Your SlideShare is downloading. ×
Daniel rip2002
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Daniel rip2002

165
views

Published on

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
165
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The Daffodil and the Crane Daniel Bilar 2002 Thayer School
  • 2. Status quo One hundred thousand an attack on the network In dollars, the cost Hence counter-measures must be deployed, resources Must be channeled
  • 3. The problem The boss declares Let s spend effectively! The network guy squirms: Networks resemble A black box full of software Whose risk no-one knows No-one, until now For the woods of New Hampshire harbour an answer
  • 4. An approach QSRA is A method to quantify and manage risk Spelled out it means quan- titative security risk analysis Which is a mouthful but better than Distributed intrusion detection using Bayesian multiple hypothesis testing Which can t be haikuified
  • 5. Methodology The steps are threefold: Inventory the software Found on the network Match the list against A vulnerability database online Said database then returns the risk you incur running the software
  • 6. Methodology Manage the risk by adding and deleting software components Some alternatives must be found, subject to constraints you set The formulation is an integer LP I use branch-and-bound
  • 7. Implementation A central server collects data from clients installed on the hosts The software is free Java and mySQL Take that, Microsoft!
  • 8. Results What are the results? I have three to report that are non-trivial:
  • 9. Result 1 Knowledge diffuses At an astonishing rate The window is small From discovery to attack tool, you have one week – thus, act quickly
  • 10. Result 2 Microsoft patches Seem to create as many problems as they solve But let me be fair Sixty million lines of code Are hard to debug
  • 11. Result 3 A typical host Has more than twenty ports open These are all entry points Hundreds of programs are installed on a host, some with serious faults Each program is a stepping stone; escalation attacks combine them
  • 12. Conclusion Summa summarum: Patch early, patch often, and your risk will decrease PS - please don t put me on probation again Professor Lotko