SlideShare a Scribd company logo

Cyber Security Analytics: The Internet of Things

Download as PPTX, PDF
GovLoop
GovLoop

Randy Garrett gave a presentation on cyber security analytics and the Internet of Things for DARPA. Some key points: - DARPA has a history of developing new technologies to provide strategic advantage for national defense. - The interconnectivity enabled by modern technology has democratized access to sophisticated tools and information. - Physical systems like vehicles are increasingly vulnerable to cyber attacks as they become more connected to networks. - DARPA is pursuing research in areas like intuitive cyber situational awareness tools, encrypted computing, automated software analysis, and developing high-assurance cyber systems through formal methods.

Technology
1 of 20
Randy Garrett Government Keynote Program Manager, Information Innovation Office, Defense Advanced Research Projects Agency
Cyber Security Analytics: The Internet of Things Dr. Randy Garrett The views, opinions, and/or findings contained in this presentation are those of the author and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense Approved for Public Release, Distribution Unlimited
DARPA History Approved for Public Release, Distribution Unlimited
I2O: information to operations • Cyber • ISR exploitation • New experts Information is a force multiplier Approved for Public Release, Distribution Unlimited
The Earth at Night NASA Earth Observatory/NOAA NGDC Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
6 Interconnectivity Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
7 •Instantaneous global communications •Low cost, rapid global transportation •Ubiquitous mass media •Encryption •High Resolution Satellite Imagery •Precision Navigation & Timing •Design & fabrication of sophisticated: parts, electronics, biological materials • IED’s, EFP, semi-submersibles •High performance computing •Capital Equipment • Jet fighters, Naval fighting vessels, long range artillery • Missiles (but not UAV’s, Tomahawks) • Nuclear Weapons (?) •State-of-the-art sensors •Sophisticated C2 •Large numbers of trained troops Democritization of Technology Available to Individuals: State Governments: Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
Understanding Organizations and Their Relationships Traditional DOD (Nation State) Historic Military Counter-Insurgency Unexplored Territory Approved for Public Release, Distribution Unlimited
Our physical systems are vulnerable to cyber attacks… Small group of academics took control of a car using Bluetooth and OnStar. They were able to disable the brakes, control the accelerator, and turn on the interior microphone.[1] Chinese cyber attack: “Highly sophisticated and targeted attack” on Google corporate infrastructure (known as Aurora) False speedometer reading Note that the car is in park…[1] K. Koscher, et al. "Experimental Security Analysis of a Modern Automobile," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010. Approved for Public Release, Distribution Unlimited 9
Approved for Public Release, Distribution Unlimited •Real-time cyberspace analytics •Intuitive views and interactions •Single fused situational awareness •Machine execution •Assured and integrated battle damage assessment •Work with range of skill sets, novice to expert Plan X A single view of the cyber battlespace for planning, operation and situational awareness Core Plan X Technology Base Intuitive Interfaces Cyber battlespace analytics Mission Planning Capability Database Platforms Mission Execution Plan X System network mapping data deploy, operate, measure
11 Scalable analytics & data processing technology Technical Area 1 - XDATA Quadratic scaling O(n^2) Correlation of subsets of data Statistics for an n^2 scaling analytic based on 20K records with feature vector length of 8000 used to generate a correlation coefficient matrix. Data locality (random access seek times) along with CPU usage are the primary factors in execution. *Actual measured times other times above are estimated n^3 scaling O(n^3) PCA/SVD, betweenness, force-directed layout “Betweenness” using 4.7 million nodes and 29 million edges1. 1 AFRL 2011 Small Medium Large Huge Massive Approved for public release; distribution is unlimited. • Propagation of uncertainty • Measuring non-linear relationships • Sampling and estimation techniques for distributed platforms • Methods for distributed dimensionality reduction, matrix factorization etc. • Streaming data feeds • Optimal cloud configurations and resource allocation with asymmetric components Challenges to achieve practical solutions with know accuracy in realistic environments Reduction methods?
Getting convergent: Manageable diversity (CRASH‡) Management Interface & Dynamic Loader Component Map Dependency Map Diversity Management Middleware Address space layout randomization Instruction set randomization Functional Redundancy Methodij Taski Randomization of Lower Layers High-Level Visible Layers to User Remain Unchanged New architectures guided by biology Attacker System Users System Managers Make all systems look the same to the system users and managers, but different to the attackers. • Preventing common attacks. • Adapting in response to unanticipated attacks. • Create diversity so attacker has to deal with heterogeneity. ‡ Clean-slate design of Resilient, Adaptive, Secure Hosts Approved for Public Release, Distribution Unlimited 12
