Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NEDAS Boston Workshop Presentations - July 15, 2015

279 views

Published on

Presentations by PCTel presented by Marc Nguessan, SeeWave Product Manager titled "Interference Hunting: Tools and Service Solutions." Solutelia presented by Nikhil Gogate, Sr. and Luis Najera titled "RF Data Collection & Remote Control/Monitoring using WINd Solution." John Holmblad of the US Senate in Cybersecurity and Professor at the University of Maryland at Maryland University College titled "Achieving confidence in Cyberspace. It's all about Risk Management." and SOLiD presented by Dennis Rigney titled "The Evolution of DAS Ownership."

  • Be the first to comment

  • Be the first to like this

NEDAS Boston Workshop Presentations - July 15, 2015

  1. 1. NEDAS  Boston  Workshops  &  Social   District  Hall   Wednesday,  July  15,  2015   #NEDASBoston  
  2. 2. Interference  HunCng:     Tools  and  Service  SoluCons   Presenters   Marc  Nguessan   SeeWave  Product  Manager   James  Zik   Vice  President,  Product   Management  and  Management   Presented  by  PCTEL  
  3. 3. 3   James Zik, VP Product Management Marc Nguessan, Product Manager July 15, 2015         NEDAS  Interference  Hun8ng     Workshop    
  4. 4. ❑ Introduction ❑ Why is Interference a Problem? ❑ Six Case Studies ❑ Interference Mechanisms ❑ Important Considerations ❑ Summary 4   Agenda
  5. 5. 5   PCTEL  delivers  Performance  CriCcal  Telecom  soluCons  for  public   and  private  wireless  networks.         Connected  Solu8ons™  designs  and  delivers  performance  criCcal   antennas  and  site  soluCons  for  wireless  networks  globally.  Our   antennas  support  evolving  wireless  standards  for  cellular,  private,   and  broadband  networks.         RF  Solu8ons  develops  and  provides  test  equipment,  soPware,  and   engineering  services  for  wireless  networks.  The  industry  relies  upon   PCTEL  to  benchmark  network  performance,  analyze  trends,  and   opCmize  wireless  networks.     Performance Critical Telecom:
  6. 6. 6   Network Engineering Services Expert Knowledge, Exceptional Tools Provides wireless network services with an emphasis on in-building DAS. ✓  Network Benchmarking ✓  Baseline Testing ✓  CW Testing ✓  Design ✓  Commissioning ✓  Optimization ✓  Acceptance ✓  Interference Mitigation ✓  Consulting
  7. 7. Carriers Neutral Host OEMs Integrators PCTEL  Customers  
  8. 8.         Why  is  Interference  a  Problem?  
  9. 9. 9   What  is  interference?   ❑ Interference  is  an  unwanted  RF  signal  (in  the  cellular  frequencies)  caused  by  numerous   electronic  sources    (including  harmonics)  that  negaCvely  affect  mobile  communicaCon     What  frequencies  are  most  affected  by  interference?   ❑ Interference  can  affect  all  mobile  bands,  but  is  a  larger  issue  at  the  lower  frequencies   (300  to  900  MHz)  due  to  the  RF  propagaCon  of  these  frequencies.  Higher  frequencies   (approx.  >1700  MHz)  are  disposed  to  be  more  line-­‐of-­‐sight  and  more  easily  reflected   with  low  penetraCon  into  buildings         Why  is  LTE  more  affected  by  interference?   ❑ LTE  is  more  affected  by  interference  since  LTE  networks  offer  higher  spectral  efficiency  in   bits  per  second  per  Hz,  but  require  higher  levels  of  SINR  to  achieve  that  performance   vs 2600  MHz   700  MHz   Interference
  10. 10. LTE Networks Effects – Signal to Interference/Noise Ratio (SINR) ❑ SINR: Critical Measurement quantifying the relationship between RF conditions and throughput ‒ VoLTE requires high SINR (target >12 dB) or will result in dropped calls or uses high percentage of network bandwidth ‒ MIMO is ineffective with low SINR levels, requires high SINR (10-20 dB) Customer Experience Effects ❑ Video Pixilation ❑ Poor voice quality ❑ Dropped calls/sessions ❑ Low data throughput ❑ Latency due to retransmission Business Effects (Lost Revenue) ❑ Poor quality-of-service ❑ Customer churn 10   Problems Interference Causes
  11. 11. ❑  US Mobile Operator Customer Attrition* ❑  Low network quality/speed of services is largest reason for attrition (12% in the previous year of the study i.e. normalized to a full yr: 6%) ➢  (100M customers * 6% churn (normalized) * 35% low QoS * $600/ARPU/year * 90% RAN issues) = $1.1B problem (year 1) 30 % 35 % 26 % *Ovum Report “Who Cares Wins” commissioned by Tektronix - Feb. 2014. Why is Interference Abatement Important?
  12. 12. ❑ Spectrum clearing when new or re-farmed spectrum becomes available ‒ Mobile operators must clear both uplink and downlink interference sources before network turn-up for any band ❑ DAS Verification, DAS Commissioning ❑ In-service interference that is affecting the quality-of-service of the network (uplink) 12   When do You Test for Interference?
