Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Mission Area Overview

Published bySabina Lane Modified over 7 years ago

Similar presentations

Presentation on theme: "Cyber Security Mission Area Overview"— Presentation transcript:

1 Cyber Security Mission Area Overview
John D. Wilkinson 18 November 2014 This work was sponsored by the Department of the Air Force under Air Force Contract FA C-0002.  Opinions, interpretations, conclusions, and recommendations are those of the author and are not necessarily endorsed by the United States Government.

2 The Importance of Cyber
“We will continue to invest in the capabilities critical to future success, including intelligence, surveillance, and reconnaissance; counter terrorism; countering weapons of mass destruction; operating in anti- access environments; and prevailing in all domains, including cyber” (President Obama, Jan 2012) “Cyber warfare capabilities: we are increasing that part of the budget significantly … There is no higher priority for our country than this issue.” (Defense Secretary Hagel, May 2013) This material comes directly off the web: Obama text: Defense AT&L Magazine, Jan/Feb 2014, Page 16. See Hegel text and picture:

3 Definition of Cyberspace
Cyberspace is a global domain within the information environment consisting of the interdependent network of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.* Cyberspace is a man-made domain This is from DoD Joint Publication 1-02 * Joint Publication 1-02, Amended 11/15/13

4 Cyber: The Problem Release review notes:
This picture comes from ASD(R&E). It’s in a slide deck authored by Dr Steven King. We have the whole deck. This is slide 2. This deck is approved Statement A, and the talk was given at the NDIA Disruptive Technologies Conference on 11/8/2011 It’s on the web at:

5 Cyber: The Solution Release review notes:
This picture comes from ASD(R&E). It’s in a slide deck authored by Dr Steven King. We have the whole deck. This is slide 3. This deck is approved Statement A, and the talk was given at the NDIA Disruptive Technologies Conference on 11/8/2011 It’s on the web at:

6 One View of the Threat Cover page and Figure ES.1 “Cyber Threat Taxonomy” from DoD Defense Science Board Task Force Report Resilient Military Systems and the Advanced Cyber Threat January 2013 Unclassified and approved for public release. Report is available on the DSB web site:

7 Exploits and Attacks Becoming Sophisticated
These are just two pictures from the web. They are cover sheets of reports also available on the web:

8 Key Lincoln Cyber Roles
System thinking and architecture engineering Independent, objective, expert advice to the Government Quantitative, repeatable measurement and evaluation Rapid capability development and technology transition Conduit to/from MIT campus Release review notes: This text is mainly a bulletized version of the information that in the first paragraph of the 2011 Annual Report, page 32 combined with some basic information about the Lab.

9 Lincoln’s Cyber Security Mission Area
Understanding the Cyber/Kinetic Overlap Cyber Situational Awareness and Command & Control Cyber Range Development and Testing System Exploitation Resilient Architectures and Systems Cyber Assessment & Quantification Release review notes: Kill chain picture comes from CNW2012 Cyber System Assessments poster, MS-65361A (approved Statement A) Black/orange/blue graph comes from on-campus overview slides (approved Statement A; JA_GEN_1219H Slide 13) Picture of guys in the lab comes from on-campus overview slides (approved Statement A; JA_GEN_1219H Slide 13) Picture of system exploitation comes from CNW2012 Cyber System Assessments poster, MS-65361A (approved Statement A) Trio of pictures of resilience architectures/systems comes from CNW2012 Cyber System and Technology poster, MS-65140A (approved Statement A) Green/orange graphs comes from CNW2011 Critical Control Metrics poster, MS (approved Statement A)

10 Cyber Moving Target Techniques
What can be “moved” in a cyber moving target? A broad range of techniques are proposed for moving target Lincoln’s Prototype: TALENT Dynamic Run-time Environments Dynamic Networks Dynamic Platforms Dynamic Software Dynamic Data Release review notes: Entire slide comes from slide 5 of “Moving Target Cyber Defense Techniques”, MS-51479A (approved Statement A) Change network properties and configurations (e.g. IP addresses and port numbers) Change platform properties (e.g. CPU or operating system) Change the environment during execution (e.g. memory randomization) Change application code (e.g. create different variations of binary during compilation) Change data format or representation (e.g. data syntax)

11 Cyber Kill Chain Disrupted
Moving Target Domain Cyber Kill Chain Network Platform Runtime Software Data Recon Access Devel Launch Persist Adapted from: “Finding Focus in the Blur of Moving Target Techniques” Hamed Okhravi, Thomas Hobson, David Bigelow, and William Streilein IEEE Security & Privacy, March/April 2014, p. 25

12 Dynamically Composable Platforms
Approach Experimental Results Release review notes: Left-hand figure and bottom text from Slide 7 of “Moving Target Cyber Defense Techniques”, MS-51479A (approved Statement A) Right-hand figure from Slide 14 of “Moving Target Cyber Defense Techniques”, MS-51479A (approved Statement A) Control plane analyzes survivability and security in real-time and dynamically composes a platform from heterogeneous components

