SlideShare a Scribd company logo

Secure Computer Systems (Shrobe)

Michael Scovetta
Michael Scovetta

Presentation from the Colloquium on Future Directions in Cyber Security on Nov 7, 2011.

Technology
1 of 15
Download to read offline
Howard Shrobe Program Manager, Information Innovation Office Secure Computer Systems DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
Today’s Practice P4: Perimeter Protection, Patch & Pray isn’t Convergent with The Threat • It’s not about better firewalls • It’s not about better virus Security software detection • It’s not about better intrusion detection Malware: • It’s not about better programmer practices It’s about learning from biology Attacker Effort: and societies how to design secure, adaptive and resilient systems. Defender Effort Approved for Public Release, Distribution Unlimited.
Humans Have Two Immune Systems: Innate and Adaptive neutrophils Fast, but inflexible, I macrophages covers fixed sets of N pathogen that are N always present. Supports A dendritic cells the adaptive immune T system. E CD16/ natural killer 56 (NK) cells A CD3/CD4 D CD4 T cell Slower, learns to A recognize new sets of thymus P pathogens, distinguishes T CD3/CD8 CD8 T cell self from non-self, I retains memory to guard V against future attacks. E CD19 B cells At least 20 – 30% of the body’s resources are involved in constant surveillance and containment. Approved for Public Release, Distribution Unlimited.
Three Big Problems 1. Systems can be easily penetrated 2. Once penetrated, cleanup is prohibitively expensive, time-consuming, and unpredictable 3. If one system can be penetrated, then nearly all of them can Approved for Public Release, Distribution Unlimited.
Mission-oriented Resilient Clouds Using the power of a computational community to protect massively shared computational infrastructure Your Software Lives Here Virtual Machine Virtual Machine Virtual Virtual Machine Machine Your Software Lives On A Network with 100K Other Virtual Machines and No Firewalls Modular Data Center Blade Server Blade Server Containers Racks Network Approved for Public Release, Distribution Unlimited.
Resilient Clouds: A Community that uses the Network as a Defensive Amplifier TODAY RESILIENT CLOUDS (CRASH++) Acting as individuals makes the Acting as a community makes the enterprise weaker than the sum of its enterprise stronger than the sum of parts its parts • “Box” Oriented • Mission Optimized • Vulnerable Components • CRASH-worthy components • Static Sitting Duck • Moving Target • Shared Vulnerabilities • Resilience through Diversity • Implicit Trust is Amplifier • Collective Diagnosis is Damper Approved for Public Release, Distribution Unlimited.
Resilient Clouds Technology Areas Combined Goal of CRASH & Resilient Clouds Cyber-Mission Resilience Resilient Clouds Technologies Mission-Aware Optimizing Mission Networking and Resources Innate Distributed Shared Situational Awareness, Manageable & Taskable Defense Trust Modeling, and Diagnosis Diversity CRASH Technologies Innate Immunity Adaptive Immunity Manageable Diversity  Information flow For more info see: http://tinyurl.com/68w9wpf  Control flow Approved for Public Release, Distribution Unlimited.
Secure Computer Systems CRASH Clean-slate design of Resilient, Adaptive, Secure Hosts Approved for Public Release, Distribution Unlimited.
CRASH Applies Biological Principles to Computation Innate Immunity: New hardware & operating system architectures that eliminate all common technical vulnerabilities Adaptive Immunity Middleware that: • Diagnoses root causes of vulnerabilities and builds situational assessment • Quickly adapts & reconfigures • Learns from previous attacks and gets better at self-protection Population Diversity Computational techniques that: • Increase entropy in time and space • Make every system unique • Raise work factor of attacker for each system Approved for Public Release, Distribution Unlimited.
Innate Immunity: An Example Hardware Solution Conventional Computer Memory Register File Result Data Operand 1 A Data Data L Operand 2 U Tag 1 Tag Tag Tag 2 Trap Signal Instruction Tags Unit Result Tag Bounds Type Thread’s Principal Access Rules Provenance Software and hybrid solutions are Meta-computing System also possible (e.g. PROCEED) Approved for Public Release, Distribution Unlimited.
Adaptive Immunity System 4. System model is adapted with Model new attack-specific detector 3. System model is used to perform diagnosis (e.g. localization and characterization) 2. Software system analog of adaptive 1. Hardware analog immune system is 5. Adaptive immune of innate immune signaled system synthesizes plan system detects to get around problem anomaly and patch to remove specific vulnerability Approved for Public Release, Distribution Unlimited.
Dynamic Diversity Makes a Single Host Different from Moment to Moment Address Space Randomization Instruction Set Randomization Disk Memory ICache Code and/or data blocks Instruction-1 Encrypted-1 Instruction-1 are periodically Instruction-2 Encrypted-2 Instruction-2 repositioned in memory so that attacker has to work Instruction-3 Encrypted-3 Instruction-3 harder to find a target. Garbage-collected memory Instruction-4 Encrypted-4 Instruction-4 has the property inherently, new methods may optimize Instruction-5 Injected-1 Encrypted-1 for increased entropy. Instruction-6 Injected-2 Encrypted-1 Encrypted-5 Instruction-5 Encrypted-6 Instruction-6 Functional Redundancy & Decision Theoretic Dispatch Code is encrypted as it enters memory and Decrypted as it enters There are multiple methods Goali the instruction cache (or translation for achieving each goal buffer). Injected code in native (“n-version programming”). instruction set is then encrypted Each distinct method has and not executable. Encryption key different qualities of service. can be varied by process and time. Method selection is driven Methodij QoSij both by preferences over QoS and by need for unpredictability. Approved for Public Release, Distribution Unlimited.
Turn the Tables: Make The Attacker Do The Work x x Attacker Attacker Attacker Effort: Effort: Effort: Defender Defender Defender Effort Effort Effort Innate Immunity Adaptive Immunity Dynamic Diversity • Novel Hardware • Policy Weaving • Compiler generated Diversity • Separation OS’s • Automatic Patching • Algorithmic • Information Flow • Selective Playback Diversity • Formal Methods • Symbiotes • Instruction Set Randomization Approved for Public Release, Distribution Unlimited.
An opportunity… Smartphone > PC shipments within 2 years Implies very rapid, land grab evolution of internet access Approved for Public Release, Distribution Unlimited.
Our goal… …is to get CRASH & MRC technologies into your machines. • If you make computers, operating systems, middleware… • If you use these and can influence the people who make them • If you think there’s a great startup opportunity • Then we want to talk with you about how to transition our technologies into the real world. • Contact us at CrashInquiries@darpa.mil Approved for Public Release, Distribution Unlimited.