  13. 13. Uplink In-service Interference ❑ Mobile operators search for uplink interference when base station Received Total Wideband Power (RTWP) reports a quality affecting level at base station (LTE) ❑ Customers report problems in an area ❑ Uplink more sensitive to interference due to mobile transmission restrictions (+23 dBm UE i.e. 0.2 Watts) Downlink In-service Interference ❑ Downlink QoS issues are not as common from externa interference sources, unless interferer is extremely powerful (sometimes with passive intermodulation), since the high powered signal from tower typically masks downlink interference sources 13   LTE eNB Tx Power: +45 dBm Rx Sensitivity: -123 dBm -102 to -105 dBm causes interference LTE UE Tx Power: +23 dBm Rx Sensitivity: -95 dBm Mobile Networks In-service Sensitivity
  14. 14.         Six  Case  Studies   14  
  15. 15. 15   Lights Out (700, 1900 and AWS bands) Extremely high uplink noise levels discovered during DAS Commissioning Interference found to occur only during day time and early evening Case Study #1 – Newark, DE Sept 2014
  16. 16. 16   SeeWave pointing away from interference source SeeWave pointing toward the interference source Interference locating in one particular section of the mall ❑  Interferer not found during DAS System Verification since done in the middle of the night ❑  Building owner agreed to replace 50 halogen light bulbs Interferer: Halogen Light Bulbs Case Study #1 – Newark, DE Sept 2014
  17. 17. 17   Work in Progress (700, 850 bands) Extremely high uplink noise levels discovered during DAS System Verification (-95 to -85 dBm) Interference found to occur only during day time and early evening in a small section of the mall Case Study #2 – Denver, CO July 2015
  18. 18. 18   Spectrum Analyzer near Source Awaiting permission to enter OshKosh B’gosh Store to test lights or other potential sources Suspected Interferer: Lighting Case Study #2 – Denver, CO July 2015
  19. 19. 19   Uber Boomer (1900 band) Tier One operator reports intermittent -75 dBm Received Total Wideband Power KPI on uplink and customer complaints on uplink (both in-building and outdoors) SeeWave pointing away from interference source SeeWave pointing toward the interference source Case Study #3 – Maryland Suburbs (near Washington DC) June 2015
  20. 20. 20   DoD  representa8ve  claimed  to  have  recently  installed  a  DAS  system   ❑  Unusual  for  DAS  system  to  cause  outside  interference  of  -­‐75  dBm,  1  mile  away   ❑  Classified  buildings  oPen  don’t  allow  cell  phone  usage   ❑  DAS  systems  are  always  on,  not  only  for  5  hours  a  day,  a  couple  Cmes  a  week     ❑  Immediately  agreed  to  permanently  turn  of  their  “DAS  System”    Conclusion  of  Interferer  type:  Military  Experiment   Interference Source: Classified Defense Contractor Building Case Study #3 - Maryland Suburbs (near Washington DC) June 2015
  21. 21. The Pope is Calling (and we listened) (850 band) Tier One installs Cellular on Wheels (COWs) at Quito Airport to cover increased Cellular traffic for the Pope’s visit (both indoor and outdoor) and the system was barely useable due to high noise floor Mobile Operator’s COW (the one working with PCTEL) turned off for test Competitor Mobile Operator’s COW (powered on) Case Study #4 – Quito, Ecuador July 2015
  22. 22. 22   SeeWave  poin8ng  away  from  interference  source   Low  Noise  floor   SeeWave  poin8ng  towards  interference  source   High  Noise  floor   Compe8tor’s  COW  was  interfering  with  uplink  in  the  -­‐95  to  -­‐100  dBm   ❑  Adjustments  needed  to  be  made  on  compe8tors  COWs   ❑  Only  authorized  to  place  COWs  in  this  loca8on   Interferer:  COW   Case Study #4 – Quito, Ecuador July 2015
  23. 23. SeeWave  poin8ng  away  from     interference  source   Case Study #5 - San Francisco, CA Oct 2014 23   SeeWave  poin8ng  toward       interference  source   Lost  my  Signal  in  San  Francisco   Tier  One  operator  reports  quality  affecCng  Received  Total  Wideband  Power    KPI  on  uplink   Case  Study  #5  -­‐  San  Francisco,  CA     Oct  2014  
  24. 24. BTS signal leaking into another carrier’s spectrum Conclusion on Interferer type: Faulty BTS/BTS infrastructure 24   Case Study #5 - San Francisco, CA Oct 2014
  25. 25. 25   Billboard Torture (700 band) Tier One optimization engineer finds very low SINR from drive test analysis SeeWave pointing away from interference source SeeWave pointing towards interference source Case  Study  #6  –  Nashville,  TN     Nov  2014  
  26. 26. 26   Digital  Billboard  employs  wireless  radio  device  for  upda8ng  billboard     Interferer  type:  Wireless  Radio  Device  on  Digital  Billboard     Case Study #6 – Nashville, TN Nov 2014
  27. 27.         Interference  Mechanisms   27  
  28. 28. ❑ Modulated Sources ❑ Un-modulated Sources ❑ Harmonics ❑ Passive intermodulation (PIM) ❑ Repeaters/BDAs ❑ Intentional Interference 28   Interference Types
  29. 29. ❑ Devices intended to transmit RF signals ❑ Unwanted interference occurs when these devices are malfunctioning or are operated improperly (usually narrowband signals) ❑ Compliant RF transmitters may create interference from harmonics, intermodulation, etc. ❑ Common sources of modulated interferers include: ‒ Unplugged Cable TV Output 29   Modulated  Sources  
