We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byHaley Donahue
Modified over 3 years ago
1 Laws of Cyber Security Ravi Sandhu Executive Director and Endowed Professor September 2010 email@example.com, www.profsandhu.com, www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real-World Impact! Institute for Cyber Security
2 Microsec vs Macrosec From Wikipedia, the free encyclopedia: Microeconomics (from Greek prefix micro- meaning "small" + "economics") is a branch of economics that studies how the individual parts of the economy, the household and the firms, make decisions to allocate limited resources, typically in markets where goods or services are being bought and sold. Microeconomics examines how these decisions and behaviors affect the supply and demand for goods and services, which determines prices, and how prices, in turn, determine the supply and demand of goods and services. This is a contrast to macroeconomics, which involves the "sum total of economic activity, dealing with the issues of growth, inflation, and unemployment. Microeconomics also deals with the effects of national economic policies (such as changing taxation levels) on the before mentioned aspects of the economy. © Ravi Sandhu World-Leading Research with Real-World Impact!
Retail Attacks Targeted Attacks © Ravi Sandhu 3 World-Leading Research with Real-World Impact! Microsec
99% of the attacks are thwarted by basic hygiene and some luck 1% of the attacks are difficult and expensive, even impossible, to defend or detect © Ravi Sandhu 4 World-Leading Research with Real-World Impact! Microsec
IP Spoofing predicted in Bell Labs report 1985 1st Generation firewalls deployed 1992 IP Spoofing attacks proliferate in the wild 1993 VPNs emerge late 1990s Vulnerability shifts to accessing end-point Network Admission Control 2000s © Ravi Sandhu 5 World-Leading Research with Real-World Impact! IP Spoofing Story
Phishing 1.0 Attack: Capture reusable passwords Defense: user education, cookies, pictures Phishing 2.0 Attack: MITM in the 1-way SSL channel, breaks OTPs Defense: 2-way SSL Phishing 3.0 Attack: Browser-based MITM client in front of 2-way SSL Defense: Transaction authentication outside browser Phishing 4.0 Attack: PC-based MITM client in front of 2-way SSL Defense: Transaction authentication outside PC, PC hardening © Ravi Sandhu 6 World-Leading Research with Real-World Impact! Evolution of Phishing
© Ravi Sandhu 7 World-Leading Research with Real-World Impact! Sandhus Laws of Attackers 1. Attackers exist You will be attacked 2. Attackers have sharply escalating incentive Money, terrorism, warfare, espionage, sabotage, … 3. Attackers are lazy (follow path of least resistance) Attacks will escalate BUT no faster than necessary 4. Attackers are innovative (and stealthy) Eventually all feasible attacks will manifest 5. Attackers are copycats Known attacks will proliferate widely 6. Attackers have asymmetrical advantage Need one point of failure
© Ravi Sandhu 8 World-Leading Research with Real-World Impact! Operational Principles A. Prepare for tomorrows attacks, not just yesterdays Good defenders strive to stay ahead of the curve, bad defenders forever lag B. Take care of tomorrows attacks before next years attacks Researchers will and should pursue defense against attacks that will manifest far in the future BUT these solutions will deploy only as attacks catch up C. Use future-proof barriers Defenders need a roadmap and need to make adjustments D. Its all about trade-offs Security, Convenience, Cost
Rational microsec behavior can result in highly vulnerable macrosec © Ravi Sandhu 9 World-Leading Research with Real-World Impact! Macrosec
Sandhus Laws of Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio Chief.
1 Understanding Which New Threats Operators Can Expect To Face Within The Next Two To Five Years To Improve The On- Going Management Of Security Systems.
1 What is the Game in Cyber Security? Ravi Sandhu Executive Director and Endowed Professor February 2011
Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist Protecting Online Identity.
1 New Trends and Challenges in Computer Network Security Ravi Sandhu Executive Director and Endowed Professor September 2010
1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February © Ravi Sandhu.
1 Towards a Discipline of Mission-Aware Cloud Computing (A Position Paper) Ravi Sandhu Executive Director and Endowed Professor October 2010
Ms. Kronlokken. Microeconomics is a branch of economics that studies the behavior of individuals and firms in making decisions regarding the allocation.
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
Economic Issues. Economics What is Economics? Macroeconomics vs. Microeconomics Demand and Supply.
1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director January 2010
1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013
1 The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It? Ravi Sandhu Executive Director and Endowed Professor February 21,
1 Speculations on the Future of Cyber Security in 2025 Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security University.
INSTITUTE FOR CYBER SECURITY 1 Cyber Security: What You Need to Know Prof. Ravi Sandhu Executive Director and Chief Scientist Institute for Cyber Security.
Introduction: Economic Issues Introduction: Economic Issues.
1 Some more intro material Here we have some more basic concepts that we see in the study of economics.
Bellwork: What is one thing you know or think you know about the study of economics???
Principles of Microeconomics & Principles of Macroeconomics: Ch.1 First Canadian Edition The word Economy... comes from a Greek word for “One who manages.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
1 Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Endowed Chair
Principles of Economics Lecturer: Jack Wu Economics 101.
Topic #2: Thinking Like an Economist Dr David Penn Associate Professor of Economics and Director of the Business and Economic Research Center.
Key terms by Rahul Jain What is Economics? Economics is the social science that studies the production, distribution, and consumption of goods and services.
The Future: Evolution of the Technology Ravi Sandhu Chief Scientist TriCipher, Inc. Los Gatos, California Executive Director and Chaired Professor Institute.
1 Challenges of Cyber Security Education at the Graduate Level Ravi Sandhu Executive Director and Endowed Professor Nov. 9, 2012
To what extend do different economic systems affect quality of life? Chapter 6.
PRINCIPLES OF By N. Gregory Mankiw PowerPoint slides prepared by: Andreea Chiritescu Eastern Illinois University Principles of Economics 5e N. Gregory.
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
MACROECONOMIC QUESTIONS LESSON ONE. WHY DOES OUTPUT FLUCTUATE?
Ten Principles of Economics
PowerPoint® Lecture Presentation to accompany Principles of Microeconomics, 3 rd Canadian Edition Mankiw, Kneebone, McKenzie, Rowe Prepared by Mark P.
Introduction to Economics What is this course about??
1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
Class One Economics July. Decisions!!! A household and an economy face many decisions: Who will work? What goods and how many of them should.
LESSON 1 WHAT IS ECONOMICS. Economics is the study of the way in which money, industry, and commerce organized in a society. Microeconomics is the branch.
Chapter 1 Nature of Economics1 Content Part I What is economics? Part II Consumption, Production & Exchange Part III Market structure Part IV Factor market.
Chapter 1 Ten Principles of Economics 2002 by Nelson, a division of Thomson Canada Limited.
1 Introduction to Agricultural Economics With Herman Sampson WELCOME TO ARE 201.
Copyright © 2004 South-Western/Thomson Learning 1 Ten Principles of Economics.
Begin $100 $200 $300 $400 $500 DemandSupply Key Economic AssumptionsFlowModelGDPUnemployment.
Introduction to macroeconomics Microeconomics Examines the functioning of firms and households. Macroeconomics Analyzes economy aggregates (such as national.
Ten Principles of Economics. ... The word economy comes from a Greek word for “one who manages a household.” Economy...
PowerPoint® Lecture Presentation to accompany Principles of Economics, Third Edition N. Gregory Mankiw Prepared by Mark P. Karscig, Central Missouri State.
Harcourt Brace & Company Chapter 1 Ten Principles of Economics.
© 2017 SlidePlayer.com Inc. All rights reserved.