Recommended

Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Trend Micro (EMEA) Limited
 
Doten apt presentaiton (2)
Doten apt presentaiton (2)Doten apt presentaiton (2)
Doten apt presentaiton (2)Jeff Green
 
The difference between the Reality and Feeling of Security
The difference between the Reality and Feeling of SecurityThe difference between the Reality and Feeling of Security
The difference between the Reality and Feeling of SecurityAnup Narayanan
 
Introducción al análisis de malware
Introducción al análisis de malwareIntroducción al análisis de malware
Introducción al análisis de malwareGustavo Martinez
 
Infromation Security as an Institutional Priority
Infromation Security as an Institutional PriorityInfromation Security as an Institutional Priority
Infromation Security as an Institutional Priorityzohaibqadir
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Fns Incident Management Powered By En Case
Fns Incident Management Powered By En CaseFns Incident Management Powered By En Case
Fns Incident Management Powered By En Casetbeckwith
 
Ids
IdsIds
Idsfangjiafu
 

Recommended

Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Trend Micro (EMEA) Limited
 
Doten apt presentaiton (2)
Doten apt presentaiton (2)Doten apt presentaiton (2)
Doten apt presentaiton (2)Jeff Green
 
The difference between the Reality and Feeling of Security
The difference between the Reality and Feeling of SecurityThe difference between the Reality and Feeling of Security
The difference between the Reality and Feeling of SecurityAnup Narayanan
 
Introducción al análisis de malware
Introducción al análisis de malwareIntroducción al análisis de malware
Introducción al análisis de malwareGustavo Martinez
 
Infromation Security as an Institutional Priority
Infromation Security as an Institutional PriorityInfromation Security as an Institutional Priority
Infromation Security as an Institutional Priorityzohaibqadir
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Fns Incident Management Powered By En Case
Fns Incident Management Powered By En CaseFns Incident Management Powered By En Case
Fns Incident Management Powered By En Casetbeckwith
 