13 Cyber Range Model Release review notes:
Picture comes from CNW2012 Cyber System Assessments poster, MS-65361A (approved Statement A)

14 Lincoln Adaptable Real-Time Information Assurance Test-bed (LARIAT)
Virtual users exercise real applications and hardware High-fidelity, highly scalable generation of host and network activity Release review notes: Upper left picture and upper left text comes from CNW2011 Cyber Systems, Technology and Assessments poster, MS-49699B (approved Statement A) Lower picture comes from on-campus overview slides (approved Statement A; JA_GEN_1219H Slide 13)

15 National Cyber Range Support
Release review notes: Picture comes from CNW2012 Cyber System Assessments poster, MS-65361A (approved Statement A) LARIAT deployed at many Joint IO Range nodes 15

16 Lincoln Research Network Operations Center
Environment for Lincoln cyber researchers to access real-time cyber data feeds Research programs that have used LRNOC data Streaming analytics Spear phishing Network mission assessment Lincoln cyber situational awareness Release review notes: Picture comes from 2012 Annual Report Text comes from CNW2011 Lincoln Research Network Operations Center poster, MS (approved Statement A)

17 Examples of Cyber Outreach
Cyber and Netcentric Workshop (JAC Seminar) Naval War College Course, War Games Cyber Capture the Flag Contest at MIT Cyber Patriot Competition Release review notes: This is all administrative information Boston-Based Advanced Cyber Security Center Beaver Works IEEE Symposium on Security and Privacy

18 Concluding Thoughts Important cyber challenges face the DoD
Lincoln is engaged through its traditional FFRDC roles System analysis and architecture engineering Multi-mission expertise (kinetic and cyber) Technology and system prototype development Quantitative test and evaluation Technology transfer Release review notes: This is all administrative information, but like slide 5 is mainly a bulletized version of the information that in the first paragraph of the 2011 Annual Report, page 32 combined with some basic information about the Lab.

Download ppt "Cyber Security Mission Area Overview"

Similar presentations

ERS Overview 5/15/12 | Page-1 Distribution Statement A – Cleared for public release by OSR, SR Case #s 12-S-0258, 0817, 1003, and 1854 apply. Affordable,

ERS Overview 5/15/12 | Page-1 Distribution Statement A – Cleared for public release by OSR, SR Case #s 12-S-0258, 0817, 1003, and 1854 apply. Affordable,
Sensors and location technologies – the front end of ISR

Sensors and location technologies – the front end of ISR
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
International CyberSecurity Collaboration: The Technical Cooperation Program Approved for public release; distribution is unlimited. 09 March 2010 Joshua.

International CyberSecurity Collaboration: The Technical Cooperation Program Approved for public release; distribution is unlimited. 09 March 2010 Joshua.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA 15213-3890 Dennis Smith, David Carney and Ed Morris DEAS.

Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA Dennis Smith, David Carney and Ed Morris DEAS.
Brian Connett, LCDR, USN US NAVAL ACADEMY

Brian Connett, LCDR, USN US NAVAL ACADEMY
CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.

CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.

INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.
Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.

Distribution Statement A: Approved for Public Release; Distribution is unlimited. 1 Electronic Warfare Information Operations 29 MAR 2011 Val O’Brien.
South Carolina Cyber.

South Carolina Cyber.
By Raymond Greenlaw United States Naval Academy, Annapolis, Maryland Chiang Mai University, Chiang Mai, Thailand Ray gratefully acknowledges partial support.

By Raymond Greenlaw United States Naval Academy, Annapolis, Maryland Chiang Mai University, Chiang Mai, Thailand Ray gratefully acknowledges partial support.
Systems Engineering in a System of Systems Context

Systems Engineering in a System of Systems Context
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
Copyright © 1998 Wanda Kunkle Computer Organization 1 Chapter 2.1 Introduction.

Copyright © 1998 Wanda Kunkle Computer Organization 1 Chapter 2.1 Introduction.
© 2013 The MITRE Corporation. All rights reserved. Systems Engineering: MITRE & SERC Dr. J. Providakes Director, SE Tech Center “The SERC-MITRE Doctoral.

© 2013 The MITRE Corporation. All rights reserved. Systems Engineering: MITRE & SERC Dr. J. Providakes Director, SE Tech Center “The SERC-MITRE Doctoral.
1 Information System Security Assurance Architecture A Proposed IEEE Standard for Managing Enterprise Risk February 7, 2005 Dr. Ron Ross Computer Security.

1 Information System Security Assurance Architecture A Proposed IEEE Standard for Managing Enterprise Risk February 7, 2005 Dr. Ron Ross Computer Security.
CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.

CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.
999999-1 XYZ 10/2/2015 MIT Lincoln Laboratory Sidecar Network Adapters: Open Architecture for ISR Data Sources Craig McNally, Larry Barbieri, Charles Yee.

XYZ 10/2/2015 MIT Lincoln Laboratory Sidecar Network Adapters: Open Architecture for ISR Data Sources Craig McNally, Larry Barbieri, Charles Yee.

Similar presentations

Ads by Google