Encrypted computing in the cloud as privately as in your data center (PROCEED‡) Program Approach • PROCEED is searching for efficient ways to compute on encrypted data that can be implemented on modern computers • Potential applications • High assurance network guards • Training simulators • Image processing It is theoretically possible to perform arbitrary computations on encrypted data without decrypting. Thus, preserving security even on untrustworthy computational infrastructure. [Gentry, 2009] [1] What if all computation could be done on encrypted data? • Secure computational outsourcing • System hardware and software provenance concerns reduced • Data provenance and availability remain concerns Will your foreign-built computer steal your data? ‡ PROgramming Computation on EncryptEd Data (PROCEED) [1] Craig Gentry. Fully Homomorphic Encryption Using Ideal Lattices. 41st ACM Symposium on Theory of Computing (STOC), 2009. Approved for Public Release, Distribution Unlimited 13
Approved for Public Release, Distribution Unlimited. Active Authentication Fingerprint Ridge Ending Ridge Bifurcation Core Island Forensic authorship Average word length Type-token ratio Use of Punctuation Use of unique words Mouse tracking Time over a single location Drifting while reviewing topics Double click Hovering to review alt-text Repurposed TechnologyExisting Technology New Technology Source: epdeatonville.orgwp-content uploads2011 04fingerprint.jpg Source: The Mancurian Candidate, Robert Graves, P2, Amazon PreviewSource: google search for "real estate" with mouse tracking provided by IOGraph Biometric Identity Modalities Beyond passwords Objective Validate the individual at the keyboard by those unique factors that make up the individual. Approach Focus on software biometrics (those without hardware sensors). Rotate many different biometrics as the human at the keyboard is working, resulting in an invisible authentication method.
Approved for Public Release, Distribution Unlimited Objective • Develop new program analysis tools and techniques for detecting malicious functionality in mobile applications. • Seek fundamental advances in program analysis that might enable DoD to vet other kinds of software, too. Approach • Produce practical automated analysis tools designed to keep malicious code out of DoD mobile application marketplaces. • Translate goal of keeping malicious code out of DoD mobile application marketplaces into lower-level properties that can be proven with automated program analysis tools. Automated Program Analysis for Cybersecurity (APAC) Third-party developers submit mobile apps to DoD. Some contain hidden malicious functionality. DoD analysts keep mobile app store free of malicious apps. Develop new tools and techniques for vetting mobile apps. APP APP STORE 15
Objective •Fully-automated checks for broad classes of malicious features and dangerous flaws in software and firmware Approach •Detect attacks we have never seen before that are not based on signatures • Define malice: • Determine broad classes of hidden malicious functionality to rule out • Confirm the absence of malice: • Demonstrate the absence of those broad classes of hidden malicious functionality • Examine equipment at scale: • Scale to non-specialist technicians who must vet every individual new device used by DoD prior to deployment VET: Vetting Commodity IT Software and Firmware Smart Phones Routers Printers Approved for Public Release, Distribution Unlimited http://www.dtic.mil/whs/esd/cmd/index.htm http://broadband.mt.gov/providers.aspx http://www.benning.army.mil/library/content/MCoELibrariesEResources/mcoelibrarieseresources.htm http://www.mc4.army.mil/hardware/Printers Examples Images of specific hardware are for illustration only and should not be interpreted as implying vulnerabilities 16
Objective: • Cost-effective construction of high- assurance cyber-physical systems. • Functionally correct. • Satisfy appropriate safety and security properties. Approach: • Use clean-slate formal methods • Produce high-assurance operating system components and control systems. • Develop a suite of program synthesizers and formal-methods tools. • Generate an integration workbench containing all HACMS tools and assured components. High Assurance Cyber Military Systems Proof • im • sa • sa when • on de • in en Idea: Synthesize & Verify Hig 12/8/11 “If soft by its m vulnera easier Felix Li High Assurance: Correctness, Resource Constraints Environment Description Functional Specification Synthesizer Code Proof Diagnostic Information Hardware Description Verified Libraries Safety Policy Security Policy Clean-slate formal-methods-based approach Approved for Public Release, Distribution Unlimited 17
Cyber Grand Challenge Objective: A Cyber Grand Challenge for automated defenders similar to DEFCON Capture the Flag Approach: Create automated systems that can sense and respond to cyber attacks more rapidly than human operators Compete systems that can engage in counter-adaptation cycles and repel novel threats from networks • Anomaly detection, big data analytics, case-based reasoning, heuristics, game theory, and stochastic optimization Compete at a high level in cyber competitions Flag Monitoring Vulnerability Scan Service Poller Mixed Inputs Key Competition Testbed Further dissemination only as directed by DARPA Public Release Center or higher DoD authority
Dark Nebula © Robert Traube Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of
www.darpa.mil 20 Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.