Ids
IdsIds
Idsfangjiafu
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
 
Ch13 Ids
Ch13 IdsCh13 Ids
Ch13 Idsphanleson
 
Ehc brochure
Ehc brochureEhc brochure
Ehc brochureEhab El Barbary
 
RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionSymantec
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)Michael Scovetta
 
Introducing the Ceylon Project
Introducing the Ceylon ProjectIntroducing the Ceylon Project
Introducing the Ceylon ProjectMichael Scovetta
 
The Ceylon Type System
The Ceylon Type SystemThe Ceylon Type System
The Ceylon Type SystemMichael Scovetta
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesMichael Scovetta
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForMichael Scovetta
 
Smooth CoffeeScript
Smooth CoffeeScriptSmooth CoffeeScript
Smooth CoffeeScriptMichael Scovetta
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)Michael Scovetta
 
Attacking the WebKit Heap
Attacking the WebKit HeapAttacking the WebKit Heap
Attacking the WebKit HeapMichael Scovetta
 
Android Attacks
Android AttacksAndroid Attacks
Android AttacksMichael Scovetta
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 
Strategic Surprise
Strategic SurpriseStrategic Surprise
Strategic SurpriseMichael Scovetta
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client BackdoorMichael Scovetta
 
Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)Michael Scovetta
 
Stackjacking
StackjackingStackjacking
StackjackingMichael Scovetta
 
HTML5 Web Security
HTML5 Web SecurityHTML5 Web Security
HTML5 Web SecurityMichael Scovetta
 
Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Michael Scovetta
 

More Related Content

What's hot

The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
 
RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionSymantec
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 

What's hot (6)

The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas Kurian
 
Ch13 Ids
Ch13 IdsCh13 Ids
Ch13 Ids
 
Ehc brochure
Ehc brochureEhc brochure
Ehc brochure
 
RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information Protection
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 

Viewers also liked

Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)Michael Scovetta
 
Introducing the Ceylon Project
Introducing the Ceylon ProjectIntroducing the Ceylon Project
Introducing the Ceylon ProjectMichael Scovetta
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesMichael Scovetta
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForMichael Scovetta
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)Michael Scovetta
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client BackdoorMichael Scovetta
 
Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)Michael Scovetta
 
Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Michael Scovetta
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesMichael Scovetta
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State MachinesMichael Scovetta
 

Viewers also liked (18)

Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)Anomaly Detection at Multiple Scales (Waltzman)
Anomaly Detection at Multiple Scales (Waltzman)
 
Introducing the Ceylon Project
Introducing the Ceylon ProjectIntroducing the Ceylon Project
Introducing the Ceylon Project
 
The Ceylon Type System
The Ceylon Type SystemThe Ceylon Type System
The Ceylon Type System
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android Smartphones
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking For
 
Smooth CoffeeScript
Smooth CoffeeScriptSmooth CoffeeScript
Smooth CoffeeScript
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)
 
Attacking the WebKit Heap
Attacking the WebKit HeapAttacking the WebKit Heap
Attacking the WebKit Heap
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)
 
Strategic Surprise
Strategic SurpriseStrategic Surprise
Strategic Surprise
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client Backdoor
 
Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)Scalable Cyber Deception (Ragsdale)
Scalable Cyber Deception (Ragsdale)
 
Stackjacking
StackjackingStackjacking
Stackjacking
 
HTML5 Web Security
HTML5 Web SecurityHTML5 Web Security
HTML5 Web Security
 
Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and Techniques
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State Machines
 

Similar to Secure Computer Systems (Shrobe)

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsLumension
 
Advanced Persistent Threats Cutting Through The Hype
Advanced Persistent Threats Cutting Through The HypeAdvanced Persistent Threats Cutting Through The Hype
Advanced Persistent Threats Cutting Through The HypeSymantec
 
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Lumension
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Symantec Ubiquity
Symantec UbiquitySymantec Ubiquity
Symantec UbiquitySymantec
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Junos Pulse Mobile Security Suite Launch
Junos Pulse Mobile Security Suite LaunchJunos Pulse Mobile Security Suite Launch
Junos Pulse Mobile Security Suite LaunchJuniper Networks
 
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Blue Coat
 
Malware is NOT Magic
Malware is NOT MagicMalware is NOT Magic
Malware is NOT MagicEnergySec
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Adversarial robustness using clever hans
Adversarial robustness using clever hansAdversarial robustness using clever hans
Adversarial robustness using clever hansShrutiMishra164
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Permutation Oriented Programming
Permutation Oriented ProgrammingPermutation Oriented Programming
Permutation Oriented ProgrammingNelson Brito
 
"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson BritoSegInfo
 
Future-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsFuture-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsSteven SIM Kok Leong
 
Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Nelson Brito
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiStonesoft
 
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0Invincea, Inc.
 
The Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareThe Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareJames Wickett
 

Similar to Secure Computer Systems (Shrobe) (20)

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
 
Advanced Persistent Threats Cutting Through The Hype
Advanced Persistent Threats Cutting Through The HypeAdvanced Persistent Threats Cutting Through The Hype
Advanced Persistent Threats Cutting Through The Hype
 
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Symantec Ubiquity
Symantec UbiquitySymantec Ubiquity
Symantec Ubiquity
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Junos Pulse Mobile Security Suite Launch
Junos Pulse Mobile Security Suite LaunchJunos Pulse Mobile Security Suite Launch
Junos Pulse Mobile Security Suite Launch
 
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101
 
Malware is NOT Magic
Malware is NOT MagicMalware is NOT Magic
Malware is NOT Magic
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Adversarial robustness using clever hans
Adversarial robustness using clever hansAdversarial robustness using clever hans
Adversarial robustness using clever hans
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
 
Permutation Oriented Programming
Permutation Oriented ProgrammingPermutation Oriented Programming
Permutation Oriented Programming
 
"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito
 
Future-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsFuture-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical Threats
 
Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson Brito
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
 
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
 
The Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into SoftwareThe Rugged Way in the Cloud--Building Reliability and Security into Software
The Rugged Way in the Cloud--Building Reliability and Security into Software
 

More from Michael Scovetta

Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesMichael Scovetta
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst PracticesMichael Scovetta
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsMichael Scovetta
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)Michael Scovetta
 
Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Michael Scovetta
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationMichael Scovetta
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Michael Scovetta
 
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)Michael Scovetta
 

More from Michael Scovetta (8)

Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade Machines
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst Practices
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programs
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)
 
Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)Scaling Cyberwarfare (Roelker)
Scaling Cyberwarfare (Roelker)
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal Verification
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)
 
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Secure Computer Systems (Shrobe)

