Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Holistic security

404 views

Published on

PRESENTATION for the NUS (Singapore) security industry day

In a fully connected and complex world, solutions to problems in every sphere are no longer simple. Old techniques and thinking are pushed aside as non-linearity and emergent behavior become the norm. So, it is no surprise that security organizations globally on the ‘back foot’ and struggling to cope with agile enemies that are faster to innovate.

“Our challenge is to get ahead of the game by embracing a multiplicity of tools and techniques”

The theatre of the National Security has now expanded to simultaneously include: People; Companies; Governments; Devices; Networks; Services; Vehicles; Properties; LAND; SEA; AIR; SPACE; CYBER. Simple is no more! We have to think and operate across all these domains at the same time, and we have to become even more adaptive than the enemy.

“In an ideal world, our responses to Cyber and Terror would be automated and immediate”

The reality is that we continually expand the opportunity space for our enemies whilst we focus on isolation and containment. In contrast, the enemy operates across cooperative global market buying, selling and sharing knowledge and technologies. To survive, we have to do the same by connecting across all companies and government agencies. It is also essential that global cooperation is extended to new technologies such as the IoT from day one

“No nation is an island”

After briefly setting the wider scene we focus on the behavioural analysis of people and things, and auto-immunity for the IoT as exemplars of how we might think about future security solutions.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Holistic security