Recommended

The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple TeamPriyanka Aash
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
Demystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesDemystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesPriyanka Aash
 
CTI ANT: Hunting for Chinese Threat Intelligence
CTI ANT: Hunting for Chinese Threat IntelligenceCTI ANT: Hunting for Chinese Threat Intelligence
CTI ANT: Hunting for Chinese Threat IntelligenceJacklynTsai
 
Dreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligenceDreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligencePriyanka Aash
 
Practical and Actionable Threat Intelligence Collection
Practical and Actionable Threat Intelligence CollectionPractical and Actionable Threat Intelligence Collection
Practical and Actionable Threat Intelligence CollectionSeamus Tuohy
 

Recommended

The Rise of the Purple Team
The Rise of the Purple TeamThe Rise of the Purple Team
The Rise of the Purple TeamPriyanka Aash
 
The Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThe Diamond Model for Intrusion Analysis - Threat Intelligence
The Diamond Model for Intrusion Analysis - Threat IntelligenceThreatConnect
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
Demystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesDemystifying Security Analytics: Data, Methods, Use Cases
Demystifying Security Analytics: Data, Methods, Use CasesPriyanka Aash
 
CTI ANT: Hunting for Chinese Threat Intelligence
CTI ANT: Hunting for Chinese Threat IntelligenceCTI ANT: Hunting for Chinese Threat Intelligence
CTI ANT: Hunting for Chinese Threat IntelligenceJacklynTsai
 
Dreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligenceDreaming of IoCs Adding Time Context to Threat Intelligence
Dreaming of IoCs Adding Time Context to Threat IntelligencePriyanka Aash
 
Practical and Actionable Threat Intelligence Collection
Practical and Actionable Threat Intelligence CollectionPractical and Actionable Threat Intelligence Collection
Practical and Actionable Threat Intelligence CollectionSeamus Tuohy
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...Alex Pinto
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016Stanford University
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingDhruv Majumdar
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!Priyanka Aash
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report Morane Decriem
 
Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016Stanford University
 
Rapid Threat Modeling Techniques
Rapid Threat Modeling TechniquesRapid Threat Modeling Techniques
Rapid Threat Modeling TechniquesPriyanka Aash
 
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...HITCON GIRLS
 
Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
Breaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration testsBreaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration testsPriyanka Aash
 
Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016 Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016 Stanford University
 
Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...Mark Arena
 
Security precognition chaos engineering in incident response
Security precognition chaos engineering in incident responseSecurity precognition chaos engineering in incident response
Security precognition chaos engineering in incident responsePriyanka Aash
 
Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016Stanford University
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Splunk
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Bram Adams
 
Development Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to ReleaseDevelopment Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to ReleaseJulie Meloni
 

More Related Content

What's hot

TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...Alex Pinto
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016Stanford University
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingDhruv Majumdar
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!Priyanka Aash
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report Morane Decriem
 
Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016Stanford University
 
Rapid Threat Modeling Techniques
Rapid Threat Modeling TechniquesRapid Threat Modeling Techniques
Rapid Threat Modeling TechniquesPriyanka Aash
 
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...HITCON GIRLS
 
Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceThreatConnect
 
Breaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration testsBreaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration testsPriyanka Aash
 
Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016 Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016 Stanford University
 
Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...Mark Arena
 
Security precognition chaos engineering in incident response
Security precognition chaos engineering in incident responseSecurity precognition chaos engineering in incident response
Security precognition chaos engineering in incident responsePriyanka Aash
 
Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016Stanford University
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Splunk
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsThreatConnect
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingPriyanka Aash
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 

What's hot (20)

TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil Refineries
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat Intelligence
 
Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016Narrative Mind Week 3 H4D Stanford 2016
Narrative Mind Week 3 H4D Stanford 2016
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
 
IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!IOCs Are Dead—Long Live IOCs!
IOCs Are Dead—Long Live IOCs!
 
Threat Hunting Report
Threat Hunting Report Threat Hunting Report
Threat Hunting Report
 
Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016Narrative Mind Week 5 H4D Stanford 2016
Narrative Mind Week 5 H4D Stanford 2016
 
Rapid Threat Modeling Techniques
Rapid Threat Modeling TechniquesRapid Threat Modeling Techniques
Rapid Threat Modeling Techniques
 
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...
 
Dollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat IntelligenceDollars and Sense of Sharing Threat Intelligence
Dollars and Sense of Sharing Threat Intelligence
 
Breaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration testsBreaking and entering how and why dhs conducts penetration tests
Breaking and entering how and why dhs conducts penetration tests
 
Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016 Fishreel Lessons Learned H4D Stanford 2016
Fishreel Lessons Learned H4D Stanford 2016
 
Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...Cyber Threat Intelligence: Building and maturing an intelligence program that...
Cyber Threat Intelligence: Building and maturing an intelligence program that...
 
Security precognition chaos engineering in incident response
Security precognition chaos engineering in incident responseSecurity precognition chaos engineering in incident response
Security precognition chaos engineering in incident response
 
Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016Narrative Mind Week 6 H4D Stanford 2016
Narrative Mind Week 6 H4D Stanford 2016
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session
 
Operationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent ActorsOperationalizing Threat Intelligence to Battle Persistent Actors
Operationalizing Threat Intelligence to Battle Persistent Actors
 
Threat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty TrainingThreat Intelligence Is Like Three Day Potty Training
Threat Intelligence Is Like Three Day Potty Training
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 

Viewers also liked

Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Bram Adams
 
Development Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to ReleaseDevelopment Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to ReleaseJulie Meloni
 
Internet of Everything
Internet of EverythingInternet of Everything
Internet of EverythingCisco Services
 
Agile requirements management
Agile requirements managementAgile requirements management
Agile requirements managementChristian Hassa
 
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...Managing Requirements in Agile Development - Best Practices for Tool-Based Re...
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...pd7.group
 

Viewers also liked (6)

Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!Modern Release Engineering in a Nutshell - Why Researchers should Care!
Modern Release Engineering in a Nutshell - Why Researchers should Care!
 
Development Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to ReleaseDevelopment Lifecycle: From Requirement to Release
Development Lifecycle: From Requirement to Release
 
Internet of Everything
Internet of EverythingInternet of Everything
Internet of Everything
 
Agile requirements management
Agile requirements managementAgile requirements management
Agile requirements management
 
BANKING SYSTEM
BANKING SYSTEMBANKING SYSTEM
BANKING SYSTEM
 
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...Managing Requirements in Agile Development - Best Practices for Tool-Based Re...
Managing Requirements in Agile Development - Best Practices for Tool-Based Re...
 

Similar to Cyber Security Analytics: The Internet of Things

Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Mobodexter
 
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - TrivadisTechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - TrivadisTrivadis
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...Agile Testing Alliance
 
Doug maughan ppt
Doug maughan pptDoug maughan ppt
Doug maughan pptgbass12
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
Bridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudBridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudInside Analysis
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsRedhuntLabs2
 
Vulnerability Assessment and Penetration Testing using Webkill
Vulnerability Assessment and Penetration Testing using WebkillVulnerability Assessment and Penetration Testing using Webkill
Vulnerability Assessment and Penetration Testing using Webkillijtsrd
 
Security in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsSecurity in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsTim Mackey
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile securityJudy Ngure
 
