Presentation is loading. Please wait.

Presentation is loading. Please wait.

Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.

Published byJuliana Olden Modified over 9 years ago

Similar presentations

Presentation on theme: "Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored."— Presentation transcript:

1 Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored by AFRL (Mr. Patrick Hurley) Demo slides for FTN Winter PI Meeting St Petersburg, Florida Januray 16-19, 2001

2 Defense Enabling: increasing resistance to malicious attacks even though the environment in which the applications run is untrustworthy Defense enabled applications have ‘defense strategies’, which are supported by ‘defense mechanisms’ coordinated via an adaptive middleware (QuO) in a systematic (as opposed to ad-hoc) manner with minimal changes in the application Example defense strategies: try to defeat the attack, try to work around the attack, try to impose a stronger barrier against future attacks etc. These strategies can be at various levels: application level, QoS/Resource Mgmt level, network/OS infrastructure level etc. Example defense mechanisms: adaptive behavior, access control, IDS, network filtering, replication management This demo presents an example defense enabled application capturing a cross-section of multiple defense mechanisms we have developed It is a 3GS approach to survivability: adaptive use multiple mechanisms including 1GS (access control), 2GS (IDS) and others (replication) The APOD Technical Approach BBN Technologies

3 Database Radar DisplayAdministrator Attacker BBN Technologies The Air Space Monitoring (ASM) Application and example attacks senses Fuses sensed data displays Observes/tunes parameters Invokes unauthorized operations destroys Attacker’s motive keep ASM from being useful Example attacker strategies (only the blue ones are in the demo): invoke methods on application objects kill key application processes/take down hosts that run them flood networks

4 Individual Defense mechanisms: Replication: a key object (database) is replicated using Proteus (developed under Quorum) dependability management mechanism Dynamic Access Control: all objects are subject to OODTE access control policy which allows only a specific set of inter-object interaction Packet Filtering: a COTS packet filtering mechanism (IPChains) is used as a representative example IDS: a COTS IDS (Tripwire) is used as a representative example Adaptive behavior includes adaptive use of most of the above. Some examples: Application level adaptation: switching to back up database when multiple hosts running database replicas are suspect Adaptive use of replication: pattern of replica crashes on a host causes moving the replica to a different host Adaptive use of IDS: running Tripwire when multiple hosts are suspect Adaptive use of access control: changing access control policies Adaptive use of packet filtering: tightening the firewall to increase security of the backup Defense Enabled ASM BBN Technologies

5 Database replica Radar DisplayAdministratorAttacker BBN Technologies tomatojackfruituglimacoun winesap simulated simulatedc simulated replication hosts Main display Proteus display Backup db host Demo Organization Because of limited number of hosts, we share the hosts among multiple processes

Download ppt "Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
FIA Prague Preparation February 6, 2008. Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.

FIA Prague Preparation February 6, Scenario planning approach We cannot predict the future We cannot predict the future We do understand the drivers.
1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall www.dist-systems.bbn.com/projects/OIT.

1 12/16/98DARPA Intrusion Detection PI Meeting BBN Technologies Toolkit for Creating Adaptable Distributed Applications Joe Loyall
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.
Autonomic Computing Shafay Shamail Malik Jahan Khan.

Autonomic Computing Shafay Shamail Malik Jahan Khan.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
OPX PI Meeting 2002 February 21 -- page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
The Socket Handoff Defense to DoS Attacks Katia Sycara, PI Overview Key Benefits of Socket Handoff Discovery Features.

The Socket Handoff Defense to DoS Attacks Katia Sycara, PI Overview Key Benefits of Socket Handoff Discovery Features.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)

Similar presentations

Ads by Google