Presentation is loading. Please wait.

Presentation is loading. Please wait.

Demythifying Cybersecurity* A glimpse of a secure cyber future

Published byMyra Horn Modified over 9 years ago

Similar presentations

Presentation on theme: "Demythifying Cybersecurity* A glimpse of a secure cyber future"— Presentation transcript:

1 Demythifying Cybersecurity* A glimpse of a secure cyber future
Edward B. Talbot Tom M. Kroeger Livermore, CA Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy’s National Nuclear Security Administration under contract DE-AC04-94AL85000. SAND Number :  C * -

2 Sandia has been dedicated to national security since 1949
A Mission-Driven Laboratory: Design and development of nonnuclear portions of US nuclear weapons Production of advanced components Safety, security, use control Treaty verification, nonproliferation, and counterproliferation Advanced military technologies and applications Energy and environment Homeland security and countering weapons of mass destruction I’m here to give you a bit of background on who we are and why we’re talking about cyber security came out of manhattan project Sandia has a long (but quiet) history of dealing with the nation’s thorniest but most important issues. Among other things we hold the fundamental responsibility for designing the technologies our nations uses for nuclear weapons security & command and control But these days that is just part of what we do. In the last years we have used our expertise from our original work to take a more holistic approach to national security

3 On the Internet nobody knows you’re a dog…
Or it there is a man in the middle or who else is listening or if you are a bot. …or an adversary!

4 The problem: we can’t trust our machines and we can’t live without them.
Information systems have become too complex and too interconnected at all scales to ensure that they do not contain vulnerabilities. Multi-scale: micro (3 lines of code) -> human -> macro (Internet) Multi-discipline: device physics -> electronics -> computer architecture > software -> human factors Multi-medium: photons -> electrons -> RF Servers Routers Switches Fiber Firewalls Desktops Users Wafer Mask Programming Die Example: push the power button 10 times to invoke tech support mode. …we are behind and falling further behind.

5 Cybersecurity Manifesto
The Situation Current cyber security approaches are fundamentally broken. Current cyber security strategies are reactive and asymmetric. Vulnerabilities in current implementations are virtually limitless. Threats are exploiting these vulnerabilities faster than we can detect and counter them. Current cyber security implementations compound the problem by creating the illusion of security. “We cannot solve our problems with the same thinking we used when we created them.” - Albert Einstein

6 “The great enemy of the truth is very often not the lie, deliberate, contrived and dishonest, but the myth, persistent, persuasive and unrealistic.” John F. Kennedy Some Myths Myth 1: More layers of defense are better. Myth 2: Burdensome security is good security. Myth 3: Running my executables on my data on my system is secure because I control my system. Myth 4-…: ??? Examples: We understand our adversary Myth 5: We have to trust someone or something

7 Modeling and Simulation Qualitative Assertions Quantitative Assertions
We need to move cyber security from a craft/lore/myth to a scientific discipline. Craft/Lore/Myth Science Trial-and-error Theory Reactive Rules of Thumb Experiment Predictive Modeling and Simulation Skill- / luck-based An example Alchemy Chemistry Or biology or physics or mathematics American Engineers' Council for Professional Development defines Engineering as “the creative application of scientific principles to design or develop structures, machines, apparatus, or manufacturing processes, or works utilizing them singly or in combination; or to construct or operate the same with full cognizance of their design; or to forecast their behavior under specific operating conditions; all as respects an intended function, economics of operation and safety to life and property.”[3][4] Earth, Air, Fire, Water Periodic Table Qualitative Assertions Quantitative Assertions “The highest priority should be assigned to establishing research protocols to enable reproducible experiments…There is a science of cyber-security.” - Science of Cyber-Security, JASONs report dtd November 2010.

8 Myth 1: More layers of defense are better.
Layered defense is great for physical assets

9 Myth 1: More layers of defense are better.
Layered defense creates the illusion of impenetrability

10 A common perception of the threat
Microelectronics and Software PC Targets Defenses: Firewalls Anti-Spyware Virus Detectors Intrusion Detection Systems Offensive Methods Cyber

11 Many threats are not obvious
Myth 1: More layers of defense are better. Many threats are not obvious

12 Response 1: Science-Based Cyber Security
Myth 1: More layers of defense are better. Response 1: Science-Based Cyber Security C compiler VHDL FPGA – 500k logic elements Lots of states, lots of flexibility, lots of trouble. Refrigerator Controller Few states, testable, provable. “Direct-to-gates” compiler

13 Myth 1: More layers of defense are better.
Response 1: Science-Based Cyber Security

14 Myth 2: Burdensome security is good security.
Increasing security burden User-selected passwords to constrained passwords 2 factor: constrained passwords plus HSPD-12 badge 3 factor: constrained passwords plus HSPD-12 badge plus fingerprint Are we more secure? Can we PROVE that we are more secure? Looking forward: Identity 2.0: Human-BadgeΞMachine-Environment Identity 3.0: HumanΞEnvironment e.g. Strong Kerberos + +

15 Rethinking our security approach.
Myth 2: Burdensome security is good security. Rethinking our security approach.

16 Continuous, adaptive identity authentication
Myth 2: Burdensome security is good security. Continuous, adaptive identity authentication Event-based identity authentication is momentary (event-based) Confidence Login (password) Time Continuous, adaptive identity authentication is a continuous process Probabilistic (not deterministic) Approach: Multi-sensor fusion (example: Kalman filter using GPS, IMU, control laws, galvanic skin response, real-time DNA analysis, etc.) Confidence Login (password) Predictable behavior Time Effective authentication requires unambiguous identity.