  30. 30. ❑ Un-­‐modulated  sources  of  interference  are  created  from  electric  devices  that   unintenConally  create  RF  signals   ‒ ConCnuous  Noise   ‒ Impulse  Noise   ❑ Common  sources  of  conCnuous  noise  include:   ‒ Electric  Motors   ‒ Ballast  in  neon  lighCng   ‒ Faulty  transformers   ‒ Security  and  infrared  Cameras   ‒ Vehicle  igniCon  systems   ‒ Baby  Monitors         30   LTE Noise floor raised by electric motor Un-Modulated Sources
  31. 31. ❑ Impulse  Noise  from  un-­‐modulated  sources  are  created  when  the  electricity  flow  is  turned  on  and  off   ❑ Common  sources  of  impulse  noise  include:   ‒ Electric  Motors  (elevators,  manufacturing  plants,  farms,  etc.)   ‒ Electric  Fences   ‒ Welding   ‒ Parking  Gates   ‒ Wireless  Speakers   ‒ Arcing  power  lines   ‒ Light  dimmers   ‒ Lightning  suppression  devices   ‒ Commercial  baking  ovens   ‒ Beacons  on  top  of  cell  towers   ‒ Garage  door  openers   ‒ TV  remotes   31   Un-Modulated Sources
  32. 32. ❑ A  harmonic  is  a  mulCple  of  the  RF  carrier  (fundamental   frequency)   ‒ A  750  MHz  frequency  can  produce  harmonics  at  1500  MHz,  2250  MHz,   3000  MHz,  etc.     ❑ Legal  large  powered  transmikers  (megawak)  can  produce   a  1  Wak  third  harmonic   ‒ TV  transmikers  of  570  to  585  MHz  (channels  30  –  33)  can  cause  problems   on  E-­‐UTRA  4  (AWS)  uplink  (1710  –  1755  MHz)  band  if  the  AWS  sector  is   close  to  the  TV  transmiker     32   925 MHz harmonic from a 462.5 MHz 2-way radio Harmonics
  33. 33. ❑ Cellular repeater or bidirectional amplifiers ‒ Used to extend in-building cellular coverage or coverage in areas with marginal coverage ‒ Interference caused by malfunctioning BDAs or retransmission of undesirable signals at the BDA’s input ‒ Common source of interference, but difficult to locate 33  BDA Amplifie r Dome Antenna In-Building Repeater Repeaters/BDAs  
  34. 34. ❑ Two  or  more  strong  signals  combine  appearing  as  a   nonlinear  transmimng  device   ‒ Can  cause  numerous  interferers  from  the  addiCon  and  subtracCon  of   fundamental  frequencies  with  harmonics   ❑ OPen  called  the  “rusty  bolt”  effect   ‒ MaCng  of  2  metal  objects  can  create  a  recCfier  effect  when  corrosion  is   present   ‒ Generates  spurious  signals  that  are  radiated  by  the  connected  metal   objects   ❑ Common  sources     Rusty  bolts,  fences  or  barn  roofs   ‒ Corroded  rooPop  air  condiConers   ‒ Improperly  connected  or  loose/dirty  connectors  in  the  cell  tower   antenna  feed  line   ‒ Cell  tower  guy  lines   ‒ UClity  poles  or  wires,  rain  gukers       34   Passive  Intermodula8on  
  35. 35. ❑ OPen  located  in  shopping  malls,  restaurants,  schools,  military  bases   ❑ Sources  can  be  mobile  (cars,  trains,  etc.)   ❑ Civilian  use  is  illegal   ❑ Typically  easy  to  idenCfy   ‒ Strong  constantly-­‐on  signal   ❑ Usually  raises  noise  floor       35   Jammer Inten8onal  Interference  
  36. 36.         Important  Considera8ons   36  
  37. 37. 37 Scan Setup Dual  Scan  Spectrum  Analysis  with  Playback   •  Scan  uplink  and  downlink  for  spectrum   clearing  simultaneously   •  Set  up  separate  scans  for  looking  at  harmonics   Spectrogram  Waterfall  Isolates  Intermiaent   Interferers   Map  with  Triangula8on  Locates  Source  of   Interference   -­‐  Ergonomics   -­‐  Use  of  COTS  Antennas  (n-­‐type  conn.)     Spectrum  Analysis  Considera8ons  
  38. 38. DF Antenna Radiation Patterns (typical) ❑ Many users tilt antenna on a 45 deg angle 38   Elevation (Vertical) Azimuth (Horizontal) Antenna  Angle  
  39. 39. 39   Mul8path     ❑  MulCpath  occurs  when  radio  signals  from  one  source  reach  the   receiving  antenna  via  two  or  more  paths     ‒  Caused  by  reflecCons  or  refracCons  off  of  bodies  of  water  or   objects  including  building  and  mountains     ‒  Very  common  in  urban  canyons   Mi8ga8on   ❑  Find  a  locaCon  away  from  buildings  and  metal  objects     ‒  Building  roof     ‒  Away  from  metal  objects  including  vehicles     ❑  When  finding  a  good  locaCon  is  not  possible     ‒  Go  to  an  intersecCon  and  point  antenna  in  each  the  direcCon  of   each  intersecCng  street   ‒  Follow  the  street  with  the  highest  signal  from  the  interferer   Mul8path  can  severely  complicate  loca8ng  the  source  of  the  interferer   Radio  Wave  Mul8path  
  40. 40. Summary 40
  41. 41. 41   ❑  Verizon  700  MHz  LTE  cell  site  is  latest  vicCm  of  interference  from   fluorescent  lights     ❑  Time  Warner  Cable  Experience  Verizon  LTE  Interference  in  N.C.     ‒  Time  Warner  Cable  didn't  take  the  steps  to  properly  shield  its  boxes  and/or  cable  system   ❑  Florida  teacher  uses  cellphone  jammer  to  stop  students’  texCng,  draws   a  suspension         ‒            Interference  References  
  42. 42. 42   –  Interference  can  be  a  significant  source  of   customer  dissaCsfacCon  of  a  mobile  network   resulCng  in  customer  churn  and  lost  revenue   –  External  interference  negaCvely  affects  LTE   networks  at  lower  signal  levels  than  2G  and  3G   technologies   –  Interference  hunCng  is  an  on-­‐going  process   since  new  interferers  are  conCnually  created     Summary  
  43. 43. 43   http://rfsolutions.pctel.com James.zik@pctel.com Marc.nguessan@pctel.com For free LTE and Interference posters, please visit PCTEL RF Solutions website: Question s? Thank you!
