23 July 2003 PM-ITTS TSMOTSMO Information Assessment Test Tool (IATT) for IO/IW Briefing by: Darrell L Quarles Program Director U.S. Army Threat Systems.

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Introduction to Information Operations Attaché Corps- SEP 09

Security Controls – What Works

Chapter 1 – Introduction

Security+ Guide to Network Security Fundamentals

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lecture 11 Reliability and Security in IT infrastructure.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

Intrusion Detection Systems CS391. Overview  Define the types of Intrusion Detection Systems (IDS).  Set up an IDS.  Manage an IDS.  Understand intrusion.

Security+ Guide to Network Security Fundamentals, Fourth Edition

BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Test Organization and Management

Hosted by How to Conduct an Information Security (INFOSEC) Assessment The NSA INFOSEC Assessment Methodology (IAM) Stephen Mencik, CISSP ACS Defense, Inc.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.

HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.

NIST Special Publication Revision 1

Module 14: Configuring Server Security Compliance

Information Assurance Program Manager U.S. Army Europe and Seventh Army Information Assurance in Large-Scale Practice International Scientific NATO PfP/PWP.

Chapter 6 of the Executive Guide manual Technology.

7-Oct-15 System Auditing. AUDITING Auditing is a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.

Engineering Essential Characteristics Security Engineering Process Overview.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.

1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Network design Topic 6 Testing and documentation.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Boeing-MIT Collaborative Time- Sensitive Targeting Project July 28, 2006 Stacey Scott, M. L. Cummings (PI) Humans and Automation Laboratory

JNTC Joint Management Office

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

March 2004 At A Glance The AutoFDS provides a web- based interface to acquire, generate, and distribute products, using the GMSEC Reference Architecture.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.

Security Methods and Practice CET4884

Defining your requirements for a successful security (and compliance

Network security Vlasov Illia

Seminar On Ethical Hacking Submitted To: Submitted By:

Secure Software Confidentiality Integrity Data Security Authentication

Security in Networking

IS4680 Security Auditing for Compliance

CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com

CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com

Presentation transcript:

23 July 2003 PM-ITTS TSMOTSMO Information Assessment Test Tool (IATT) for IO/IW Briefing by: Darrell L Quarles Program Director U.S. Army Threat Systems Management Office PEO STRI ext 268 (DSN: 746) UNCLASSIFIED ARMY THREAT SYSTEMS PROGRAM NET 3 Conference & Exhibition 23 July 2003

PM-ITTS TSMOTSMO Program Background Program Description OTIA Methodology Concept of Operations Capabilities On-Going Development Tool Configuration Summary AGENDA ARMY THREAT SYSTEMS PROGRAM

23 July 2003 PM-ITTS TSMOTSMO Background This program was developed to supply Information Assurance Analysis to the Intelligence Electronic Warfare Test Directorate (IEWTD) of ATEC/OTC for Operational Testing UNCLASSIFIED ARMY THREAT SYSTEMS PROGRAM

23 July 2003 PM-ITTS TSMOTSMO Program Background (Cont’d) ARMY THREAT SYSTEMS PROGRAM Program was started in FY 01. Task joins the capabilities of two Contractors: Dynetics and General Dynamics (GD) Test Methodology, Threat Definition, and Scenario Development is provided by Dynetics IATT development and IA threat integration by GD

23 July 2003 PM-ITTS TSMOTSMO Program Description A multi-step Operational Test Information Assurance (OTIA) Assessment Methodology Identification and certification of the IA related DIA validated threat A test tool that can perform penetration testing on the System under Operational test ARMY THREAT SYSTEMS PROGRAM This project consists of three tasks to aid in the Information Assurance Assessment:

23 July 2003 PM-ITTS TSMOTSMO System IS/IA Analysis: System SSAA Previous IS/IA Analysis System Documentation -Topology -Information Flow Vulnerability Analysis IS/IA System Scan Conducted to: Verify IS/IA goals met Identify additional Routes of Intrusion Determine OS and Hardware/Software Configuration Create an Internal &External Port Map IS/IA System Penetration Test conducted to: Stress System IS/IA (Penetration Tailored to System) Penetrate and Mark Penetration Analysis Conducted to determine if IS/IA System: Identified penetration attacks Stopped penetration attacks Impact of Penetration on Mission System IS/IA Risk/ Impact Matrix: Identifies Operational risks of IS/IA Configuration Confirms ISSA goals are met Assessment of System IS/IA Status ARMY THREAT SYSTEMS PROGRAM OTIA Methodology