17 Myth 2: Burdensome security is good security.
Continuous, adaptive authentication provides unambiguous identity regardless of dynamics. If a control system can be built that enables this aircraft to return to base… …a control system should be able to authenticate me despite changes in my dynamics

18 “Cell phones show human movement predictable 93% of the time”*
Myth 2: Burdensome security is good security. “Cell phones show human movement predictable 93% of the time”* INTEGRATION of existing sensors Eyes Gait (feet, waist) GPS location Voice to provide Continuous Real-time Adaptive Unambiguous identity authentication * -

19 Myth 2: Burdensome security is good security.
Response 2: Unambiguous identity as certain and intuitive as in the physical world.

20 Myth 3: Running my executables on my data on my system is secure because I control my system.
Woo-Hoo!! My Executable My Machine My Job My Result My Data

21 Cyber-attackers exploit complexity
Myth 3: Running my executables on my data on my system is secure because I control my system. Cyber-attackers exploit complexity The asymmetry: Defense: protect against every possible exploit (hard). Attack: find one unprotected vulnerability (easy). Linux kernel: 25 year old bug in the kernel was found two years ago. Vista rewrite: 6 major vulnerabilities identified in the first 3 months. Response 3: Reverse the asymmetry Defense: easy. Attack: hard Approach: tailor complexity for defense. Woo-Hoo!! ??!!?? “We cannot solve our problems with the same thinking we used when we created them.” - Albert Einstein

22 Response 3: Reversing the asymmetry
Myth 3: Running my executables on my data on my system is secure because I control my system. Response 3: Reversing the asymmetry ??!!?? Woo-Hoo!! Data Encryption: Data Obscuration: (“Concealment”) Robust, computationally hard Fragile, Incomplete, easy to detect, crack The Myth: “First, there are three general types of secrecy system: (1) concealment systems,… (2) privacy systems,… (3) cipher, code…” - From Communication Theory of Secrecy Systems, 1949, C. Shannon Randomization within the stack, library… The Reality:

23 Monoclonal implementations share security holes.
Myth 3: Running my executables on my data on my system is secure because I control my system. Monoclonal implementations share security holes. Woo-Hoo!!

24 Multiple implementations randomize security holes.
Myth 3: Running my executables on my data on my system is secure because I control my system. Multiple implementations randomize security holes. X ??!!?? X X Multiple-version codes enable security improvement statistics.

25 Multiple computing implementations can randomize security vulnerabilities.

26 Multiple communication paths can randomize security vulnerabilities.

27 Multiple storage locations can randomize security vulnerabilities.

28 Response 3: Reverse the asymmetry
Myth 3: Running my executables on my data on my system is secure because I control my system. Response 3: Reverse the asymmetry

29 A Challenge From the “Einstein-Roosevelt” letter:
“Some recent work by E. Fermi and L. Szilard, which has been communicated to me in manuscript, leads me to expect that the element uranium may be turned into a new and important source of energy in the immediate future. Certain aspects of the situation which has arisen seem to call for watchfulness and if necessary, quick action on the part of the Administration. I believe therefore that it is my duty to bring to your attention the following facts and recommendations…” Feeling overwhelmed? Maybe even scared?

30 Demythifying Cybersecurity
Myths Responses Myth 1: More layers of defense are better. Response 1: Provable, science-based cyber security Move cyber security from a trade craft to scientific discipline. Limit complexity to enable provability Myth 2: Burdensome security is good security. Response 2: Unambiguous identity. Continuous, Adaptive Authentication Myth 3: Running my executables on my data on my system is secure because I control my system. Response 3: Reverse the asymmetry Turn complexity against the attacker Attacker faces a combinatorially hard problem For further information:

31 Sandia National Laboratories
Edward B. Talbot Manager, Information Assurance Department Sandia National Laboratories Livermore, CA Tom M. Kroeger Information Assurance Security Department Livermore, CA Albuquerque, NM “Exceptional service in the national interest”

Download ppt "Demythifying Cybersecurity* A glimpse of a secure cyber future"

Similar presentations

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Operating System Security

Operating System Security
Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation,

Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation,
Introduction CSCI 444/544 Operating Systems Fall 2008.

Introduction CSCI 444/544 Operating Systems Fall 2008.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
1 Approved for unlimited release as SAND 2010-3325 C Verification Practices for Code Development Teams Greg Weirs Computational Shock and Multiphysics.

1 Approved for unlimited release as SAND C Verification Practices for Code Development Teams Greg Weirs Computational Shock and Multiphysics.
Vulnerability of Complex System Lokaltermin des ETH-Präsidenten Mittwoch, 1. Juli 2009 Laboratory for Safety Analysis.

Vulnerability of Complex System Lokaltermin des ETH-Präsidenten Mittwoch, 1. Juli 2009 Laboratory for Safety Analysis.
Java.  Java is an object-oriented programming language.  Java is important to us because Android programming uses Java.  However, Java is much more.

Java.  Java is an object-oriented programming language.  Java is important to us because Android programming uses Java.  However, Java is much more.
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.

Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,

A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
SAND Number: 2013-8081 P Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department.

SAND Number: P Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Physical Security SAND No. 2005-3288 C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States.

Physical Security SAND No C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States.

Similar presentations

Ads by Google