  44. 44. RF  Data  CollecCon  &  Remote  Control/ Monitoring  Using  WINd©  SoluCon   Presenters   Nikhil  Gogaté   Senior  Director  of  Global   Business  Strategy   Luis  Najera   Product  Support  Specialist   Presented  by  Solutelia  
  45. 45. Connect  via  Bluetooth  to  the  PCTel  ibFLex  Scanner   Perform:  TopN,  RSSI,  CW  or  Blind  Scan  
  46. 46. WINd  App   Seamless  Integra8on   ibWave  Mobile  Planner   Integrated  ibWave  Mobile  Planner  support:   RF  Data  collec8on  and  Site  Survey  in  one  
  47. 47. WINd  App   WINd  Console  Real  Time   Console  Remote  View  allows   Real-­‐Time  Access  and  Control:  live  data  stream  
  48. 48. WINd  Console  Report  Manager   KPI  and  Interval  Reports   Summary  with  Indoor  or  Outdoor  Plots   Console  Reports  allows  near  Instant:   Real-­‐Time  KPI,  Interval  and  On-­‐Site  Post  Reports  
  49. 49. Achieving  Confidence  in  Cyberspace:   It’s  All  about  Risk  Management   Presenter   John  Holmblad   Cyber  Security  OperaIons  specialist  with  the  US   Senate  and  Professor  at  the  University  of   Maryland  University  College  
  50. 50. Achieving Confidence In Cyberspace => Its All About Risk Management NEDAS Summer Social - Training John B. Holmblad john.holmblad@faculty.umuc.edu 703 407 2278
  51. 51. ➢ About You ➢ About your Instructor, that is me NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 62 Introductions Company Size (Employees) Number of you Today’s Audience 1 2-10 11-100 101-1,000 1,001-10,000 >10,000
  52. 52. ➢  1. Goals of information security ➢  2. The Threat, Vulnerability, Risk, and Countermeasure Model ➢  3. Threats ➢  4. Vulnerabilities ➢  5. Security policies and security mechanisms ➢  6. Specific Countermeasures ➢  7. The role of trust ➢  8. Assurance ➢  9. Operational Issues ➢  10. Human Issues ➢  11. Sources of Additional Information NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 63 Today’s Agenda
  53. 53. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 64 1. Goals of Information Security
  54. 54. ➢  Prevention ➢ Prevent attackers from violating security policy ➢ A potential negative side-effect is that elaborate prevention can hamper legitimate use (e.g. DRM) ➢  Detection ➢ Detect attackers’ violation of security policy ➢ Typically required because prevention is not always successful ➢  Recovery ➢ Stop attack, assess and repair/remediate damage ➢ Continue to function correctly even if attack succeeds (a kind of fault tolerance) NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 65 What are the Goals of Information Security
  55. 55. ➢ Our lives are dominated by information. ➢ We want that information to be ➢ Available to us when we want it ➢ Correct with respect to what it purports to be ➢ Denied to those to whom it should not be available NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 66 We are an Information Driven Society
  56. 56. ➢ Information ➢ Protecting information that is stored, transmitted or viewed on or by means of a computer. ➢ Protecting information resources NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 67 What are we interested in protecting?
  57. 57. In short, Yes! ➢  Organizations are under attack from both inside and outside the company ➢  A wide range of attacks are extant (“in the wild”) ➢  Cyber attacks result in serious financial loss and, in some cases, complete failure of the enterprise ➢  The appropriate level of defense requires more than information security technologies NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 68 Is there A Problem that Needs Solving?
  58. 58. ➢  Our entire information infrastructure is rife with vulnerabilities at both the design and at the implementation level ➢ Design: e.g. BGP, 802.11 WEP ➢ Implementation: e.g. Adobe Flash, Internet Explorer ➢  Vulnerabilities are being routinely exploited ➢  We most often aren’t aware of the exploitation until it is too late. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 69 What are the Key Issues?
