Professor Ruslan Smelianskiy 4. How can levels of Cyber Conflict and Cooperation be measured and compared across technical changes?

Slides:



Advertisements
Similar presentations
Meaning of Research 1) Research refers to a search for knowledge.
Advertisements

Sections 2 and 3 Chapter 1. Review of the Scientific Method The scientific method is not a list of rules that must be followed but a general guideline.
The word Science is derived from Latin and means “to know”
Popper On Science Economics Lawlor. What is and inductive inference? Example: “All Swans are white” Needs an observation to confirm it’s truth.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Increasing customer value through effective security risk management
Developing Ideas for Research and Evaluating Theories of Behavior
Threats and Attacks Principles of Information Security, 2nd Edition
Sabine Mendes Lima Moura Issues in Research Methodology PUC – November 2014.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
Nature of Science Science Nature of Science Environmental Science Outline: Outline: Science As a Way of Knowing Science As a Way of Knowing  Scientific.
Research Methodology Lecture 1.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Research Methods and Design
An Introduction to Research Methodology
Section 2: Science as a Process
Agenda for Wednesday Dec 3 rd Notebook set-up Pre-test Learning Targets Scientific Method.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Computer & Internet Security Sean Lanham, CISSP - ISO University of Texas at Arlington Information Security Office.
Science. Science Is a Way of Knowing Science means “to know” Science seeks to answer questions about nature and natural phenomena in order to know how.
Big Idea 1: The Practice of Science Description A: Scientific inquiry is a multifaceted activity; the processes of science include the formulation of scientifically.
Nature of Science August 2014 Bio X. From the Solutions Lab What do you observe? Look for patterns in the “data.” What do you infer each solution to be?
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Nature of Life La Cañada High School Biology – Dr. E.
Warm Up Aug 5, 2010 In your own words describe what you think science is. If your class did not finish the lab, get the lab write-up out and be ready to.
The Science of Biology Chapter 1 Biology Ms. Haut.
Science Fair How To Get Started… (
Agenda for Wednesday Sept 5 th Pretest Root words Notebook set-up Learning Targets Scientific Method.
The Nature and Kinds of Research Subject matter of course  Class about quantitative research  How is research different from other ways of answering.
Integrated Factory Acceptance Test (IFAT) as Security Best Practice 10/27/2015FoxGuard Solutions1 Larry Alls, Security Engineering Manager FoxGuard Solutions.
Biological Science.
The Scientific Method.
11/8/2015 Nature of Science. 11/8/2015 Nature of Science 1. What is science? 2. What is an observation? 3. What is a fact? 4. Define theory. 5. Define.
The Scientific Method. What is chemistry? The study of matter, its structure, properties, and composition, and the changes it undergoes.
The Scientific Method SE Bio 2.B
Introduction to Earth Science Section 2 Section 2: Science as a Process Preview Key Ideas Behavior of Natural Systems Scientific Methods Scientific Measurements.
Advanced attack techniques Advanced attack techniques Increased by passing techniques against the existing detection methods such as IDS and anti- virus.
Planning A Research Study Neuman and Robson Ch. 4 and 5: Reviewing the Scholarly Literature and Planning a Study.
The Scientific Method. Objectives Explain how science is different from other forms of human endeavor. Identify the steps that make up scientific methods.
The Language of Science.  Hypothesis: a prediction that can be tested; an educated guess base on observations and prior knowledge  Theory: a well tested.
Lecture №1 Role of science in modern society. Role of science in modern society.
Methods of Scientific Inquiry Ch 1.3 Course Overview.
The Scientific Method Area 1: Belief and Science.
Chapter 1 What is Biology? 1.1 Science and the Natural World.
WHAT IS RESEARCH? According to Redman and Morry,
Chapter 1 Introduction to Research in Psychology.
SCIENTIFIC METHOD NATURE OF SCIENCE AND EXPERIMENTAL DESIGN VANCE
Article : Competing Paradigms in Qualitative Research
The Study of Psychology. What to expect? Social sciences –Explore influences of society on individual behavior and group relationships Natural sciences.
RESEARCH METHODOLOGY Research and Development Research Approach Research Methodology Research Objectives Engr. Hassan Mehmood Khan.
Proactive Incident Response
Scientific Methodology
Methods of Science Chapter 1 Section 3.
Words to Know Hypothesis (prediction)- Testable prediction based on observations. Usually an if/then/because statement. Inference- a conclusion reached.
Section 2: Science as a Process
Research Methods: Concepts and Connections First Edition
امنیت اطلاعات و ضرورت آن
Scientific Methods Science in Practice.
1:53:58 AM.
EXPERIMENTAL DESIGN Observation – gathering information using the senses Inference – making statements using observation as well as prior knowledge Hypothesis.
Methods of Science Chapter 1 Section 3.
Nature of Science and Scientific Method Unit 1 Lesson 3
Research Methods.
FCAT Science Standard Arianna Medina.
The Scientific Method An overview.
What is research? Scientific research is controlled, purposeful, and systematic investigation of natural or social phenomena within a theoretical framework,
Debate issues Sabine Mendes Lima Moura Issues in Research Methodology
Research Questions & Research Hypotheses
Presentation transcript:

professor Ruslan Smelianskiy 4. How can levels of Cyber Conflict and Cooperation be measured and compared across technical changes?