  1. 1. H o l ist i c Security Peter Cochrane cochrane.org.uk University of Singapore 17 November 2017
  2. 2. what we know for sure Attacks are escalating The Dark Side is winning The attack surface is increasing Cyber disruption costs are growing Companies do not collaborate and share The attackers operate an open market All our security tools are reactive Attacker rewards are on the up People are the biggest risk There are no silver bullets It is time to rethink our strategy and solution space More of the same but better & faster will not change the game… …we have to think anew -get out of the box and do something very different !
  3. 3. C Y B E R w a r f a r e A new and really big game changer “The American Military can no longer protect the nation”
  4. 4. C Y B E R w a r f a r e C O S T Published numbers vary widely - all we can say is the cost is big and getting bigger year on year Top 10 economies only
  5. 5. C Y B E R w a r f a r e C O S T Published numbers vary widely - all we can say is the cost is big and getting bigger year on year Top 10 economies only All Nations are Paying a price
  6. 6. T H E B I G P I C T U R E Cyber security is no longer contained The Dark Side are winning because they are 100% committed and see this war as total; a much wider conflict than CYBER alone… They are far more integrated and sharing - than we are and operate as a virtualised workforce driven by money and evil intent… We do not anticipate their innovation, tactics, tools, attacks, and we don’t think as they do…we are always on the back foot! We need to:
  7. 7. Scale & Complexity Beyond human abilities across too many fronts Physical AND&&Cyber are integrateD
  8. 8. R e l at i o ns h i pS Criminals T h e D a r k S i d e o f T h e F o rc e ! Rogue States Hackers Politicos Terrorists
  9. 9. responsibility People have no security abilities And why should they ? It is not their problem ! They are just users and victims of very poor design and a lack of support Industry needs to step up to the plate; take control; automate & deliver turnkey solutions. They sold the products and services: and should ensure all operate safely & problem free!
  10. 10. Dominated by Government Forces Government, Military, Industry, White Hats, General Population Warfare continues to rapidly evolve, and is now total, embracing: Politics Media, Infrastructure, Institutions, Financial Systems, Intel Agencies, Industry, Banks, Government, Homes, Appliances, Health Care, Emergency Services, Defence, Military, Transportation Systems, Farming, Food Production, Logistics, Networks, Devices, Hardware, Hardware, Software…+++ theatres of war No longer a sole military preserve AIR SEA LAND SPACE CYBERCYBER
  11. 11. CYBER EMBRACE All peoples & all things in the loop Autonomous Entities Intelligences Computers Networks Electronic Electrical Mechanical Mankind Population ManandMan/MachineMadeThings Humans Are The Minor Players Cyber is now a part of everything we do and own; what we are - and there are now far more machines than people
  12. 12. AT T A C K S U R F A C E We a re c o m p o u n d i n g o u r p ro b l e m s I N T E R N E T M O B I L I T Y I O T A n d , M O R E : U s e r s Devices S e r v i c e s M o b i l i t y Networks B r o a d c a s t Social Nets C o m p l e x i t y e C o m m e rc e A p p l i c a t i o n s Transactions C o n n e c t i v i t y O p e n A c c e s s D i g i t a l i s a t i o n I n f r a s t r u c t u r e G ro w i n g Re w a rd s ++++ The tar get is growing!
  13. 13. W H O A R E T H EY And their primary occupation ? Possible Recruit Terrorist Trainee CIA Agent Rogue Gov Spy Black Hat Terrorist Criminal Terrorist Recruitor White Hat Hacker Police Security Agent CEO/CIO Social Engineer Cyber Bully Malware Breeder Security Consultant
  14. 14. W H O A R E T H EY And their primary occupation ? Possible Recruit Terrorist Trainee CIA Agent Rogue Gov Spy Black Hat Terrorist Criminal Terrorist Recruitor White Hat Hacker Police Security Agent CEO/CIO Social Engineer Cyber Bully Malware Breeder Security Consultantpeople are not just bad and good in one domain their habitualities are permiate all domains WHAT ARE THEIR DEVICES communicating / hiding To whom and what are they communicating
  15. 15. W h at i s t h i s ? A DDoS attack, or something more Main Event ? Decoy ? Masking ? Diversion ? Tunnel set up ? Infiltration ? Intel Ops ? Implant ? Theft ? Tests ? +++
  16. 16. AXIOMATIC Machines dominate Number of Machines >> Number of People They are by far the biggest communicators Their sensory capabilities growing Their intelligence is growing T h e y a re a p a r t o f u s We are a part of them We enjoy an irreversible mutual dependency “I think we can safely assume that they are collecting vast amounts of data and information…and we do not understand the significance of most of it”
  17. 17. AXIOMATIC P r o b l e m s o l v i n g “Our biggets and most complex cyber security problems cannot be solved by analogue methods, and that almost certainly includes the human mind”
  18. 18. AXIOMATIC P r o b l e m s o l v i n g “Our biggets and most complex cyber security problems cannot be solved by analogue methods, and that almost certainly includes the human mind” A AI AND Machine Help has become vital
  19. 19. NEEDLE IN A NEEDLE STACK A multi-tool challenge People Surveillance Communications Employments Associations Individuals Purchases Networks Habits Social Travel Work +++ Device/s Surveillance Other Device Connect Net Node Connect Social Networks eAssociations eConnections ePurchases Locations Habits Travel eMail TXTs Calls Web +++ A Habits+Activities GIVE VITAL CLUES
  20. 20. W HAT W E NOW NEED ? An essentials shopping list is reasonably short Global monitoring and shared situational awareness Cooperative environments on attacks and solutions Universal sharing of identified attacks/developments Address cloaking & decoy customer sites/net nodes Behavioural analysis of networks, devices, people To continue and expand all established efforts Auto-Immunity for all devices including IoT Secure wireless channels - invisible signals
  21. 21. L ets e x aM I N E T H R E E The grey items have been addressed elsewhere Global monitoring and shared situational awareness Cooperative environments on attacks and solutions Universal sharing of identified attacks/developments Address cloaking & decoy customer sites/net nodes Behavioural analysis of networks, devices, people To continue and expand all established efforts Auto-Immunity for all devices including IoT Secure wireless channels - invisible signals