  59. 59. ➢ What is the problem. ➢ Why we have a problem. ➢ What solutions are available to us. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 70 To achieve/maintain security of our Information We Must Understand
  60. 60. ➢  Confidentiality ➢ Keeping data and resources hidden ➢  Integrity ➢ Data integrity (integrity) ➢ Origin integrity (authentication) ➢  Availability ➢ having access to data and resources NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 71 Information Security Services - Basic Components
  61. 61. ➢ Lets consider these security services from the perspective of : ➢ P: A Physician ➢ S: A Student ➢ C: A Consumer NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 72 Information Security Services - Basic Components
  62. 62. ➢  P: Passers-by must not see the medical record; it is only for the physician ➢  S: Student grades are a private matter between the instructor and the student. ➢  C: Only Amazon’s billing organization should be able to see the consumer’s credit card number NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 73 Readable ONLY by those who are authorized to receive/view /process it
  63. 63. ➢  Confidentiality may apply to the properties of information as well as the information itself: ➢ not how many with H1N1 Flu in the neighborhood, but is there H1N1 Flu at all ➢ why does this employee want to know about jobs at other places? ➢ does a government agency maintain information on a particular citizen? ➢  Confidentiality of resources for storing/maintaining information ➢ what computer systems are used, what configurations, what high-end equipment is available NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 74 Confidentiality of Information Properties (aka Metadata)
  64. 64. ➢  Interception: Secret voice communication between two parties that is intercepted ➢  Ex-filtration: Product cost data that is supposed to remain within the enterprise but which is ex-filtrated to a competitor ➢  Theft: User credentials (e.g. passwords) which are stolen NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 75 Examples of Confidentiality Violation
  65. 65. ➢  P: The physician’s understanding of the patient's BP, allergies, prescribed drugs, etc. must all be correct and up to date for this patient. ➢  S: The student wants historically accurate information from primary sources where possible. ➢  C: The consumer wants the description and price of the book to be accurate NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 76 Integrity means that Information is Correct with respect to what it purports to be
  66. 66. ➢  When personal information is maintained incorrectly by a service provider (for example, a loan has been repaid but this is not noted in the customer’s credit rating) ➢  When information is changed by an entity that does not have the authority to do so – can be malicious (thus constituting an origin and data integrity violation) ➢  Libel/defamation ➢  Incorrect source citation ➢  Integrity violations can be prevented but that is more difficult than simply detecting them. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 77 Examples of Integrity Violation
  67. 67. ➢  P: A physician might look up a patient record prior to an examination. She needs the record now. ➢  S: A student wants information about the holocaust for a research paper. Since he waited until the last minute it is important that the web sites are “up”. ➢  C: A consumer wants to purchase a book on Amazon.com NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 78 Availability means that Information is Available to the user when the user wants it
  68. 68. ➢  Denial of Service (DOS) attacks in: ➢ E-commerce, News sites, Government information, Remote electronic voting ➢  DOS Attacks can occur at one of several points ➢ At the origin (preventing server from accessing resources required to send info.) ➢ At the destination (blocking communication from server) ➢ At an intermediate path (by dropping communication from either origin or destination) ➢  DOS attacks can be difficult to detect because system behavior might be due to genuine system overload NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 79 Examples of Availability Violation
  69. 69. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 80 2. Threat, Vulnerability, Risk, and Countermeasure Model
  70. 70. ➢  A threat agent attacks a vulnerability resulting in a risk of loss. ➢  Threats, Vulnerabilities and Countermeasures all interact to affect the level of risk ➢  Countermeasure should mitigate (reduce) the Risk of Loss, by, eg: ➢ Eliminating the threat (Kill all the wolves) ➢ Eliminating the vulnerability (Build a brick house) ➢ Increasing the cost of attack (Make yourself poisonous to wolves) NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 81 Threats, Vulnerabilities, Risks and Countermeasures
  71. 71. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 82 Threat And Countermeasures Vulnerability Vulnerability Risk
  72. 72. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 83 Threat: An intent to do harm ➢ May refer to the threat agent (e.g., a terrorist, a fire, a tornado) ➢ Sometimes the word “threat” is mixed with ➢  The risk: e.g., Threat of financial loss ➢  The mechanism: e.g., threat of denial of service or threat of message interception ➢ A threat consists of : ➢ Threat Agent (individual or group) ➢ Means (e.g. resources and organization) ➢ Intent (plan to carry out attack)
  73. 73. ➢  Risk represents the negative consequence of a threat acting on a vulnerability ➢ A company loses $100k due to online bank fraud ➢ A company loses $1M in sales because its web site is unavailable ➢ A company’s common shares lose $1b because of the negative publicity as a consequence of its ineffective response to a security breach ➢ A Virus wipes out a student’s thesis and the student does not have a backup disc and thus learns the lesson “to backup is divine”. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 84 Risks to Information Security
  74. 74. ➢ Information Security is ultimately about risk management. ➢ Understand what information is important to yourself or your organization and what is its value ➢ Understand the who-what-when –where of access to the information ➢ Make and informed decision about how much to invest to protect the assets based on their value and the financial risk associated with their loss. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 85 Enterprise Risk Management
  75. 75. ➢ What assets need protection ➢ What financial risk the enterprise will incur if it fails to protect the asset adequately ➢ How much it will cost to protect the asset ➢ What is the “residual risk”, that is the risk that remains after performing mitigation actions? NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 86 Risk Analysis is a process that helps the Enterprise to understand
