Download presentation
Presentation is loading. Please wait.
Published byNeal Curtis Modified over 9 years ago
1
Cybersecurity Research Challenges Cybersecurity Summit, Crystal City, VA May 8, 2008 Jeannette M. Wing Assistant Director Computer and Information Science and Engineering Directorate National Science Foundation and President’s Professor of Computer Science Carnegie Mellon University
2
2CybersecurityJeannette M. Wing Outline The Setting: Then and Now What’s Missing –Long-term outlook –Big picture –5 new research areas
3
3CybersecurityJeannette M. Wing The Setting: Then and Now We are at risk. Increasingly, America depends on computers. They control power delivery, communications, aviation, and financial services. They are used to store vital information, from medical records to business plans to criminal records. Although we trust them, they are vulnerable—to the effects of poor design and insufficient quality control, to accident, and perhaps most alarmingly, to deliberate attack. The modern thief can steal more with a computer than with a gun. Tomorrow’s terrorist may be able to do more damage with a keyboard than with a bomb. 1991 Computers at Risk, National Academies CSTB Study, p. 7. 1999 Trust in Cyberspace, CSTB Study. 2007 Improving Cybersecurity for the 21 st Century, CSTB Study. ubiquity networked systems 88 everywhere, everyone, all the time, embedded, invisible, visible, mobile, wearable, handheld, remote, peta, tera, giga, mini, micro, nano, good guys, bad guys 2001 September 11
4
4CybersecurityJeannette M. Wing Credit: NCO/NITRD Credit: U.S. Department of Homeland Security Credit: NCO/NITRD
5
5CybersecurityJeannette M. Wing What’s Missing in Our Thinking Be proactive, not reactive. –We are using yesterday’s solutions to address today’s threats. –We should be ready today for tomorrow’s threats. –We are not. Anticipate the future. –Long-term outlook –Big picture view –Foundational research
6
6CybersecurityJeannette M. Wing Long-Term Outlook: Who and Why Threats –Today: hackers, criminals –Tomorrow: organized crime, terrorists, nation-state, enemy state Motivation –Today: fame, money –Tomorrow: power, control Attacks –Use cyberattack as an amplifier of a physical attack Cyberspace is an enabler –Attack the Internet More likely as we put more key functionality on-line –Use cyberspace to hide Today (2008)
7
7CybersecurityJeannette M. Wing Long-Term Outlook: How Today: code-level vulnerabilities –Flaws in the code Tomorrow: component-level vulnerabilities –Flaws in the design module, system, application, service, … aka interface mismatch, composition flaws, feature interaction, … Simple examples of design-level flaws - Netscape browser and Domain Name Server spoofing attack, Princeton [DFW96] - Google Desktop Search and Java applets, Rice [NFW04] - Microsoft Outlook and IE settings, Microsoft Research and Carnegie Mellon [PW05]
8
8CybersecurityJeannette M. Wing Big Picture: It’s not just security Trustworthy systems –Security –Reliability –Privacy –Usability High Confidence Systems Cyber Security and Information Assurance Holistic view Technical: The whole stack hardware program prog. lang. O/S compiler system arch. application service Non-Technical Psychology and human behavior - Usable security- Social engineering attacks- Privacy - Insider threat- Attacker’s motivation Economics, risk management, law, politics people
9
9CybersecurityJeannette M. Wing Credit: NCO/NITRD
10
10CybersecurityJeannette M. Wing What’s Missing? 1.Foundations 4. Privacy 3. Metrics 2. Software security 2. Composability 5. Usability Credit: NCO/NITRD
11
11CybersecurityJeannette M. Wing 1. Foundations New models, logics, and theories for analyzing and reasoning about –Security –Reliability –Privacy –Usability Crypto for quantum
12
12CybersecurityJeannette M. Wing Foundations: Security Models Spread of Code Red Worm 2001 Where’s the perimeter? What do you try to protect? Today: “Security Without Borders”Yesterday: Security Perimeter - Bell-LaPadula model, Orange Book - Lampson’s access rights matrix - Secure O/S kernel Egeskov Slot, Denmark (1554) drawbridge moat
13
13CybersecurityJeannette M. Wing Foundations: Logics for Reasoning About Privacy This privacy statement goes on for seven screenfuls! Do you read these? What are they saying? Can you trust them? Credit: Microsoft
14
14CybersecurityJeannette M. Wing Foundations: Cryptography Quantum/traditional cryptography immune to quantum-based attacks –Traditional cryptography based on RSA is breakable by Shor’s quantum algorithm Credit: Oxford University
15
15CybersecurityJeannette M. Wing 2. Security Architectures What we have –Point solutions to point problems, e.g., Code-level solutions buffer overruns Firewalls for intrusion detection What we need –Integration of solutions Up and down the vertical stack, from hardware to appl’ns. At each layer, e.g., routers and links at the network layer – Compositionality of components and services
16
16CybersecurityJeannette M. Wing Component A Local Security Policy (SP A ) Composition of Components and of Security Policies Global Security Policy (GSP) Component B Local Security Policy (SP B ) || Consider the composition A || B: A || B GSP A || B SP A and A || B SP B ? ?? Consider more simply, SP A SP B : SP A SP B GSP SP A SP B SP A and SP A SP B SP B ?? ?
