Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

What Nature Can Tell Us About IoT Security at Scale

49 views

Published on

RISQ - Colloque 2018
11h00
Geoff Sullivan

Published in: Technology
  • Be the first to comment

  • Be the first to like this

What Nature Can Tell Us About IoT Security at Scale

  1. 1. WHAT NATURE CAN TELL US ABOUT IOT SECURITY AT SCALE R I S Q C O N F E R E N C E – N O V E M B E R 2 0 1 8 G E O F F S U L L I V A N – H E A D O F M A R K E T I N G , A M E R I C A S I N T E R N A T I O N A L , J U N I P E R N E T W O R K S
  2. 2. 2© 2018 Juniper Networks T H E S E L F - D R I V I N G N E T W O R K Image credit: Waymo, Google self-driving car project
  3. 3. 3© 2018 Juniper Networks K E Y T E C H N O L O G Y A R E A S Real-time Telemetry Automation Programmability Intent-driven programming Multi-modal views of the network Machine learning
  4. 4. 4© 2018 Juniper Networks T H E S E L F - D R I V I N G N E T W O R K S E L F - C O N F I G U R E S S E L F - D E F E N D S S E L F - C O R R E C T S
  5. 5. 5© 2018 Juniper Networks
  6. 6. F L O C K S O F B I R D S 6© 2018 Juniper Networks
  7. 7. 7© 2018 Juniper Networks
  8. 8. 8© 2018 Juniper Networks
  9. 9. BEHAVIORAL ANALYSIS 5-STEP
  10. 10. © 2018 Juniper Networks 1 . O B S E R V E • Telemetry • Monitor device behavior – Communicating to whom? How often? How much? Packet/flow characteristics • Networks in the middle • Centralized learning 10 D E V I C E S E R V E R
  11. 11. © 2018 Juniper Networks 2 . C L U S T E R S I M I L A R D E V I C E S • Unsupervised machine learning • IoT devices that share the same behavioral characteristics • Domain experts plus classification algorithms develop rules that label data (devices) 11
  12. 12. © 2018 Juniper Networks 3 . D E T E C T A N O M A L I E S • Dynamics of networks different from other ML cases • Custer analysis reveals normal vs. unusual behavior • Local/Edge capabilities in the network 12
  13. 13. © 2018 Juniper Networks 4 . I D E N T I F Y R O O T C A U S E • Zoom-in on the problem for granular analysis • Aggregate/correlate data over time, geography, etc. • Domain experts intervene • Anomaly not malicious – Stop, update baseline behavior of category • Anomaly malicious or something to worry about – Go to step 5 13 M A L I C I O U S ? G O T O S T E P 5 ( R E M E D I A T E ) B E N I G N ? U P D A T E D E V I C E B A S E L I N E
  14. 14. © 2018 Juniper Networks 5 . R E M E D I A T E • Local/Edge vs. Centralized • Call a python script to rate limit, block a port, instantiate new policy • As algorithms learn - get to autonomy, predictive (“preactive”) • Zoom-out when finished to preserve resources 14
  15. 15. © 2018 Juniper Networks 5 . R E M E D I A T E • Local/Edge vs. Centralized • Call a python script to rate limit, block a port, instantiate new policy • As algorithms learn - get to autonomy, predictive (“preactive”) • Zoom-out when finished to preserve resources 15
  16. 16. ONGOING CHALLENGES
  17. 17. © 2018 Juniper Networks 17 O N G O I N G C H A L L E N G E S V I S I B I L I T Y E N C R Y P T E D C O N T E N T D A T A A R M S R A C E L A C K O F S K I L L S E T S
  18. 18. 18© 2018 Juniper Networks Building foundational security technologies Securing the new network interfaces Pervasive security, integrated with the network
  19. 19. THANK YOU

×