23 July 2003 PM-ITTS TSMOTSMO IATT Concept of Operations UNCLASSIFIED ARMY THREAT SYSTEMS PROGRAM IA threat launch platform. IATT is an easily transportable IA threat launch platform. DIA validated set of IA IATT is to be populated with a DIA validated set of IA Threats Threats that are specific to the target system/test Configuration. IATT is to provide ATEC-OTC and test community the capability to measure the IA health of systems against actual IA threatsrealistic scenarios actual IA threats exercised in realistic scenarios.

23 July 2003 PM-ITTS TSMOTSMO IATT CAPABILITIES UNCLASSIFIED ARMY THREAT SYSTEMS PROGRAM Information Gathering - Stealthy and non-stealthy scanning of network assets to find a entry point vulnerability to exploit. Network Monitoring - Passive tools to map the network, steal critical communications. Infiltration - Gain access to a local/remote system by exploiting a vulnerability in COTS software. Password Guessing/Cracking - Guess common passwords / break systems password files. Nefarious Data Manipulation - Intercept/inject mission data transmissions on the network. Denial of Service - Prevent communications through computer service disruption or elimination.

23 July 2003 PM-ITTS TSMOTSMO ON-GOING DEVELOPMENTS UNCLASSIFIED C2IATT/NOVA - Automated scenario execution across multiple IATT units for complex tests. Counter-Counter Measure Development - Provides a more realistic approach of attack scenarios. Automated Decision Aides - Develop capabilities to enhance users decision making process. Wireless IA Capability - Current information attack systems evaluate wired networks against random and intentional threats. The military requires a capability to test military wireless networks against the same types information attack threats. Knowing the susceptibility of military wireless networks to wireless information attack threats increases overall system security. Information assurance on all data links is essential to mission success, force protection, and information dominance.

23 July 2003 PM-ITTS TSMOTSMO Live Test Configuration Replicate Target Network in a Test Environment

23 July 2003 PM-ITTS TSMOTSMO Mass Scan Actively scans for hosts on target network Determines Operating System & Port Information

23 July 2003 PM-ITTS TSMOTSMO Passive Detection Passively detects hosts on target network Quantifies incoming and outgoing traffic

23 July 2003 PM-ITTS TSMOTSMO Target Relationship Tool Identifies communication relationships between computers on the network Identifies data generators / receivers

23 July 2003 PM-ITTS TSMOTSMO Demonstration Configuration Singled out target on the network The impact of neutralizing the right target is immeasurable IATT / Illuminate RWS V6 Simulated

23 July 2003 PM-ITTS TSMOTSMO System Operations – Information Panel Display results of scan for target Provides access to attacks for target

23 July 2003 PM-ITTS TSMOTSMO System Operations – Snoop Collects network traffic in multiple protocols, ports, directions. Collects data to libcap files for review / analysis

23 July 2003 PM-ITTS TSMOTSMO System Operations – Attack Conducts attack operations Standardized test configurations Attack status indicators

23 July 2003 PM-ITTS TSMOTSMO Scan Reports Network Reconnaissance logged for After Action Reviews (AAR)

23 July 2003 PM-ITTS TSMOTSMO Target Reports Every Activity Logged Against Every Target

23 July 2003 PM-ITTS TSMOTSMO Attack Reports Every Attack Characterized and Logged

23 July 2003 PM-ITTS TSMOTSMO Threat Scenario Requirements Test / Scenario Conductor Threat Execution

23 July 2003 PM-ITTS TSMOTSMO SUMMARY The methodology and tools being developed is laying the ground work and the essential tools necessary for the T&E community to properly assess the Information Assurance issues associated with our digitized forces. Program foundation success for future development in IA. Program is on schedule. UNCLASSIFIED UNCLASSSIFIED ARMY THREAT SYSTEMS PROGRAM

23 July 2003 PM-ITTS TSMOTSMO QUESTIONS?