Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory.

Published byImogen Randall Modified over 9 years ago

Similar presentations

Presentation on theme: "The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory."— Presentation transcript:

1 The Response Continuum Sergio Caltagirone (scaltagi@acm.org) University of Idaho Deborah Frincke (deb.frincke@pnl.gov) Pacific Northwest National Laboratory

2 Previous Responses… Clifford Stoll v. German Hackers (1986) C. Stoll, “Stalking the Wiley Hacker” in Communications of the ACM, vol 31, 1998, pp. 484-497. DoD v. Electronic Disturbance Theater (1998) http://archives.cnn.com/2000/TECH/computing/04/07/self-defense.idg/ Conxion v. E-Hippies (2000) http://www.nwfusion.com/research/2000/0529feat2.html FBI v. Russian Hackers (2001) a.k.a. ‘Invita’ Case http://www.wired.com/news/politics/0,1283,47650,00.htm

3 Where Is Everybody?

4 Primary focus to reduce system vulnerability and/or accurately/rapidly detect misuse Difficult to experiment with extreme or novel forms of response Folded in as part of detection Response == Advocacy of Vigilantism No reason to study response since detection cannot be done reliably

5 Where We’re At…

6 Where We Want To Be…

7 Goals Develop a framework to discuss response actions –Definition –Taxonomy –Summary of Challenges –Response Process Model

8 Elements of a Definition Time-bound –Subjective Purposeful –Not for retribution or revenge, but to return to a previous secure state Limited –Threat mitigation not elimination Controllable and Deliberate Sequence of Actions Technologically Independent

9 A Definition: Active Response Any action sequence deliberately performed by an individual or organization between the time an attack is detected and the time it is determined to be finished, in an automated or non-automated fashion, in order to mitigate the identified threat’s negative effects upon a particular asset set. Active does not modify response, but rather describes the state of the attack

10 Taxonomy of Responses 8 Types –No Action –Internal Notification –Internal Response –External Cooperative Response –Non-cooperative Intelligence Gathering –Non-cooperative ‘Cease and Desist’ –Counter-Strike (Direct vs. Passive) –Preemptive Defense

11 Challenges of Active Response Legal –Civil, Criminal, Domestic, International Ethical –Teleological, Deontological Technical –Traceback, Reliable IDS, Confidence Value, Real Time Risk Analysis –Measure ethical, legal risk effectively? Unintended Consequences –Attacker Action, Collateral Damage, Own Resources

12 Response Process Model

13 Future Work Increased Public Discussion Competitive Co-Evolution to Determine New Strategies Continue to Develop Response Models Increased Research in Response Technologies and Approaches

14 Conclusions A Need for Response –More Discussion –Greater Understanding A Definition Taxonomy Summary of Challenges Process Model

15 Contact Information Sergio Caltagirone serg@activeresponse.org http://www.activeresponse.org

Download ppt "The Response Continuum Sergio Caltagirone University of Idaho Deborah Frincke Pacific Northwest National Laboratory."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Engineering Secure Software. Does Security Even Matter?  At your table, introduce yourselves: Your name, degree, & app domain What is your favorite software.

Engineering Secure Software. Does Security Even Matter?  At your table, introduce yourselves: Your name, degree, & app domain What is your favorite software.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.

1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
1 CHAPTER 1 POLITICS. 2 Definitions Of The Word Hacker Hacker – someone who has achieved some level of expertise with a computer Hacker – someone who.

1 CHAPTER 1 POLITICS. 2 Definitions Of The Word Hacker Hacker – someone who has achieved some level of expertise with a computer Hacker – someone who.
FIGHT AGAINST CORRUPTION: THE LITHUANIAN WAY. CONTENTS Factors Decision Challenges Dilemmas Priorities.

FIGHT AGAINST CORRUPTION: THE LITHUANIAN WAY. CONTENTS Factors Decision Challenges Dilemmas Priorities.
Introducing Computer and Network Security

Introducing Computer and Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
“ACTIVE DEFENSE”AGORA: 7-8 June, 2001 AGENDA General comments / background Point-of-departure definitions Discussion.

“ACTIVE DEFENSE”AGORA: 7-8 June, 2001 AGENDA General comments / background Point-of-departure definitions Discussion.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Ethical issues in psychology Focus on the important questions: Why are ethics important? What are the issues? What is and isn’t acceptable? How should.

Ethical issues in psychology Focus on the important questions: Why are ethics important? What are the issues? What is and isn’t acceptable? How should.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Active Defense Team BAM! Scott Amack, Everett Bloch, and Maxine Major.

Active Defense Team BAM! Scott Amack, Everett Bloch, and Maxine Major.

Similar presentations

Ads by Google