  76. 76. ➢  Government institutions and regulated business (e.g., financial and healthcare) are required by law (many laws actually!) to implement some security (e.g. PCI DSS for credit cards, HIPAA for healthcare, etc.) ➢  Many parts of the private sector have fewer regulatory and legal mandates for cybersecurity although that is changing ➢ Driven by shareholder value/stock price ➢ Security is viewed as an expense with no clear revenue gain. ➢  Implementing security must always balance the cost with the benefit. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 87 Cost vs. Benefits
  77. 77. ➢  Examples of Resource Mis-allocation ➢ Purchasing an alarm system for $500,000 to protect a $100,000 town house ➢ Spending $200,000 on a Security Event Management System to protect information assets that are worth only $50,000 ➢ Spending $500,000 on a state of the art Intrusion Prevention System but failing to invest opex in training and ongoing operation and maintenance NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 88 It is Possible to Overspend/ Misspend
  78. 78. ➢  Identify the threats to enterprise assets ➢  Identify the vulnerabilities that are exploitable by the threats ➢  Measure/assess the risk of the threat exploiting the vulnerability ➢  Identify countermeasures and the corresponding amount of risk mitigation as a consequence of the application of those countermeasures ➢  Measure the residual risk to the enterprise after risk mitigation NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 89 The Process For Risk Assessment
  79. 79. ➢ Can you really determine the degree and source of the threat? ➢ Can you find all the vulnerabilities? ➢ How do you measure risk? ➢ What does the countermeasure cost and how much risk will it remove? NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 90 Problem Areas for Risk Management
  80. 80. ➢  Risk = Expected Value of Loss. ➢ Given threats t, vulnerabilities v and random variable N(t, v) that t exploits v N times during some defined time frame, for example over a one year period and the probabilistic mean of N is E(N(t,v)) and ➢ Given that the financial loss L resulting from t exploiting v is L(t, v), then Risk = Σ E(N(t, v))*L(t, v) NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 91 Measuring Risk (t, v)
  81. 81. ➢ Annual Rate of Occurrence (ARO) ➢  E(N(t,v)) = 12 times per year and ➢ Single Loss Expectancy (SLE) ➢ L(t, v) = $50,000 then Annual Risk = Σ E(N(t, v))*L(t, v) = 12*$50,000 = $600,000 This is Annual Risk also referred to as the Annual Loss Expectancy (ALE) NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 92 Measuring Risk - An Example with some additional definitions (t, v)
  82. 82. ➢  Historically, risk estimators thought they could do this ➢ Annualized Loss Expectancy ➢ FIPSPUB31 Guidelines for Automatic Data Processing Physical Security and Risk Management, 1974. ➢  In reality, however, It is often very difficult to assign meaningful values for P(t, v) and L(t, v). ➢ What is the true value of information? ➢ How do you determine the frequency of occurrence of a successfully exploited vulnerability? ➢  Providers of cyber-risk insurance are developing/improving actuarial information bases to quantify cyber-risks ➢  As the Cyber-risk insurance market matures risk models will become more accurate in their predictive capability NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 93 This is not so easy to quantify
  83. 83. ➢ Not necessarily ➢ Some entity has to exploit the vulnerabilities ➢ Are there any threats? ➢ What are threats and vulnerabilities anyway? NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 94 Does the presence of Vulnerabilities imply that there is a material risk?
  84. 84. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 95 3. Threats
  85. 85. ➢ Disclosure ➢ Snooping ➢ Deception ➢ Modification, spoofing (masquerading, identity theft), repudiation of origin, denial of receipt ➢ Disruption ➢ Modification ➢ Usurpation: unauthorized control ➢ Modification, spoofing, delay, denial of service NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 96 Threats Classified by Potential Security Violation
  86. 86. ➢ Delay of access ➢ Denial of access ➢ Destruction ➢ Disclosure ➢ Modification NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 97 Threat Impacts on Information ➢ Threat types are not mutually exclusive and they can be natural or man-made. ➢ Managers must act to mitigate risks no matter what the source.
  87. 87. ➢ The threat agent somehow acts to delay the delivery or execution of information services ➢ A natural disaster cutting power or damaging a facility ➢ A malicious hacker interfering with the network ➢ A disgruntled employee deliberately slowing a critical enterprise workload thereby reducing throughput NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 98 Delay
  88. 88. ➢ An extreme form of Delay, where information services are unavailable for an extended period of time ➢ A “Distributed Denial of Service” (DDOS) Attack ➢ An animal falling into electrical equipment and thereby taking out a part of the power grid ➢ An earthquake NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 99 Denial
  89. 89. ➢ Information or resources are completely destroyed. ➢ A Catastrophic fire, earthquake, tornado, etc. ➢ A computer virus reformatting the hard drive ➢ A hacker deleting files. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 0 Destruction
  90. 90. ➢ The classic INFOSEC threat. Exposing sensitive information to unauthorized persons ➢ Military context: “Loose lips sink ships” ➢ An actor’s medical data exposed to the National Enquirer ➢ Consumer credit card numbers exposed to criminal hackers ➢ Information ex-filtration NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 1 Disclosure
  91. 91. ➢ The unauthorized changing of information. ➢ Possibly one of the more insidious problems as you may not be aware of it as it is happening. ➢ A medical record incorrectly changed to show no penicillin allergy. ➢ Geographic data subtly changed resulting in mission failure. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 2 Modification
  92. 92. ➢ Insiders used to be considered the primary threat. This is changing NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 3 Insider Threat
  93. 93. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 4 4. Vulnerabilities
  94. 94. ➢ Vulnerabilities are “weaknesses” in the target that allow the threat agent to act ➢ Software flaws (e.g. buffer overflow) ➢ Weak or no passwords ➢ Incorrectly configured perimeter protection (firewalls) ➢ Poorly trained staff ➢ Human susceptibility to Social Engineering NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 5 Vulnerabilities to Computers and Networks
  95. 95. ➢ Most common is the “buffer overflow” flaw NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 6 Software Flaws 1…………….………….1024 1010100101…1010………1 Programmer expected 1024 input bits but fails to design the software to incorporate a safety (bounds) check. Code contained in this area Buffe r
