1. 1 Vulnerability of Complex Networks Prepared for: ACS Contact: Stuart S. Wagner swagner@appcomsci.com September 20, 2012 “Only the Paranoid Survive” – Andy Grove

2. 2 Problem Statement Inadvertent misconfiguration responsible for huge percentage of IP network downtime and vulnerabilities −Think what intentional, malicious misconfiguration could do Fundamentally more powerful botnets are on the horizon Black Hat Conference regularly features the latest hacks of routers, cellular networks, middleboxes, control planes,… Network standards organizations and protocol developers don’t usually address the most pernicious attack vectors Offense is generally easier and cheaper than defense, and is getting more so as networks become more complex You can’t afford infinite resilience against all possible vulnerabilities and threats

3. 3 Challenges for Network Resilience Getting the most bang for the buck in the face of unanticipated vulnerabilities and unforeseen attacks −How do you even know when you have made a good investment? −What metric do you utilize to quantify the gain in trustworthiness and reliability for a given investment? Providing different levels of resilience for different users, organizations, and missions −When does the cost of failure out-weigh the cost of resilience? −How do assign a probability, or a cost, to an unforeseen failure or attack mode? How can we design networks to make them fundamentally less vulnerable to attack? Is this even possible?