Presentation is loading. Please wait.

Presentation is loading. Please wait.

2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by.

Published byMarjorie Walton Modified over 8 years ago

Similar presentations

Presentation on theme: "2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by."— Presentation transcript:

1 2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by Franklin Webber BBN Technologies QuO

2 2001 November13 -- page 2 Applications That Participate in Their Own Defense New Ideas ImpactSchedule Involve application software in its own defense Use quality-of-service management to aid intrusion diagnosis and to resist attacks Provide a language for building a defense strategy from simple intrusion responses Use middleware to coordinate application’s defense strategy Provide tools to help developers configure application defenses for survivability Systems with more survivability, built with less effort Defense of critical applications without need for perfect security in infrastructure; cost- efficient: can use COTS A set of example defense-enabled applications A collection of validated defense strategies that application developers and/or security specialists can apply July 1999 Start July 2000July 2001 July 2002 End Proof of Concept SW Release Final Survivability Tools Delivery Defense-Enabled App SW Releases Initial validation experiments complete Validation experiments technical report Application Attacker Raw Resources QoS Management CryptoCrypto OSs and NetworkIDSsFirewalls

3 2001 November13 -- page 3 Summary of Accomplishments Developed concept of defense enabling Integrated a variety of defense mechanisms –resource QoS managers: replication, RSVP bandwidth –resource modulation: port hopping –intrusion detection: Snort, Tripwire –firewall: IPTables –security: IP-to-IPsec switching, OODTE access control Created some basic defense strategies –coordination of mechanisms to enhance defense –QuO middleware used for integration and specification Defense-enabled several applications

4 2001 November13 -- page 4 Tasks Remaining in Current Contract Design and perform Red Team experiments –defense-enabled image server application –strategies using subsets of existing defense mechanisms Harden existing mechanisms –Incorporate NCSU security-enhanced RSVP –Port to Security-Enhanced Linux Begin classification of defense strategies –precursor to a strategy specification language Deliver final version of defense-enabling toolkit

5 2001 November13 -- page 5 Experiment Planning Participants: –BBNT: APOD group –BBNT: Experimentation group: Theriault, Nelson –Sandia: Kaufman –Spawar: Huffstetler

6 2001 November13 -- page 6 Experiment Planning Issues What are the Red Team “flags”? –for availability –for integrity What is to be measured? What attacks are off-limits for Red Team? How can defense enabling, a given defense strategy, and several defense mechanisms be evaluated independently in a limited set of experiments?

7 2001 November13 -- page 7 Rough Experiment Schedule November: draft experiment plan December: do whiteboard analysis; prepare application January: execute experiment February: analyze data and report results

8 2001 November13 -- page 8 Where To Next For APOD Concept And Technology? Improvements to technology –lessons learned from experiments –more complete coverage of potential attack scenarios 2nd round of Red Team experiments –fewer attacks out of bounds –using SE Linux Technology transition –transition to Coronado? UltraLog? –domain-specific defense strategies, mechanisms Assuming successful or mixed results from experiments with a Phase I APOD, then Phase II could include:

9 2001 November13 -- page 9 Improvements to Technology Further development and packaging of defense strategies –effective parameterization –game-theoretic analysis –automatic generation from specifications New and improved defense mechanisms –shorter response time –diffserv vs. RSVP? more and better IDSs? –SPIE to aid defenses against flooding –real-time scheduling for detection and response Extend to heterogeneous environment –used to confine attacks better

10 2001 November13 -- page 10 Topics For Discussion Since September 11, what cyber-threats does DoD consider highest priority, and can APOD technology address them? What is the potential impact of the new federal cyber-security office on APOD goals? What might be potential funding vehicles for continued APOD activities?

Download ppt "2001 November13 -- page 1 Applications that Participate in their Own Defense (APOD) Project Status Review Presentation to Doug Maughan Presentation by."

Similar presentations

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
LONG: Laboratories Over Next Generation Networks. Project Description & WP1: Management.

LONG: Laboratories Over Next Generation Networks. Project Description & WP1: Management.
Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.

Applications that Participate in their Own Defense (APOD) A BBN Technologies Project Sponsored by DARPA Under the FTN Program (Dr. Douglas Maughan) Monitored.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
ARE YOU READY FOR TEST AUTOMATION GAME? - Kerry Zallar (STQE Magazine) (Nov/Dec 2001 Issue) CONCEPT/ DEFINITION:  Use of software to control the execution.

ARE YOU READY FOR TEST AUTOMATION GAME? - Kerry Zallar (STQE Magazine) (Nov/Dec 2001 Issue) CONCEPT/ DEFINITION:  Use of software to control the execution.
1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,

1 23 March 00 APOD Review Applications that Participate in their Own Defense (APOD) Review Meeting 23 March 00 Presentation by: Franklin Webber, Ron Scott,
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.

Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
1 12/10/03CCM Workshop QoS Engineering and Qoskets George Heineman Praveen Sharma Joe Loyall Richard Schantz BBN Technologies Distributed Systems Department.

1 12/10/03CCM Workshop QoS Engineering and Qoskets George Heineman Praveen Sharma Joe Loyall Richard Schantz BBN Technologies Distributed Systems Department.
OPX PI Meeting 2002 February 21 -- page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.

OPX PI Meeting 2002 February page 1 Applications that Participate in their Own Defense (APOD) QuO Franklin Webber BBN Technologies.
Page 1 R Risk-Driven and Iterative Development. Page 2 R Copyright © 1997 by Rational Software Corporation What the Iterative Life Cycle Is Not It is.

Page 1 R Risk-Driven and Iterative Development. Page 2 R Copyright © 1997 by Rational Software Corporation What the Iterative Life Cycle Is Not It is.
System Integration Management (SIM)

System Integration Management (SIM)
EC Review – 01/03/2002 – G. Zaquine – Quality Assurance – WP12 – CS-SI – n° 1 DataGrid Quality Assurance Gabriel Zaquine Quality Engineer - WP12 – CS-SI.

EC Review – 01/03/2002 – G. Zaquine – Quality Assurance – WP12 – CS-SI – n° 1 DataGrid Quality Assurance Gabriel Zaquine Quality Engineer - WP12 – CS-SI.
1 ECE 453 – CS 447 – SE 465 Software Testing & Quality Assurance Case Studies Instructor Paulo Alencar.

1 ECE 453 – CS 447 – SE 465 Software Testing & Quality Assurance Case Studies Instructor Paulo Alencar.
Release & Deployment ITIL Version 3

Release & Deployment ITIL Version 3
QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.

QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
Effective Methods for Software and Systems Integration

Effective Methods for Software and Systems Integration
Student Learning Objectives The SLO Process Student Learning Objectives Training Series Module 3 of 3.

Student Learning Objectives The SLO Process Student Learning Objectives Training Series Module 3 of 3.
NDIA SE Division Meeting February 13, 2013 1 Developmental Test and Evaluation Committee Beth Wilson, Raytheon Steve Scukanec, Northrop Grumman Industry.

NDIA SE Division Meeting February 13, Developmental Test and Evaluation Committee Beth Wilson, Raytheon Steve Scukanec, Northrop Grumman Industry.
Surveyors Conference Project Update for the as of March 2007 Right of Way Data Management System (RWDMS)

Surveyors Conference Project Update for the as of March 2007 Right of Way Data Management System (RWDMS)

Similar presentations

Ads by Google