professor Ruslan Smelianskiy On Information Security, Karl Popper and a peasant Information Security: What Are We Dealing With?

professor Ruslan Smelianskiy Outline Information Security - is it a science or is it an art? If it is a science, is it a natural one or is it a social science? If it is not an art, then even if it is engineering or applied science then should it be treated as a science? What does it mean to be treated as a science? What is the state of the art in Information security as some sort of the science? What we have to do to treat the Information security as a science? What lessons from this?

professor Ruslan Smelianskiy Basic classification Art is the product or process of deliberately arranging items (often with symbolic significance) in a way that influences and affects one or more of the senses, emotions, and intellect. Science (from the Latin scientia, meaning "knowledge") is an enterprise that builds and organizes knowledge in the form of testable explanations and testable predictions about the world.

professor Ruslan Smelianskiy Basic classification

professor Ruslan Smelianskiy Scientific method Observation is quantitative or qualitative descriptions/measurement of facts and phenomenon. The abstractions have to be used in such sort descriptions. Analysis of observations is systematic differentiation of significant ones against minor ones. Synthesis is generalization of analysis results as theory or hypothesis. Prediction is consequences deriving from a proposed theory or hypothesis by deduction, induction or by some other logical methods. Falsifying the predictions by experiment. All data and the results should be treated critically on every level of consideration.

professor Ruslan Smelianskiy Certainty vs Science The science differs from other kind of knowledge making activities (certainty) is necessity to prove, to justify every theoretical consequence by experimental, empirical data. Karl Popper writes that scientific knowledge "consists in the search for truth", but it "is not the search for certainty... Popper proposed falsifiability (the ability of theories to come in conflict with observation) as the landmark of empirical theories, and falsification (the search for observations that conflict with the theory) as the empirical method to replace verifiability and induction by purely deductive notions. Belief in the omnipotence of science and the certainty about the continuity of the process of accumulation of scientific knowledge, the unknown remains so only temporarily, is a continuous stimulus to productive activity constantly updated scientific society. (F.Karpa)

professor Ruslan Smelianskiy Information Security – Art or Science? IS = Social Science + IT (Computer Science) –Art ( K.Mitnik The Art of Deception) Information Security in that part of it which relate to the Computer and Network Security This area of knowledge includes more than 40 years of development (Multix project, F.Corbato, MIT 1963) Security Kernel 70 Develop Criteria And Make Available Commercial Evaluations 80 TCB for System Composition Formal Model for Access Polices 90 Internet Explosion

professor Ruslan Smelianskiy Some statistics on Attack and Malware datasets Dataset nameNumber of citations Year of initial publication Average citations per year KDD Cup 99 dataset2, Vx heavens9, Anubis CWSandbox Wepawet Datasets citation rates according to Google Scholar

professor Ruslan Smelianskiy Monitoring with Intrusion Detection Systems State of the art in network security monitoring –Over 200 research projects in intrusion detection since 1980 –Major hardware vendors have IDS solutions – Cisco, IBM, Intel, etc Over 30 specialized vendors like SourceFire, Arbor, Narus, etc. – No common methods for IDS evaluation and comparison –Commercial testing available like NSS Labs:

professor Ruslan Smelianskiy Monitoring standardization No currently available standarts –NIST recommendations on intrusion detection give too general answers to those questions - where IDS should be placed? How do we choose appropriate type of IDS according to our needs? How do we tune it to gain optimal efficiency? How can we trust the results of monitoring network security with such tools in the situation like we have now? Two elephants

professor Ruslan Smelianskiy Moores law vs Gilders law

professor Ruslan Smelianskiy Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer Target and Scope of Damage 1st Gen Boot viruses Weeks 2nd Gen Macro viruses DoS Limited hacking Days 3rd Gen Network DoS Blended threat (worm + virus+ trojan) Turbo worms Widespread system hacking Minutes Next Gen Infrastructure hacking Flash threats Massive worm driven DDoS Damaging payload worms Seconds 1980s1990sTodayFuture

professor Ruslan Smelianskiy Sophistication of hacker tools Low 2000 Packet forging/ spoofing Password guessing Self-replicating code Password cracking Back doors Hijacking sessions Scanners Sniffers Stealth diagnostics High Exploiting known vulnerabilities Disabling audits

professor Ruslan Smelianskiy Resume It seems reasonable for information security community and national governments to support developing open and public collections of up-to-date malware along with results of its preliminary analysis. And what seems to be most important – it is necessary to recover the practice of publishing raw experimental data, on which the research results rely. The overall experience of the information security field and other natural sciences demonstrates that publicity of this kind always greatly encourage both quality and quantity of research projects.

professor Ruslan Smelianskiy A parable Once there was a peasant, who had a horse that was considered a rich man in his village. He was envied. But when his horse went into the forest and never came back, his neighbours ceased to be jealous of him, and some even felt sorry for him. When his horse returned and brought with it one more horse, some again became jealous of him. And then his son fell from the horse and broke his leg. Many have ceased to envy him. But here's the war began, all the young guys drafted into the army and were killed in the war, and his lame son was not taken, and some again became jealous of him. Only the peasant never grieved, and never was joyous about that. He could not do it because he could not foresee the future and did not see any good in sadness and joy.

professor Ruslan Smelianskiy Conclusion In our reality, the lack of pictures of the future can lead to irreversible consequences.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.