17
17CybersecurityJeannette M. Wing Google Desktop Search Google Desktop Search results www.google.com www.google.com results Credit: Google
18
18CybersecurityJeannette M. Wing Netscape and Domain Name Server browser DNS server Give me an IP address for user.foo.com Here is one: 1.2.3.4 user.foo.com [1.2.3.4, 1.2.3.5, 1.2.3.6] user.bar.com [1.2.3.5, 1.2.3.7] Names to IP addresses mapping
19
19CybersecurityJeannette M. Wing 3. Security Metrics Computing Research Associates Grand Challenges on Trustworthy Computing, November 16-18, 2003 http://www.cra.org/grand.challenges http://www.cra.org/grand.challenges Challenge #3: Within 10 years, develop quantitative information-systems risk management that is at least as good as quantitative financial risk management.
20
20CybersecurityJeannette M. Wing Measuring the Relative Attack Surface 2. Windows w/IIS enabled is only slightly worse for Windows Server 2003, in contrast to its predecessors. 1. Windows Server 2003 is “more secure” than previous versions. 3. Windows in “lockdown” mode for NT4.0 and 2000 are each more secure than raw mode. Windows NT 4Windows 2000Windows Server 2003 RASQRASQ with IIS enabledRASQ with IIS Lockdown 0 100 200 300 400 500 600 700
21
21CybersecurityJeannette M. Wing Attack Surface The attack surface of a system is the ways in which an adversary can enter the system and potentially cause damage. Reduce the attack surface Increase system’s security system surface 1. Methods 2. Channels 3. Data Attacks Entry/Exit Points
22
22CybersecurityJeannette M. Wing 4. Privacy Today: Threats to citizens’ privacy in many sectors of daily life –Health, financial, e-commerce, social networks, e-voting Fundamental challenge: Once someone learns a secret about you, you cannot take away that knowledge –Different from security (e.g., revoking access to a file, changing a lock on a door)
23
23CybersecurityJeannette M. Wing Privacy: A Few Questions to Ponder 1.What does privacy mean? 2.How do you state a privacy policy? How can you prove your system satisfies it? 3.How do you reason about privacy? How do you resolve conflicts among different privacy policies? 4.Are there things that are impossible to achieve wrt some definition of privacy? 5.How do you implement practical mechanisms to enforce different privacy policies? As they change over time? 6.How do you measure privacy? (Is that a meaningful question?)
24
24CybersecurityJeannette M. Wing Privacy and Confidentiality What other privacy policies does the database enforce? Doctor Billing bill X-ray Patient Database Only the doctor may see the X-ray privacy policy
25
25CybersecurityJeannette M. Wing Privacy and Software Analysis extraction tool application code policy
26
26CybersecurityJeannette M. Wing 5. Usability The user is the weakest link in security. Challenges –Striking a balance between control and convenience –Users are human. Targets of social engineering attacks Sources of insider threats
27
27CybersecurityJeannette M. Wing Usable Security (IE) Clicking Your Way Through Security
28
28CybersecurityJeannette M. Wing Usable Privacy (Firefox) Clicking Your Way Through Privacy
29
29CybersecurityJeannette M. Wing Summary of Research Challenges New research foci 1.Theoretical foundations: models, logics, crypto 2.Software architecture 3.Metrics 4.Privacy 5.Usability Enhanced investments in existing research foci: 1.Software security engineering 2.Networking 3.Testbeds
30
30CybersecurityJeannette M. Wing Summary of What’s Missing Anticipate tomorrow’s threat. Take a broad view. –Long-term –Holistic Research –Basic research in new areas –Enhanced investments in existing areas Education
31
31CybersecurityJeannette M. Wing Global Competitiveness Cyber Security Information Assurance Science and Engineering
32
32CybersecurityJeannette M. Wing Cyber Security: The US Leads. Asia –Korea Institute of Information Security and Cryptography (KIISC), est. 1990; now 2000 members, 80 agencies and institutes –Singapore in 2005 announces $24M for 3 years –Taiwan’s annual spending is $7M Taiwan Institute Security Center (TWISC) founded August 2005; now 20 professors, 30 graduate students –CyLab/Korea, CyLab/Japan (MS program), CyLab/Singapore (CERT) Europe –Germany on August 18, 2006 announces Europe’s first Cybersecurity Plan –CyLab/Greece (MS program) Middle East –CyLab/Qatar (CERT), $25M
33
33CybersecurityJeannette M. Wing Information Assurance: Europe Leads in Some Areas Europe invests more than the US in –High-Confidence Systems (see Insup Lee’s talk) –Programming Language Theory –Formal Methods
34
34CybersecurityJeannette M. Wing Science and Engineering: Who to Watch China –China has the will, the hunger, the power, the people, the smarts They want a home-grown Nobel Prize winner, Fields Medalist, and/or Turing Award winner within 10 years C.N. Yang Shing-Tung Yau Andrew Yao US still leads in research know-how: quality, integrity, long-term view But maybe not in 10 years Cyber security: SHA-1 broken by three Chinese (two from Shandong University)
35
35CybersecurityJeannette M. Wing Funding
36
36CybersecurityJeannette M. Wing ACI Thank you!
