Daniel rip2002

200 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
200
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Daniel rip2002

  1. 1. The Daffodil and the Crane Daniel Bilar 2002 Thayer School
  2. 2. Status quo One hundred thousand an attack on the network In dollars, the cost Hence counter-measures must be deployed, resources Must be channeled
  3. 3. The problem The boss declares Let s spend effectively! The network guy squirms: Networks resemble A black box full of software Whose risk no-one knows No-one, until now For the woods of New Hampshire harbour an answer
  4. 4. An approach QSRA is A method to quantify and manage risk Spelled out it means quan- titative security risk analysis Which is a mouthful but better than Distributed intrusion detection using Bayesian multiple hypothesis testing Which can t be haikuified
  5. 5. Methodology The steps are threefold: Inventory the software Found on the network Match the list against A vulnerability database online Said database then returns the risk you incur running the software
  6. 6. Methodology Manage the risk by adding and deleting software components Some alternatives must be found, subject to constraints you set The formulation is an integer LP I use branch-and-bound
  7. 7. Implementation A central server collects data from clients installed on the hosts The software is free Java and mySQL Take that, Microsoft!
  8. 8. Results What are the results? I have three to report that are non-trivial:
  9. 9. Result 1 Knowledge diffuses At an astonishing rate The window is small From discovery to attack tool, you have one week – thus, act quickly
  10. 10. Result 2 Microsoft patches Seem to create as many problems as they solve But let me be fair Sixty million lines of code Are hard to debug
  11. 11. Result 3 A typical host Has more than twenty ports open These are all entry points Hundreds of programs are installed on a host, some with serious faults Each program is a stepping stone; escalation attacks combine them
  12. 12. Conclusion Summa summarum: Patch early, patch often, and your risk will decrease PS - please don t put me on probation again Professor Lotko

×