We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byHaley Donahue
Modified over 3 years ago
1 Laws of Cyber Security Ravi Sandhu Executive Director and Endowed Professor September © Ravi Sandhu World-Leading Research with Real-World Impact! Institute for Cyber Security
2 Microsec vs Macrosec From Wikipedia, the free encyclopedia: Microeconomics (from Greek prefix micro- meaning "small" + "economics") is a branch of economics that studies how the individual parts of the economy, the household and the firms, make decisions to allocate limited resources, typically in markets where goods or services are being bought and sold. Microeconomics examines how these decisions and behaviors affect the supply and demand for goods and services, which determines prices, and how prices, in turn, determine the supply and demand of goods and services. This is a contrast to macroeconomics, which involves the "sum total of economic activity, dealing with the issues of growth, inflation, and unemployment. Microeconomics also deals with the effects of national economic policies (such as changing taxation levels) on the before mentioned aspects of the economy. © Ravi Sandhu World-Leading Research with Real-World Impact!
Retail Attacks Targeted Attacks © Ravi Sandhu 3 World-Leading Research with Real-World Impact! Microsec
99% of the attacks are thwarted by basic hygiene and some luck 1% of the attacks are difficult and expensive, even impossible, to defend or detect © Ravi Sandhu 4 World-Leading Research with Real-World Impact! Microsec
IP Spoofing predicted in Bell Labs report st Generation firewalls deployed 1992 IP Spoofing attacks proliferate in the wild 1993 VPNs emerge late 1990s Vulnerability shifts to accessing end-point Network Admission Control 2000s © Ravi Sandhu 5 World-Leading Research with Real-World Impact! IP Spoofing Story
Phishing 1.0 Attack: Capture reusable passwords Defense: user education, cookies, pictures Phishing 2.0 Attack: MITM in the 1-way SSL channel, breaks OTPs Defense: 2-way SSL Phishing 3.0 Attack: Browser-based MITM client in front of 2-way SSL Defense: Transaction authentication outside browser Phishing 4.0 Attack: PC-based MITM client in front of 2-way SSL Defense: Transaction authentication outside PC, PC hardening © Ravi Sandhu 6 World-Leading Research with Real-World Impact! Evolution of Phishing
© Ravi Sandhu 7 World-Leading Research with Real-World Impact! Sandhus Laws of Attackers 1. Attackers exist You will be attacked 2. Attackers have sharply escalating incentive Money, terrorism, warfare, espionage, sabotage, … 3. Attackers are lazy (follow path of least resistance) Attacks will escalate BUT no faster than necessary 4. Attackers are innovative (and stealthy) Eventually all feasible attacks will manifest 5. Attackers are copycats Known attacks will proliferate widely 6. Attackers have asymmetrical advantage Need one point of failure
© Ravi Sandhu 8 World-Leading Research with Real-World Impact! Operational Principles A. Prepare for tomorrows attacks, not just yesterdays Good defenders strive to stay ahead of the curve, bad defenders forever lag B. Take care of tomorrows attacks before next years attacks Researchers will and should pursue defense against attacks that will manifest far in the future BUT these solutions will deploy only as attacks catch up C. Use future-proof barriers Defenders need a roadmap and need to make adjustments D. Its all about trade-offs Security, Convenience, Cost
Rational microsec behavior can result in highly vulnerable macrosec © Ravi Sandhu 9 World-Leading Research with Real-World Impact! Macrosec
Sandhus Laws of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio Chief.
1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February 2011
Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist Protecting Online Identity.
1 Understanding Which New Threats Operators Can Expect To Face Within The Next Two To Five Years To Improve The On- Going Management Of Security Systems.
Topic #2: Thinking Like an Economist Dr David Penn Associate Professor of Economics and Director of the Business and Economic Research Center.
Key terms by Rahul Jain What is Economics? Economics is the social science that studies the production, distribution, and consumption of goods and services.
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: What You Need to Know Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security.
Ms. Kronlokken. Microeconomics is a branch of economics that studies the behavior of individuals and firms in making decisions regarding the allocation.
Introduction to Economics What do you think of when you think of economics?
THREE TOPICS OF SHORT REPORTs ANDREA FARINA will speak about: Microeconomics Macroeconomics Positive Statements.
Introductory macroeconomics David A. Penn. How much economics do I need to know to participate in conversations? Most of the economics that is suitable.
Basic Economic Concepts Basic Economic Vocabulary Needs are Necessities for survival Wants are Ways of expressing needs and/or goods and services consumed.
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February © Ravi Sandhu.
MACROECONOMIC QUESTIONS LESSON ONE. WHY DOES OUTPUT FLUCTUATE?
McGraw-Hill/Irwin Copyright 2006 by The McGraw-Hill Companies, Inc. All rights reserved. ECONOMICS AND ECONOMIC REASONING Chapter 1.
Chapter 1 Ten Principles of Economics 2002 by Nelson, a division of Thomson Canada Limited.
Econ Chapter One Quiz Review Let’s come up with some good answers to these questions…
Introduction to Economics What is this course about??
1 © 2015 Pearson Education, Inc. Chapter Outline and Learning Objectives 1.1Three Key Economic Ideas 1.2The Economic Problem That Every Society Must Solve.
What is Economics? Chapter 18. The Fundamental Economic Problem Section 1.
Principles of Microeconomics & Principles of Macroeconomics: Ch.1 First Canadian Edition The word Economy... comes from a Greek word for “One who manages.
Give me two examples of trade- offs you made yesterday.
PowerPoint® Lecture Presentation to accompany Principles of Microeconomics, 3 rd Canadian Edition Mankiw, Kneebone, McKenzie, Rowe Prepared by Mark P.
The word economy comes from a Greek word for “one who manages a household.”
Economic Issues. Economics What is Economics? Macroeconomics vs. Microeconomics Demand and Supply.
Outcome One: Explain the allocation of resources in an economy The Basic Economic Problem.
1 Introduction to Economics What is Economics? Two important terms: 1. Choice 2. Scarcity Study of choice under conditions of scarcity Scarcity Situation.
PRINCIPLES OF By N. Gregory Mankiw PowerPoint slides prepared by: Andreea Chiritescu Eastern Illinois University Principles of Economics 5e N. Gregory.
© 2017 SlidePlayer.com Inc. All rights reserved.