Presentation on theme: "Cybersecurity Hard Problems Workshop(s) Summary Leonard Popyack, PhD Nov 12, 2014."— Presentation transcript:
Cybersecurity Hard Problems Workshop(s) Summary Leonard Popyack, PhD Nov 12, 2014
Two Multi-day workshops held March 2014 Cyber Security Hard Problem Workshop Invited researchers (about 50) Four focus groups Identify Challenges, Hard Problems, and Research Challenges Out briefings and Paper available (www.CyberRI.org)www.CyberRI.org July 2014 Cyber Security Hard Problem Workshop II Focus on Financial Community, Defense, Medical Devices, Healthcare Information Systems, Industrial Control and SCADA systems, more Day and half of Industry Expert presentations 101 Attended, Four focus groups, Industry Briefings, Out Briefings, Paper Available
Workshop I instructions Constrained hard problems to those that can be significantly advanced in 2-3 years Method Brainstormed lots of cross-cutting ideas Categorized them into major themes Identified domains that would be most impacted Military Gov’t Intel Finance Health Power Transport
Application Domains Defense/Military Government Intelligence Financial Healthcare Transportation Power Others… Malware, cyber attacks, botnets, etc… SCADA/ICS Cloud computing BYOD Live forensics, incident diagnosis/analysis Mobile, wireless, etc… Data breaches Patching and upgrades Big data Anonymity Unmanned systems
Group Results - 1 Cyber Physical SmartGrid Cyber Education Authentication Unappreciated modes Resilience and Restoration Data at rest and in motion Medical Defense Against Zero Days
Group Results - 2 Ways to assess trust ways to minimize trust in service provider Security under constraints (bandwidth, computation, storage, latency, etc…) Information ownership and privacy (fine-grained distinctions and controls) Hardware root of trust (an ultimate base or turtles all the way down?) Software, hardware and humans… last are probably the weakest link Technology less of a barrier than economics… but user incentives may also help
Group Results - 3 Trusted Systems Privacy Human Element Quantifying the Value of Security Detection and Deterrence Automation Insider Threat Characterizing Security Goodness Science of Cybersecurity Modeling and Simulation Ensuring Security in Remote, Proprietary and/or Unfriendly Situations
Group Results - 4 Addressing Vulnerabilities of Trust Identification of System Behavior Cyber-Physical Systems Assuring Reliable Cloud Services Vulnerability of System Maintenance Procedures Complexity of the Hardware Security Problem Due to Increasing Complexity and Density of the Devices
Workshop II Subject Area Expert talks in Cyber War 2008: Enduring Lessons from the Russian Attack on Georgia – David Smith Air Force Research Laboratory: Overview, Cyber Community of Interest, Cyber Roadmap – Mr. Duchak, Dr.Rich Linderman, Mr. Scott Shyne SCADA Cyber Security Issues-Mr. deSouza, Mr. Hoffman, JD David, R. Bearse NYS Cyber Security-Dr. Peter Bloniarz Financial Sector-BNY Mellon, Frank Perrelli Power Authority-Ms. Lena Smart SCADA Heartbleed-Mr. Chet Hosmer Certified Security by Design-Dr. Shiu-Kai Chin UAV Cyber Security-Dr. Victor Skormin Medical Devices-Dr. Steven Baker Biometrics-Dr. Stephanie Schuckers Adaptive Malware- Dr. Bulent Yener Invincible Automated Spear Phishing- Dr. Selmer Bringsjorf Health Record Security-Dr. Linh Le, Dr. S. Marcinkowski, Dr. Murry Computer Forensics-Mr. A. Martino
Workshop II – Group 1 Emerging field of medical device sensors Wireless data transfers that offer the freedom of movement Information security challenges Authenticated association between the practitioner and device Authenticated association between patient and device Secure data on the device Secure data in transit Protection of personally identifiable information (PII).
Workshop II – Group 1 Challenge Problems foundational methods must be developed for trust associations maintaining a “chain of attribution” bit for data How to temporary use of PII followed by a secure wipe, at the completion of transmission of patient data
Workshop II-Group 2 The lack of formal proofs, logical formulization, and mathematically- robust verification for the identification, verification, and measurement of a number of aspects of defense of cyberspace (1) identification of each domain’s definition of security (i.e. not a “one-size-fits-all” approach); (2) relevant security threat models; (3) realistic cost vs. benefit analyses; (4) levels of acceptable trust and resultant “secured” state; and (5) the efficacy of analysis tools
Group 2 Internet of Things (IoT) and the vulnerabilities of fixed, centrally-controlled, physical systems Issues: (1) how to effectively implement the technologies to secure components and their interaction with cyberspace in any industry (2) the socio-political-economic issues that need to be addressed when utilizing these techniques Attack as Preemption design techniques and components that are launched as a result of detection of specific triggers (data access, probing attack, behavior patterns, etc...) prior to an attack—hack back Movement/Mobility/Traps as Preemption design techniques and software that enable mobility in currently static components.
Workshop II- Group 3 Authentication and authorization of users and devices the foundation of trustworthy systems was also taken into consideration hardware security primitives such as the Trusted Platform Modules (TPM), Physical Unclonabe Function (PUF), and True Random Number Generator (TRNG) require full verification and validation Assurance of embedded systems, cyber physical systems, and the IoT Cyber immune systems that could be used to protect software and hardware Identification of various dimensions of the costs and benefits of cybersecurity
Workshop II-Group 4 Metrics driven security is a very large obstacle Lack of a tried and true model or process that supports decision making and resource allocation The required number of employees and relevant skillsets to hire is at worst a random process and at best an educated guess by knowledgeable information security staff Metrics-driven security program has the potential to revolutionize risk management and improve analysis Metrics driven security solutions should be designed to identify risks, costs, and benefits associated with cybersecurity Trusted embedded systems Moving portions of the operating system into silicon
Workshop II-Group 4 Transaction-based identity management Layered Profiles Data Evaporation Automated Data Classification Identity management technologies The goal is to strike a balance between the requirement for strong identity management and privacy considerations. Virtualization environments Anonymization technologies
Conclusions Full Papers and presentations available at www.CyberRI.orgwww.CyberRI.org
Your consent to our cookies if you continue to use this website.