Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2011 USSTRATCOM Cyber and Space Symposium Session Seven Mr. James Brase


Published on

2011 USSTRATCOM Cyber and Space Symposium
Session Seven: Panel: Alternative Futures for Cyber and Space
Mr. James M. Brase
Deputy Program Director for Intelligence
Office of Strategic Outcomes
Lawrence Livermore National Laboratory

Published in: Technology
  • Be the first to comment

  • Be the first to like this

2011 USSTRATCOM Cyber and Space Symposium Session Seven Mr. James Brase

  1. 1. Rethinking Cyber R&D for Compromised Environments Jim Brase Lawrence Livermore National LaboratoryLawrence Livermore National Laboratory
  2. 2. Nuclear Weapons Science and Engineering Intelligence and Network Laser Science and Analysis Technology Earth and Atmospheric Science Chemistry and Materials High Performance ComputingLawrence Livermore National Laboratory 2
  3. 3. The rapidly evolving Information network environment • No such thing as a perimeter – mobility and cloud – your network is everywhere • Convergence and proliferation increase attack paths • Growing adversary capabilities – polymorphism, persistence, …Lawrence Livermore National Laboratory 3
  4. 4. Deterrence is limited Prevention is limited• Growing cost asymmetries • No path to defect-free systems• Limited attribution – lack of • Global hardware and software identity supply chains Capable adversaries are and will be in our systems and networks Lawrence Livermore National Laboratory 4
  5. 5. To do this we need new capabilities • Situational awareness – Know the network and its activities at full-scale and in real-time • Predict network behaviors - how the mission will interact with the network and how defensive activities will affect it • Adapt protection and response for the specific activity, environment, and threat  resilienceLawrence Livermore National Laboratory 5
  6. 6. Developing a new R&D roadmap for mission assurance incompromised environments• Using supercomputers to analyze mission risk • How does mission performance degrade if the network is compromised? • Predicting the security properties of complex network systems at full scale• Cyber situational awareness at scale Situational awareness through machine • Rapid, continuous, low-impact network learning and graph analytics mapping • Behavioral anomalies in high-speed streams • Move from perimeter awareness to awareness over the full network  Thousands of simultaneous real-time behavioral models• Real-time active defense measures – Adapting defenses in real-time to match the current threat and environment High-fidelity mission simulation at full- scale Lawrence Livermore National Laboratory
  7. 7. Operations are informing the science – but thetransition from science back to operations is critical The DOE/NNSA Labs are working together to develop government partnerships to transition R&D in • Network situational awareness • Low-impact network mapping • Multisource network characterization • Real-time anomaly detection • Predictive network analysis • Simulation for mission risk analysis • Rapid reverse engineering tools • Malware fingerprinting and attribution Lawrence Livermore National Laboratory
  8. 8. Expanding the set of Enabling secureinnovators operations • Access to resources • Secure, authenticated – computation, data, threat information tools Trusted sharing Incubation Information • Sharing product and • Enable broad Sharing best practices participation in development experience • Managed by UC Berkeley Research & Development Education and outreachBuilding R&D foundations • Education and outreach• Roadmaps for R&D and policy Education programs transition concepts• Foundational R&D projects – into practice behavioral analytics, simulation, • Workshops on technology- vulnerability analysis policy integration Lawrence Livermore National Laboratory