  96. 96. ➢ Most common is the “buffer overflow” NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 7 Software Flaws 1…………….………….1024 1010100101…1010……… 1110111010100101100001 0001010100100010010011 1110101010100101000001 1110101101001011101010 0011110101010101110100 1111000000000000110100 0111111101010101000010 1101001000010100100010 1111110101010010101010 101 Attacker feeds >>> 1024 input bits And fills this area with attacker’s own executable code Buffer Overflow
  97. 97. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 8 5. Security Policies and Security Mechanisms
  98. 98. ➢ A Security policy says what is, and is not, allowed ➢ This defines “security” for the site/system/etc. ➢ Can be in natural/machine-readable language, or within a mathematical framework ➢ A Security mechanism (technical or procedural, can use crypto) enforces policies. Also referred to as Controls. ➢ Composition of security policies ➢ If policies conflict, discrepancies may create security vulnerabilities NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 10 9 Policies and Mechanisms
  99. 99. ➢ It is important to understand the difference between the two concepts. ➢ Policy -> What ➢ Mechanism -> How ➢ An example ➢ Assuring Confidentiality is a policy statement ➢ Alternative mechanisms to support confidentiality ➢ Encryption of the information ➢ Physical protection of the information NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 0 Policy vs. Mechanism
  100. 100. ➢ In the real world most security mechanisms are broad ➢ The desired goal is for the collection of all the mechanisms in a system to define a “precise” overall mechanism NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 1 How about Security Mechanisms in the Real World?
  101. 101. ➢  Each mechanism should be designed to implement a part or parts of the policy ➢  The union of all the mechanisms should implement all of the policy ➢  The mechanisms must be implemented correctly ➢  The mechanisms must be installed, configured and administrated correctly NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 2 In order To Trust Security Mechanisms:
  102. 102. ➢  Monitoring and management systems and tools ➢  Intrusion detection systems and tools, ➢  Encryption of data ➢  Anti-tamper mechanisms (e.g. cryptographic hash) ➢  Identification and authentication ➢  Firewalls and proxy servers ➢  Software virus detection tools ➢  Fault tolerant networks and components ➢  Vulnerability scanning tools ➢  Security policies procedures ➢  Secure software development tools NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 3 Examples of Security Mechanisms
  103. 103. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 4 6. Specific Countermeasures
  104. 104. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 5 Conceptual Foundations for Infosec Best Practice =>Defense In Depth 115
  105. 105. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 6 Defense in Depth Internet WAN LAN Workstation Workstation LAN Protect the OS Protect the Communications Protect the Interface Protect the Physical Environment ➢ Need to protect ➢ Information in transit ➢ Information at rest
  106. 106. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 7 Mobility vs Security ➢ User mobility significantly increases the complexity of securing information assets
  107. 107. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 8 Lockheed-Martin Cyber Kill Chain Model Remediation Cost Lowest Highest
  108. 108. ➢  Monitoring and management systems ➢  Intrusion and misuse detection systems ➢  Identification and authentication systems ➢  Firewalls and proxy servers (for both inbound AND outbound connection activity) ➢  Software virus detection systems ➢  Fault/failure tolerant network design ➢  Application gateways ➢  Email spam filtering systems NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 11 9 Systems, Technologies, and Protocols for Protecting the Enterprise Boundary
  109. 109. ➢  Monitoring and management systems and tools ➢  Intrusion detection systems ➢  Encryption of data (at rest and in transit) ➢  Anti-tamper mechanisms (cryptographic hashes) ➢  Fault tolerant network design (e.g. Hot Standby Router Protocol – HSRP) ➢  Virtual LAN (VLAN) isolation ➢  Microsoft AD Domain isolation NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 0 Systems, Technologies, and Protocols for Protecting the Network Infrastructure
  110. 110. ➢  Monitoring and management systems ➢  Intrusion and misuse detection systems ➢  Identification and authentication ➢  Software virus detection tools ➢  Vulnerability scanning tools ➢  Security procedures ➢  Secure software development tools ➢  Fault tolerant components NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 1 Systems, Technologies, and Protocols for Protecting the Computer Environment
  111. 111. 01: Inventory of Authorized and Unauthorized Devices 02: Inventory of Authorized and Unauthorized Software 03: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 04: Continuous Vulnerability Assessment and Remediation 05: Malware Defenses NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 2 Council on Cybersecurity - Critical Security Controls - Version 5
  112. 112. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 3 Council on Cybersecurity - Critical Security Controls - Version 5 06: Application Software Security 07: Wireless Access Control 08: Data Recovery Capability 09: Security Skills Assessment and Appropriate Training to Fill Gaps 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  113. 113. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 4 Council on Cybersecurity - Critical Security Controls - Version 5 11: Limitation and Control of Network Ports, Protocols, and Services 12: Controlled Use of Administrative Privileges 13: Boundary Defense 14: Maintenance, Monitoring, and Analysis of Audit Logs 15: Controlled Access Based on the Need to Know
  114. 114. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 5 Council on Cybersecurity - Critical Security Controls - Version 5 16: Account Monitoring and Control 17: Data Protection 18: Incident Response and Management 19: Secure Network Engineering 20: Penetration Tests and Red Team Exercises
  115. 115. Against ➢  Confidentiality ➢  Integrity ➢  Availability ➢  Proof of Origin/Receipt NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 6 Summarizing – A View from 30,000 feet Mechanisms (AKA Countermeasures) ➢  Encryption ➢  Authentication ➢  Physical Security ➢  Hardware Protection ➢  Software Protection ➢  Administrative Protection
  116. 116. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 7 7. The role of trust in Information Security
  117. 117. ➢ We Really can’t do that precisely. ➢ We talk about assurance as a measure of trust, but that only transfers the problem ➢ Consider food product safety where trust is achieved by means of a collection of methods, practices, etc.: ➢ Testing and certification ➢ Manufacturing standards ➢ Safety seals NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 8 How do we measure trust?
