Presentation is loading. Please wait.

Presentation is loading. Please wait.

IA&S July 17, 20001 Fault Tolerant Networks (FTN) Research Program Joint Information Assurance & Survivability (IA&S) Principal Investigator Meeting Honolulu,

Published byFelicity Butler Modified over 8 years ago

Similar presentations

Presentation on theme: "IA&S July 17, 20001 Fault Tolerant Networks (FTN) Research Program Joint Information Assurance & Survivability (IA&S) Principal Investigator Meeting Honolulu,"— Presentation transcript:

1 IA&S July 17, 20001 Fault Tolerant Networks (FTN) Research Program Joint Information Assurance & Survivability (IA&S) Principal Investigator Meeting Honolulu, Hawaii 17-21 July 2000 Douglas Maughan 703-696-2373 dmaughan@darpa.mil

2 IA&S July 17, 20002 Computer attacks against U.S. systems continue to rise each year Projections show this will get worse before it gets better! We Are Under Attack! 1st Qtr.

3 IA&S July 17, 20003 DoD’s Networking Problems DoD depends on information technology for information dominance, but... DoD systems and networks are increasingly vulnerable to attack because:  They are increasingly connected to one another and to civilian networks using Internet technology Vulnerabilities in networking technology or in any connected system can be exploited by knowledgeable attackers  There is increased use of COTS products Commercial security is not designed nor intended to withstand the Information Warfare attacks of concern to the DoD DoD’s past approaches have not succeeded

4 IA&S July 17, 20004 Fault Tolerant Networks Fault-Tolerant Survivability  Apply fault tolerance techniques to networking protocols  Better understanding of network fault modeling  Explore virtual network overlays as survivability mechanism Denying Denial-of-Service  Allocation methods to constrain attacker’s resource use  Progress-based protocols link allocation to level of trust Active Network Response  Exploit Active Networks for Traceback – Deploy active network technology to identify attack sources and deploy responses Critical Infrastructure Protection  Opportunities for Technology Transition Goal: Ensure continued availability of the network in the face of an attack while containing the resources available to the attacker

5 IA&S July 17, 20005 Fault-Tolerant Survivability What is the problem?  Networks must be resistant to attacks and failures  Automatic adaptation of the network during attack and post- mortem  Degradation of infrastructure to ensure minimal operation What are we trying to accomplish?  Incorporate techniques from fault-tolerance community Replication and partitioning of network services; Redundancy of network resources Develop adaptation strategies, including triggers, stability measures, and operational correctness  Better understanding of network fault modeling  Explore virtual network overlays as survivability mechanism

6 IA&S July 17, 20006 Denying Denial-of-Service What is the problem?  Prevention of denial of service attacks continues to be a growing problem with multiple points of vulnerability  Resistance to denial of service attacks remains unsolved  Necessity to consider DoS events in a correlated manner What are we trying to accomplish?  Incorporate market-based resource allocation strategies to limit resource consumption by attacker  Develop communication protocols which execute based on incremental progress within trust chain  Introduce infrastructure protocols that have been hardened against DoS attacks

7 IA&S July 17, 20007 Active Network Response What is the problem?  Advanced intrusion detection techniques supply enormous amounts of untapped real-time information  Large attacks require immediate reaction to limit damage  Programmable networks assist controlled attacker fencing What are we trying to accomplish?  Incorporate techniques from Active Networks community Challenge problem demonstration of capability Security architecture supports availability, reliability, and survivability  Leverage completed intrusion detection research  Build on fault-tolerance and adaptation  Accomplished in concert with legal assistance

8 IA&S July 17, 20008 Background - Critical Infrastructure Protection October 97 - Report of the President’s Commission on Critical Infrastructure Protection (PCCIP) ==> http://www.pccip.ncr.gov/ May 22, 1998 - President Clinton announced two new directives designed to strengthen the Nation's defenses against terrorism and other unconventional threats  PDD-62 highlights the growing range of unconventional threats that we face, including "cyber terrorism" and chemical, radiological, and biological weapons, and creates a new and more systematic approach to defending against them.  PDD-63 focuses specifically on protecting the Nation's critical infrastructures from both physical and "cyber" attack. These attacks may come from foreign governments, foreign and domestic terrorist organizations, and foreign and domestic criminal organizations.

