Presentation is loading. Please wait.

Presentation is loading. Please wait.

SMART (Stopping Malware and Researching Threats) Side Meeting

Published byΝικάτωρ Πυλαρινός Modified over 4 years ago

Similar presentations

Presentation on theme: "SMART (Stopping Malware and Researching Threats) Side Meeting"— Presentation transcript:

1 SMART (Stopping Malware and Researching Threats) Side Meeting
IETF 105 Montreal, Quebec, Canada Kathleen Moriarty, Dell EMC and Kirsty P, NCSC

2 Rough agenda 09:00-10:30am History of SMART
The charter, which was rejected, and going forward 5-10 minute discussion of each of the six drafts (see mailing list or search ‘smart’ on datatracker) Next steps for SMART

3 Motivation IETF protocols play a part in attacks and defences
IETF protocols are changing So attacks are changing, defences need to change Research is needed on this new state

4 History March 2018: ‘SMART’ gap in research identified
IETF 102, July 2018: presented the idea at SAAG IETF 103, Nov 2018: planning meeting CARIS2 workshop, Feb 2019: seeding research ideas for SMART IETF 104, March 2019: not-quite-a-BoF IETF 105, now: side meetings (for SMART and for CLESS), discussion and next steps

5 Draft charter Available on Github: https://github.com/smart-rg
This charter was rejected, feedback included breadth and depth of research to be done, narrowness/breadth of scope, relevance to IRTF, if this was research or engineering The Stopping Malware and Researching Threats Research Group (or SMART RG) will research attacks and defence methods where these relate to newly developed and existing IETF protocols.

6 Draft charter The IRTF is in a unique position to do research and establish robust evidence on these topics. This group aims to research the effect of protocol changes on attacks, defences and the threat landscape. Once the existing landscape is established, we aim to stimulate methodical research into attack defence methods and assessments for new protocols. Protocols are already rigorously assessed for certain security properties, yet researching how protocols relate to attacks and defences is a valuable but under-researched field. This group would begin that work.

7 Draft charter To research the rich area where new protocols are designed and deployed, and used by malicious actors. This includes attacks, the new ecosystem created by new protocols, defence mechanisms used or obsoleted by new protocols, and malicious actor methodology where IETF protocols play a role in the attack chain. To survey existing methods and suggest design considerations for prevention, detection and mitigation of attacks where IETF protocols play a role in some stage of the attack. To highlight the attack mitigation impact, both positive and negative, of protocol design, deployment and operation.

8 Draft charter To create researched and referenceable material for designers of protocols about the ecosystem in which protocols exist (such as what can be reasonably expected by endpoint security solutions and the communication lifecycle of malware), which are external to protocol design but directly relate to protocol design decisions and assertions. To become a centre of expertise on attack defence in the IETF/IRTF. To provide research that can form part of the basis for future reviews of RFC 3552: Security Considerations.

9 Current drafts draft-moriarty-caris2-01
draft-taddei-smart-cless-introduction-01 draft-mcfadden-smart-endpoint-taxonomy-for-cless-00 draft-mcfadden-smart-rfc3552-research-methodology-00 draft-lazanski-smart-users-internet-00 draft-sasse-smart-secui-questions (on Github only)

10 Next Steps For the six drafts For the group’s charter For the group
For attack defence local to the IRTF, IETF, IAB

Download ppt "SMART (Stopping Malware and Researching Threats) Side Meeting"

Similar presentations

MPTCP – MULTIPATH TCP WG meeting #7 27 th July 2011 Quebec, IETF-81 Yoshifumi Nishida Philip Eardley.

MPTCP – MULTIPATH TCP WG meeting #7 27 th July 2011 Quebec, IETF-81 Yoshifumi Nishida Philip Eardley.
CONEX BoF. Welcome to CONEX! Chairs: –Leslie Daigle –Philip Eardley Scribe Note well MORE INFO: -ECN.

CONEX BoF. Welcome to CONEX! Chairs: –Leslie Daigle –Philip Eardley Scribe Note well MORE INFO: -ECN.
ICN RG Proposed Charter IETF–81 July 2011 Börje Ohlman & Dirk Kutscher.

ICN RG Proposed Charter IETF–81 July 2011 Börje Ohlman & Dirk Kutscher.
WELCOME! Multipath TCP Implementors Workshop Saturday 24 th July Maastricht Philip Eardley MPTCP WG Co-chair.

WELCOME! Multipath TCP Implementors Workshop Saturday 24 th July Maastricht Philip Eardley MPTCP WG Co-chair.
Internet Printing Protocol (IPP) WG IETF42 August 26, 1998.

Internet Printing Protocol (IPP) WG IETF42 August 26, 1998.
STRAW IETF#84, Vancouver, Canada Victor Pascual Christer Holmberg.

STRAW IETF#84, Vancouver, Canada Victor Pascual Christer Holmberg.
Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.

Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.
Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.

Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
Chapter 10 Schedule Your Schedule. Copyright 2004 by Pearson Education, Inc. Identifying And Scheduling Tasks The schedule from the Software Development.

Chapter 10 Schedule Your Schedule. Copyright 2004 by Pearson Education, Inc. Identifying And Scheduling Tasks The schedule from the Software Development.
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Open Pluggable Edge Services (opes) 62 nd IETF Meeting Minneapolis, MN, USA.

Open Pluggable Edge Services (opes) 62 nd IETF Meeting Minneapolis, MN, USA.
ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.

ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.
Technical Plenary Session chair: Leslie Daigle IETF63, Paris August 4, 2005.

Technical Plenary Session chair: Leslie Daigle IETF63, Paris August 4, 2005.
Architectural Manoeuvres in the Dark Leslie Daigle.

Architectural Manoeuvres in the Dark Leslie Daigle.
Privecsg-14-0007-01-ecsg 1 IEEE 802 EC Privacy Recommendation Study Group Update to 802 Sept Interim meetings 2014-09-08 Juan Carlos Zuniga, InterDigital.

Privecsg ecsg 1 IEEE 802 EC Privacy Recommendation Study Group Update to 802 Sept Interim meetings Juan Carlos Zuniga, InterDigital.
Update on the Internet Research Task Force Aaron Falk IRTF Chair IETF-72 – Dublin.

Update on the Internet Research Task Force Aaron Falk IRTF Chair IETF-72 – Dublin.
Proposal for a Network Complexity Research Group IRTF Open Meeting, 27 July 2011, Quebec Michael Behringer, Geoff Huston

Proposal for a Network Complexity Research Group IRTF Open Meeting, 27 July 2011, Quebec Michael Behringer, Geoff Huston
BEHAVE BOF (Behavior Engineering for Hindrance AVoidancE) Cullen Jennings Jiri Kuthan.

BEHAVE BOF (Behavior Engineering for Hindrance AVoidancE) Cullen Jennings Jiri Kuthan.
Workshop Outputs and Goals Hannes Tschofenig Internet Privacy Workshop, December 2010.

Workshop Outputs and Goals Hannes Tschofenig Internet Privacy Workshop, December 2010.

Similar presentations

Ads by Google