  118. 118. ➢  All security policies and mechanisms have assumptions ➢ Sometimes these are explicit ➢ Sometimes these are implicit ➢  Example: Locks and picks ➢  Universal assumptions ➢ The policy can correctly and unambiguously partition the policy universe into “secure” and “non-secure” states. ➢ The mechanism can enforce the policy Neither of these assumptions are necessarily valid in every case NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 12 9 Trust Assumptions
  119. 119. Underlie all aspects of security, we assume that: ➢  Policies ➢ Unambiguously partition system states into those which are secure and nonsecure ➢ Correctly capture security requirements ➢  Mechanisms ➢ Together enforce/implement policy (i.e. prevent entry into a nonsecure state) ➢ Are implemented, installed and administered correctly NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 0 Trust Assumptions
  120. 120. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 1 8. Assurance
  121. 121. What assurance doe we have that a system can be trusted? ➢  First: The specification ➢ Arises from a requirements analysis ➢ Is a statement of desired functionality ➢  Second: The design ➢ How system will meet specification? ➢  Third: The implementation ➢ Programs/systems that carry out design ➢ Difficult to prove correctness of implementation All of the above affect the level of trust we will have in the system NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 2 Assurance
  122. 122. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 3 9. Operational Issues
  123. 123. ➢  Cost-Benefit Analysis ➢ Is it cheaper to prevent or recover? ➢  Risk Analysis ➢ Should we protect something? ➢ How much should we protect this thing? (What is the likelihood of a successful attack?) ➢  Laws and Customs ➢ Are the desired security measures illegal or unethical thereby limiting their utility? ➢ Will the enforcers perform them? NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 4 Operational Issues
  124. 124. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 5 10.Human Issues
  125. 125. ➢ Organizational Problems ➢ Power and responsibility ➢ Financial benefits ➢ People problems ➢ Outsiders and insiders ➢ Social engineering attacks NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 6 Human Issues
  126. 126. ➢ Sharing passwords ➢ “Social engineering” ➢ Maintenance ➢ Failure to update computer virus signatures ➢ Failure to install patches NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 7 The People Problem
  127. 127. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 8 11. Sources of Additional Information
  128. 128. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 13 9 Sources of Additional Information ➢ SANS Institute - Internet Storm Center http://isc.sans.org/diary.html?storyid=7027 ➢ SANS Institute – Critical Security Controls https://www.sans.org/critical-security-controls/ ➢ US Computer Emergency Response Team (US-CERT) https://www.us-cert.gov/ ➢ Krebs on Security http://krebsonsecurity.com/
  129. 129. NEDAS Summer Social Training Event July 15, 2015 ©2015 Televerage International 14 0 Thank You!
  130. 130. The  EvoluCon  of  DAS  Ownership   Panelists   Dennis  Rigney   Vice  President  of  Sales   SOLiD   Presented  by  SOLiD   Chief  Alan  Perdue   ExecuIve  Director   Safer  Building  CoaliIon   Mike  Collado   Vice  President  of  MarkeIng   SOLiD   Pete  Dawson   Strategy,  Research  and  Design   Engineering   Sprint   David  Fox   Director  of  Business  Development   American  Tower   Moderator  
  131. 131. NEDAS Toronto: The Art of Development September 29th What’s  Up  Next?  
  132. 132. LocaCon     •  Venue   –  2nd  Floor  Events        461  King  St  w        Toronto,  ON  M5V  1K4     •  Hotel  Room  Block   –  Toronto  Marriok   Eaton  Centre  Hotel    
  133. 133. Who  Should  Akend?   Public Safety Construction Engineer Manufacturing Engineer LegalTelecommunications Vendors Finance Real Estate Government & City OfficialsArchitects Carriers Engineer
  134. 134. •  Create  new  opportuniCes     •  RelaConship  and  business  development   •  New  tools  and  resources  to  enhance  business   opportuniCes Theme:  The  Art  of  Development  
  135. 135. •  125+  Akendees   •  Half-­‐day  full  of  panel  discussions       •  Meet  and  greet  networking  recepCon   •  Exhibits  and  Table  Top  Displays   •  NEDASConnect  App    *NEW*     What  Can  You  Expect?  
  136. 136. •  Reach  over  4,000+  industry  connecCons     •  Limited  sponsorship  opportuniCes  include:   –  *Exclusive  NEDASconnect  App     –  MarkeCng  tabletop/exhibits   –  Charging  staCon   –  And  more!     •  Contact:  info@northeastdas.com     Sponsorship  OpportuniCes    
  137. 137. For  more  informa8on  visit:   www.nedas.com   #NEDASBoston   and  now   #NEDASToronto  

×