9 IA&S July 17, 20009 Critical Infrastructures Physical and cyber-based systems essential to the minimum operations of the economy and government. These systems are so vital, that their incapacity or destruction would have a debilitating impact on the defense or economic security of the United States.  Information and Telecommunications  Banking and Finance  Water Supply Systems  Electrical Power, Oil and Gas Production and Storage  Transportation - Aviation, Rail, Roads, Highways, Waterways  Emergency and Public Health Services  Continuity of Government Services

10 IA&S July 17, 200010 Technology Transition How do we do it today? Research Land Vendor Land DARPA Technology Transition Bridge Technology Transitions (e.g., startups)

11 IA&S July 17, 200011 Technology Transition What can we do to improve? Research Land Vendor Land DARPA Technology Transition Bridge Technology Transitions (e.g., startups) S-BGP Routing DNSSEC

12 IA&S July 17, 200012 CIP Technology Transition Opportunities Transitioning Secure BGP into the Internet  Leverage previous DARPA secure routing protocol work by teaming with router vendors and ISPs Improving Robustness of Internet Routing  Improve existing Internet/Intranet routing protocols to incorporate authentication and fault tolerance techniques and transition via major consortium for Internet distribution Trust Applied to DNSSEC  Develop new fault tolerant techniques for DNSSEC deployment and new mechanisms for learning trusted public keys in a large scale network. Work with Internet Software Consortium (ISC) to incorporate additional DNSSEC capabilities into BIND release (DNS resolver software)

13 IA&S July 17, 200013 Research Organizations Fault Tolerant Survivability - 16 performers  Architecture Technology Corp., BBN, Cornell, George Washington Univ., Johns Hopkins Univ., Lucent, MIT, NAI Labs, Telcordia/Univ. of Maryland, Univ. of Arizona, Univ. of Michigan, UC Santa Barbara, UC Santa Cruz, USC-ISI (2 efforts), Univ. of Washington Denying Denial of Service – 4 performers  North Carolina State Univ., Princeton Univ., Texas A&M, UCLA/NCSU Active Network Response – 3 performers  BBN, NAI Labs (2 efforts) Critical Infrastructure Protection – 3 performers  BBN, TeleniX, USC-ISI/NAI Labs

Download ppt "IA&S July 17, 20001 Fault Tolerant Networks (FTN) Research Program Joint Information Assurance & Survivability (IA&S) Principal Investigator Meeting Honolulu,"

Similar presentations

Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism

Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
GENI: Global Environment for Networking Innovations Larry Landweber Senior Advisor NSF:CISE Joint Techs Madison, WI July 17, 2006.

GENI: Global Environment for Networking Innovations Larry Landweber Senior Advisor NSF:CISE Joint Techs Madison, WI July 17, 2006.
Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
10/29/20091 Innovation Partnerhsip Models with the Finance Sector Dept. of Homeland Security Science & Technology Directorate Douglas Maughan, Ph.D. Branch.

10/29/20091 Innovation Partnerhsip Models with the Finance Sector Dept. of Homeland Security Science & Technology Directorate Douglas Maughan, Ph.D. Branch.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.
Adaptive Infrastructures EPRI/DoD Initiative on Complex Interactive Networks/Systems Joint innovative research ·EPRI and ·Office of the Director of Defense.

Adaptive Infrastructures EPRI/DoD Initiative on Complex Interactive Networks/Systems Joint innovative research ·EPRI and ·Office of the Director of Defense.
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.

Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
Smart Grid Cyber Security Framework

Smart Grid Cyber Security Framework
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.

June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Critical Infrastructure Interdependencies H. Scott Matthews March 30, 2004.

Critical Infrastructure Interdependencies H. Scott Matthews March 30, 2004.

Similar presentations

Ads by Google