  22. 22. Sociology of things The sociology of things is not understood and has yet to be studied- and it is digital! Relationships The keys to the security kingdom and behaviors
  23. 23. b e h a v i o u r a l a n a lys i s People, devices, networks, components, things are habitual Habituality identifies us Any deviation indicates some form of change
  24. 24. b e h a v i o u r a l a n a lys i s Network data shows a marked increase in activity 222120191817161514131210987654 Attack generated data Normal data
  25. 25. Auto-immunity Mirrors biological forebears Applied everywhere 24 x 7 ICs ISPs WiFi Hubs LANs Cards Traffic Servers Circuits Devices Internet Networks Organisations Companies Platforms Groups People Mobile Fixed
  26. 26. Broadcasting Malware Responding with updated protection Wider Network Updated Latest Solution Update Dynamic isolation of infected devices and components leading to repairA mix of clean and infected Auto-immunity
  27. 27. A Multiplicity of channels Attack detection/exposure/thwarting using access diversity BlueTooth Short Range Device to Cloud Device to Device WiFi, WiMax Medium Range WLAN/Cloud Integrated and intelligent security systems embedded into all products and components ZigBe/Other ?? Car-to-Car Direct Communications Defence opportunities in channel/device/system diversity A wide plurality of channel detection and protection Attacks almost never isolated or single sourced Not restricted to single channel/attempt Secure attack and infection isolation Diverse immunity/support access Distributed info sharing GEO info location 3, 4, 5 G Long Range Device to Net Device to Cloud SatCom Broadcast
  28. 28. A uto - i m m u n ity F i g h t i n g f i r e w i t h f i r e
  29. 29. Infinite IoT WirElesS Sans channels, bands & regulation “ T h e r e i s n o b a n d w i d t h c r i s i s , a n adherence to the past, limited thinking, bad design and engineering….we have to rethink the day and not be constrained by the past”
  30. 30. Where it all started Fork lift radio - analogue - long distances - lots of power CW, AM, FM, SSB+++ P2P Fixed, Broadcast+++ LW, MW, SW, VHF, UHF+++ Terrestrial, Maritime, Airborne+++ ~30Bn fixed and mobile broadcast radio & TV receivers dominate followed by simplex voice transceivers
  31. 31. Big cells and n x1000s of towers Fast forward ~7Bn live devices on 3/4G connected to a global net of duplex voice & data comms • Digital modes only • Personal mixed use and traffic • Static base stations dominate • Terrestrial concentration • Large cells <20km
  32. 32. Does everything, but badly THE BIG FIX ? 5g • Replaces optical fibre • Outguns 3 & 4G • Gbit/s everywhere • Will dominate the IoT • +++++ • Cooks a chicken • Improves your sex life….
  33. 33. Observations It is a miracle it all works Protocols very inefficient We avoid interference by dynamic juggling! The spectrum shortage is an illusion We seldom use more than 20% of the available space 5G unlikely to be a big player It cannot fully service the IoT We need more than incrementalism More bands, channels, modulation and coding schemes are not enough
  34. 34. n e w d i r e c t i o n S From connected people to connected things People ~10Bns Traffic ~1 Bn Goods ~100Bns Components ~1 Tn IoT
  35. 35. E n e r g y l i m i t a t i o n S We cannot realise such a future using our current approach Internet and connected devices ~ 10% of all energy generated What would 50, 250 or 1000Bn IoT devices demand ? We have to get down from mW to µW, nW and pW This demands ‘simplicity’ of processing and communications
  36. 36. N e w M o d e s More things linking off net than on Most THINGS will never connect to the internet THINGS will want to network and connect with other THINGS The IoT is entirely evolutionary and not just revolutionary New sporadic networks and associations will occur
  37. 37. one size fits all - not! We are going to need a multiplicity of technologies Cost Per Unit ~ 0 - 20 £, $, € Size of Units ~ 1 - 50 mm3 Power Used ~ pW - mW Single Chips Rule
  38. 38. C o n t i n u e t W e a k i n g ? This heritage/thinking cannot possible get us there
  39. 39. The Illusion of scarcity Why do we do this - it is largely legacy thinking
  40. 40. The Illusion of scarcity Why do we do this - it is largely legacy thinking Actually the spectrum is m ostly unused!
  41. 41. A dense london location ~50k WiFi nodes within a 1km radius of Liverpool St
  42. 42. New Opportunities High loss is a short distance/reuse +++ God Given Spatial Filters Status Quo Leave well alone New Territory and new opportunities Continues untouched All modulation schemes from the past +new New modulation schemes & modes including hyper Direct Sequence Spread Spectrum
  43. 43. The Illusion of scarcity Why do we do this - it is largely legacy thinking far too complex & expensive Unfit for the IoT purpose - especially at 30 - 300 GHz
  44. 44. N e w O p p o rt u n i t i es High loss ideal for short distance/reuse +++ Direct Sequence Spread Spectrum HYPER Direct Sequence Spread Spectrum
  45. 45. S/N dB BW Hz Duration T seconds Volumetric representation of S/N, BW and Time Claude Shannon 1945/46 I = B.T log2(1 + k.S/N) I ~ B.T.K.S/NdB vv Back to basics k.S/N >> 1
  46. 46. The same information transmitted in 3 different modes exploiting S/N, BW and T S/N dB BW Hz Duration T seconds degrees of freedom
  47. 47. S/N dB BW Hz Duration T seconds In the Extreme ‘Waste Bandwidth’ to push the Signal Below the Noise Filters Coding Modulation Timing Recovery Amplifiers & Mixers Jitter Phase Noise Doppler Shift Frequency Stability Multi-Path Propagation Negated
  48. 48. BW ~ 500MHz All digital no analogue elements - mixers, amplifies, filters UWB ON AFTERBURNERS From UWB To HWB Hyper Wide Band BW ~ 50GHz SIGNAL CODING/Error Correction => Bit Counting/Averaging 1bit/Hz 0.01bit/Hz
  49. 49. Antennas spanning huge frequency ranges are a non- trivial problem…and whilst fractal antennas are seen to be (theoretically) the holy grail, no one has yet succeeded in realising fully workable designs Challenge
  50. 50. For the usa army The cyber war HAS becomE Just war Thank You www.cochrane.org.uk

×