Metrics-Focused Analysis of Network Flow Data
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
Computer Security Incidents
About Thetus Thetus develops knowledge discovery and modeling infrastructure software for customers who: Have high value data that does not neatly fit.
Presentation transcript:

CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon University :8-1 Models of Information Security Analysis

© 2002 by Carnegie Mellon University Model - 2 Outline Definitions Analysis framework Cautionary factors Sample analysis

© 2002 by Carnegie Mellon University Model - 3 Definitions Trend: 1.to extend in a general direction: follow a general course or veer in a new direction 2.to show a tendency for example, to incline or trend upwards or to become deflected or shift Trend analysis: search for patterns over time in order to identify the ways in which they change and develop, veer in new directions, or shift Incident - Any event that harms security at one or more sites

© 2002 by Carnegie Mellon University Model - 4 Analysis Framework Types of trends Sources of data Interpretation of results

© 2002 by Carnegie Mellon University Model - 5 Types of Trends Internal and External patterns Temporal trends Spatial trends Associational trends Compound trends

© 2002 by Carnegie Mellon University Model - 6 Sources of Data CERT/CC Data Year ,756 Incidents reported to CERT/CC Year 2001 (Q1) - 7, 457 Incidents reported to CERT/CC Profiled 1654 incidents, all active during July Feb 2001 (plus some preliminary June data) Open Source Data: Web page defacement mirrors Lexus/Nexus Full disclosure sites Social data

© 2002 by Carnegie Mellon University Model - 7 Limits of Trending Inherently partial data Baseline in dynamic environment Correlation vs. Causation Implications Need to be cautious in kinds of conclusions Consider strategies for dealing with trends gone wrong

© 2002 by Carnegie Mellon University Model - 8 Internal Pattern: Staged Attack 1 2 3

© 2002 by Carnegie Mellon University Model - 9 External Pattern: Tool Development Intruder 1 Intruder 2 Analysts

© 2002 by Carnegie Mellon University Model - 10 Temporal Trend Defenders Intruders

© 2002 by Carnegie Mellon University Model - 11 Vulnerabilities in Incidents

© 2002 by Carnegie Mellon University Model - 12 Service Shifts

© 2002 by Carnegie Mellon University Model - 13 Analysis Process Incident Information Flow Identify Profiles and Categories Isolate Variables Identify Data Sources Establish Relevancy Identify Gaps

© 2002 by Carnegie Mellon University Model - 14 Conclusions Typifying trends simplifies interpretation Clarification of goals Identification of relative importance of characteristics Understanding cyber security is growing in importance

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.