Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.thalesgroup.com CybAIRVision® International Cyber Warfare & Security Conference, 27 November 2014, Ankara Cécilia Aguero.

Similar presentations


Presentation on theme: "Www.thalesgroup.com CybAIRVision® International Cyber Warfare & Security Conference, 27 November 2014, Ankara Cécilia Aguero."— Presentation transcript:

1 CybAIRVision® International Cyber Warfare & Security Conference, 27 November 2014, Ankara Cécilia Aguero

2 2 / CYBERSECURITY? CYBERDEFENSE? DCW? OCW? CybAIRVision®

3 3 / Terms & Concepts 1. Cyber-Security: Status expected for an information system allowing it to withstand events from cyberspace that may compromise the availability, integrity or confidentiality of data stored, processed or transmitted and related services that these systems offer or make accessible. Cyber ​​ security involves technical security of information systems and is based on the fight against cybercrime and the establishment of a cyber defense. 2. Cyber-defense: All technical and non-technical measures allowing a country to defend cyberspace information systems deemed essential. 3. DCW and OCW: With defensive cyber-war (DCW) and offensive cyber-war (OCW), cyber helps defend and attack computers and networks of computers that control a country. 4. The National Institute of Standards and Technology (NIST): NIST is a US Department of Commerce agency, charged of norms & standards. The NIST « cyber » framework is, since June 2014, the common Thales Group Cyber Security framework.

4 4 / Cyber & CybAIR® : 2 complementary approaches The CYBER expert checks information FLOW (ipSec policies, interruption, leaks,…) The CYBAIR® expert analyzes information consistency (multi source comparison) IT- Centric AND Domain-Specific/Behavior analysis provides additional protection It allows also the detection of dysfonctions. The CYBER expert are IT Centric e.g. checks known malware The CYBAIR® expert checks abnormal system behaviour “Antivirus is dead” said Brian DYE, Symantec SVP, the 6 th of May 2014

5 5 / Model-based anomaly detection for integrity monitoring  Models capture information related to what is possible / not possible, what is normal / abnormal regarding objects involved in air operations  TRS has deep knowledge about typical behavior of the following objects: Human activities Roles, working hours, activities Data production cycle Voice communication calls Terrain, Sea, Sun environment Effects on detection Airspace and traffic Structure Aircraft presence/areas, traffic flows ATC data links Voice communication VoIP protocols Aircraft Performance Radars Coverage Data flow EW (jamming, spoofing) Operations Mission plan, progress Computing Operational processes, data flows Loads Communications Bandwith, latency Topology

6 6 / BUSINESS ALTERATIONS ? CybAIRVision®

7 7 / Business Alterations Examples (1/2) Alterations by buffer cloning  Remanence effect:  copying all blocks of a radar detection to the following  The radar tracker will create new "ghost" tracks depending on the type of cloned plots  Camera effect:  replace the actual flow by an older one, previously recorded  DoS (denial of service): 500 cloned plots

8 8 / Business Alterations Examples (2/2) Alterations by message generation  Claim / Signature: 2D plot line => message in 3D  Zone transposition : real "Red" area, destination "green" area

9 9 / OFFER OVERVIEW CybAIRVision®

10 10 / CybAIRVision® Suite

11 11 / CybAIR Radbox : the radar security solution  Real-time sensor that analyzes the information provided by radars to detect possible intrusions affecting the detection  Alerts the user upon occurrence of an abnormal behavior and their operational consequences and provide decision aids  Includes forensics and post-analysis features  Designed and prototyped HMI with the users 40-year of Air Defense experience embedded in the CybAIR Radbox

12 12 / CybAIR® Radbox : Use cases Secure the radar side interfaces : New radars Secure the radar side interfaces : Legacy radars 2 2 Secure the radar side interfaces : Tactical radars 3 3 Connect a military radar to a civilian ATM center 4 4 Connect a radar with multiple clients 5 5 Add an operational supervision feature 6 6 Add CybAIR detection with CybAIR agents

13 13 / CybAIR® Multilink : Principles C-Box CybAIR Box optimized for center specificities :  communication services : idem R-Box  common services : idem R-Box  technical & operational supervision :  box HW & SW status,  multi-radars data flow quality, center coverage, record & replay  CybAIR detection :  “AIR Operation” specific business probes  real time events correlation engine Common Services Military Radars Com Services ATC CybAIR Military C² CybAIR Flow CybAIR Analyze

14 14 / CybAIR® Multi-Link : Use cases Secure the center side interfaces : Legacy radars 1 1 Secure the center side interfaces : New radars 2 2 Secure center to center interfaces 3 3 Connect a military center to a civilian ATM center 4 4 Connect a center with multiple clients 5 5 Add an operational supervision feature 6 6 Add CybAIR detection with CybAIR agents

15 15 / CybAIR® Picture : Principles P-Box Analyzer optimized for National specificities :  communication services : Spying HMI inputs NVG standard / Web portal  CybAIR Picture :  Up to 6D Awareness (5 battlefields + temporal dimension)  Real time data confidence analysis  Real time data inconsistencies analysis HMI NVG Flow CybAIR Picture National Centre or NATO National or NATO COP Army Navy AIR / IAMD Space Cyber

16 16 / CybAIR® Picture : Use cases Situation & threats awareness from NATO ACCS Web Portal Interface 1 1 Situation & threats awareness from NATO ACCS (Awcies) Interface 2 2 Situation & threats awareness from NATO NCOP (NVG) Interface 3 3 Situation & threats awareness from JRE Interface 4 4 Situation & threats awareness from SESAR SWIM Interface JRE 5 5 SWIM Army Navy AIR / IAMD Space Cyber

17 17 / CybAIR® Picture : HMI Overview

18 18 / CybAIR® Picture : Focus on SupAIRVision

19 Thank You for your attention


Download ppt "Www.thalesgroup.com CybAIRVision® International Cyber Warfare & Security Conference, 27 November 2014, Ankara Cécilia Aguero."

Similar presentations


Ads by Google