  • 1. Howard Shrobe Program Manager, Information Innovation Office Secure Computer Systems DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
  • 2. Today’s Practice P4: Perimeter Protection, Patch & Pray isn’t Convergent with The Threat • It’s not about better firewalls • It’s not about better virus Security software detection • It’s not about better intrusion detection Malware: • It’s not about better programmer practices It’s about learning from biology Attacker Effort: and societies how to design secure, adaptive and resilient systems. Defender Effort Approved for Public Release, Distribution Unlimited.
  • 3. Humans Have Two Immune Systems: Innate and Adaptive neutrophils Fast, but inflexible, I macrophages covers fixed sets of N pathogen that are N always present. Supports A dendritic cells the adaptive immune T system. E CD16/ natural killer 56 (NK) cells A CD3/CD4 D CD4 T cell Slower, learns to A recognize new sets of thymus P pathogens, distinguishes T CD3/CD8 CD8 T cell self from non-self, I retains memory to guard V against future attacks. E CD19 B cells At least 20 – 30% of the body’s resources are involved in constant surveillance and containment. Approved for Public Release, Distribution Unlimited.
  • 4. Three Big Problems 1. Systems can be easily penetrated 2. Once penetrated, cleanup is prohibitively expensive, time-consuming, and unpredictable 3. If one system can be penetrated, then nearly all of them can Approved for Public Release, Distribution Unlimited.
  • 5. Mission-oriented Resilient Clouds Using the power of a computational community to protect massively shared computational infrastructure Your Software Lives Here Virtual Machine Virtual Machine Virtual Virtual Machine Machine Your Software Lives On A Network with 100K Other Virtual Machines and No Firewalls Modular Data Center Blade Server Blade Server Containers Racks Network Approved for Public Release, Distribution Unlimited.
  • 6. Resilient Clouds: A Community that uses the Network as a Defensive Amplifier TODAY RESILIENT CLOUDS (CRASH++) Acting as individuals makes the Acting as a community makes the enterprise weaker than the sum of its enterprise stronger than the sum of parts its parts • “Box” Oriented • Mission Optimized • Vulnerable Components • CRASH-worthy components • Static Sitting Duck • Moving Target • Shared Vulnerabilities • Resilience through Diversity • Implicit Trust is Amplifier • Collective Diagnosis is Damper Approved for Public Release, Distribution Unlimited.
  • 7. Resilient Clouds Technology Areas Combined Goal of CRASH & Resilient Clouds Cyber-Mission Resilience Resilient Clouds Technologies Mission-Aware Optimizing Mission Networking and Resources Innate Distributed Shared Situational Awareness, Manageable & Taskable Defense Trust Modeling, and Diagnosis Diversity CRASH Technologies Innate Immunity Adaptive Immunity Manageable Diversity  Information flow For more info see: http://tinyurl.com/68w9wpf  Control flow Approved for Public Release, Distribution Unlimited.
  • 8. Secure Computer Systems CRASH Clean-slate design of Resilient, Adaptive, Secure Hosts Approved for Public Release, Distribution Unlimited.
  • 9. CRASH Applies Biological Principles to Computation Innate Immunity: New hardware & operating system architectures that eliminate all common technical vulnerabilities Adaptive Immunity Middleware that: • Diagnoses root causes of vulnerabilities and builds situational assessment • Quickly adapts & reconfigures • Learns from previous attacks and gets better at self-protection Population Diversity Computational techniques that: • Increase entropy in time and space • Make every system unique • Raise work factor of attacker for each system Approved for Public Release, Distribution Unlimited.
  • 10. Innate Immunity: An Example Hardware Solution Conventional Computer Memory Register File Result Data Operand 1 A Data Data L Operand 2 U Tag 1 Tag Tag Tag 2 Trap Signal Instruction Tags Unit Result Tag Bounds Type Thread’s Principal Access Rules Provenance Software and hybrid solutions are Meta-computing System also possible (e.g. PROCEED) Approved for Public Release, Distribution Unlimited.
  • 11. Adaptive Immunity System 4. System model is adapted with Model new attack-specific detector 3. System model is used to perform diagnosis (e.g. localization and characterization) 2. Software system analog of adaptive 1. Hardware analog immune system is 5. Adaptive immune of innate immune signaled system synthesizes plan system detects to get around problem anomaly and patch to remove specific vulnerability Approved for Public Release, Distribution Unlimited.
  • 12. Dynamic Diversity Makes a Single Host Different from Moment to Moment Address Space Randomization Instruction Set Randomization Disk Memory ICache Code and/or data blocks Instruction-1 Encrypted-1 Instruction-1 are periodically Instruction-2 Encrypted-2 Instruction-2 repositioned in memory so that attacker has to work Instruction-3 Encrypted-3 Instruction-3 harder to find a target. Garbage-collected memory Instruction-4 Encrypted-4 Instruction-4 has the property inherently, new methods may optimize Instruction-5 Injected-1 Encrypted-1 for increased entropy. Instruction-6 Injected-2 Encrypted-1 Encrypted-5 Instruction-5 Encrypted-6 Instruction-6 Functional Redundancy & Decision Theoretic Dispatch Code is encrypted as it enters memory and Decrypted as it enters There are multiple methods Goali the instruction cache (or translation for achieving each goal buffer). Injected code in native (“n-version programming”). instruction set is then encrypted Each distinct method has and not executable. Encryption key different qualities of service. can be varied by process and time. Method selection is driven Methodij QoSij both by preferences over QoS and by need for unpredictability. Approved for Public Release, Distribution Unlimited.
  • 13. Turn the Tables: Make The Attacker Do The Work x x Attacker Attacker Attacker Effort: Effort: Effort: Defender Defender Defender Effort Effort Effort Innate Immunity Adaptive Immunity Dynamic Diversity • Novel Hardware • Policy Weaving • Compiler generated Diversity • Separation OS’s • Automatic Patching • Algorithmic • Information Flow • Selective Playback Diversity • Formal Methods • Symbiotes • Instruction Set Randomization Approved for Public Release, Distribution Unlimited.
  • 14. An opportunity… Smartphone > PC shipments within 2 years Implies very rapid, land grab evolution of internet access Approved for Public Release, Distribution Unlimited.
  • 15. Our goal… …is to get CRASH & MRC technologies into your machines. • If you make computers, operating systems, middleware… • If you use these and can influence the people who make them • If you think there’s a great startup opportunity • Then we want to talk with you about how to transition our technologies into the real world. • Contact us at CrashInquiries@darpa.mil Approved for Public Release, Distribution Unlimited.