37
37CybersecurityJeannette M. Wing Cyber Security NSF funds nearly 100% of the basic research in cybersecurity. –DARPA: classified –NSA: classified –HS-ARPA: a disappointment –NIST: Security metrics?
38
38CybersecurityJeannette M. Wing Computer Science NSF funds 86% of all university research in computer science. We need to add more diversity in funding models and funding styles to basic research in cyber security (and computer science more generally) –Long-term –Sustained –High-risk –Teams, especially interdisciplinary –Large systems –“Old”-DARPA style, NSF center-sized grants
39
39CybersecurityJeannette M. Wing Two Suggestions for Diversifying the Portfolio 1.Look to NIH for basic and applied research in CS –Intellectual argument makes sense Medicine, healthcare, biology need fundamental advances in CS to carry their out their own visions for the future. It’s not just massive data crunching, it’s fundamental algorithms and data structures. –Applicable to cybertrust too, e.g., privacy, genomic databases 2.Look to DOE for basic, not just applied research in CS –Algorithms: France (INRIA) in 1992 produced the best mesh generator TetMesh-GHS3D, http://www.simulog.fr/mesh/gener2b.htmhttp://www.simulog.fr/mesh/gener2b.htm Now used at Sandia, Livermore Software Technology, … –Software: getting the code right (PL), job scheduling (O/S), … –Hardware: 131,072 processors, 207.3 TFLOPS, petabyte storage systems Global competitiveness
40
40CybersecurityJeannette M. Wing Non-Technical Issues Classified versus unclassified research Foreign students Academia-Industry relations –Focus on IP –More complex regulations: tax rules, export rules, conflict of interest rules, … Education: Computational thinking will be a necessary skill for everyone to function in today’s modern society. IA G Ecosystem
41
41CybersecurityJeannette M. Wing Readings and References CSTB Studies, National Academies –Computers at Risk, 1991 –Trust in Cyberspace, 1999 –Cybersecurity Today and Tomorrow: Pay Now or Pay Later, 2002 –IT for Counterterrorism: Immediate Actions and Future Possibilities, 2003 –Improving Cybersecurity for the 21 st Century: Rationalizing the Agenda, 2007 (likely). Federal Plan for Cyber Security and Information Assurance Research and Development, NSTC IWG on CSIA, April 2006. Cyber Security: A Crisis of Prioritization, PITAC, February 2005. J.M. Wing, Computational Thinking, CACM, March 2006.
42
42CybersecurityJeannette M. Wing Security Axiom Good guys and bad guys are in a never-ending race! Trustworthy
43
Thank you.
44
44CybersecurityJeannette M. Wing Academia-Industry Relations Old Model –Go it alone –Individual work –Slow, serial –Focus on ideas –Basic research –Less focus on specific ideas –Simpler regulations –Funding sufficiency Companies had money –Indirect benefits New Model –Partnered –Joint work –Fast, parallel –Focus on IP Bayh-Dole (1985) –Applied research –More focus on specific ideas –Complex regulations Tax rules, export rules, COI –Funding challenges Research $ at program manager level –Direct benefits
45
45CybersecurityJeannette M. Wing Credits Copyrighted material used under Fair Use. If you are the copyright holder and believe your material has been used unfairly, or if you have any suggestions, feedback, or support, please contact: jsoleil@nsf.gov Except where otherwise indicated, permission is granted to copy, distribute, and/or modify all images in this document under the terms of the GNU Free Documentation license, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation license” (http://commons.wikimedia.org/wiki/Commons:GNU_Free_Documentation_License)http://commons.wikimedia.org/wiki/Commons:GNU_Free_Documentation_License
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.