An Overview Of The Singularity Project
An Overview Of The Singularity ProjectAn Overview Of The Singularity Project
An Overview Of The Singularity Projectalanocu
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterDinis Cruz
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsSirius
 
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster ProjectsRisk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster ProjectsSecureIoT H2020 funded project
 
DevSecCon Asia 2017 Pishu Mahtani: Adversarial Modelling
DevSecCon Asia 2017 Pishu Mahtani: Adversarial ModellingDevSecCon Asia 2017 Pishu Mahtani: Adversarial Modelling
DevSecCon Asia 2017 Pishu Mahtani: Adversarial ModellingDevSecCon
 
Data Tactics Open Source Brief
Data Tactics Open Source BriefData Tactics Open Source Brief
Data Tactics Open Source BriefDataTactics
 

Similar to Cyber Security Analytics: The Internet of Things (20)

Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - TrivadisTechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
resume4
resume4resume4
resume4
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
 
Doug maughan ppt
Doug maughan pptDoug maughan ppt
Doug maughan ppt
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
Bridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudBridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the Cloud
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
Vulnerability Assessment and Penetration Testing using Webkill
Vulnerability Assessment and Penetration Testing using WebkillVulnerability Assessment and Penetration Testing using Webkill
Vulnerability Assessment and Penetration Testing using Webkill
 
Security in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptionsSecurity in the age of open source - Myths and misperceptions
Security in the age of open source - Myths and misperceptions
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile security
 
An Overview Of The Singularity Project
An Overview Of The Singularity ProjectAn Overview Of The Singularity Project
An Overview Of The Singularity Project
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing master
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster ProjectsRisk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
 
DevSecCon Asia 2017 Pishu Mahtani: Adversarial Modelling
DevSecCon Asia 2017 Pishu Mahtani: Adversarial ModellingDevSecCon Asia 2017 Pishu Mahtani: Adversarial Modelling
DevSecCon Asia 2017 Pishu Mahtani: Adversarial Modelling
 
Data Tactics Open Source Brief
Data Tactics Open Source BriefData Tactics Open Source Brief
Data Tactics Open Source Brief
 

More from GovLoop

How is GovLoop Transforming Learning for Government?
How is GovLoop Transforming Learning for Government?How is GovLoop Transforming Learning for Government?
How is GovLoop Transforming Learning for Government?GovLoop
 
Teaching vs learning
Teaching vs learningTeaching vs learning
Teaching vs learningGovLoop
 
Next Gen: Critical Conversations Slide Deck
Next Gen: Critical Conversations Slide DeckNext Gen: Critical Conversations Slide Deck
Next Gen: Critical Conversations Slide DeckGovLoop
 
Internet of Things: Lightning Round, Sargent
Internet of Things: Lightning Round, SargentInternet of Things: Lightning Round, Sargent
Internet of Things: Lightning Round, SargentGovLoop
 
Internet of Things: Lightning Round, Ronzio
Internet of Things: Lightning Round, RonzioInternet of Things: Lightning Round, Ronzio
Internet of Things: Lightning Round, RonzioGovLoop
 
Internet of Things: Lightning Round, Hite
Internet of Things: Lightning Round, HiteInternet of Things: Lightning Round, Hite
Internet of Things: Lightning Round, HiteGovLoop
 
Internet of Things: Lightning Round, Fritzinger
Internet of Things: Lightning Round, FritzingerInternet of Things: Lightning Round, Fritzinger
Internet of Things: Lightning Round, FritzingerGovLoop
 
Internet of Things: Lightning Round, McKinney
Internet of Things: Lightning Round, McKinneyInternet of Things: Lightning Round, McKinney
Internet of Things: Lightning Round, McKinneyGovLoop
 
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722GovLoop
 
Week Three
Week ThreeWeek Three
Week ThreeGovLoop
 
FHWA Week Two
FHWA Week TwoFHWA Week Two
FHWA Week TwoGovLoop
 
Building Powerful Outreach - Executive Research Brief
Building Powerful Outreach - Executive Research BriefBuilding Powerful Outreach - Executive Research Brief
Building Powerful Outreach - Executive Research BriefGovLoop
 
Turning Big Data into Big Decisions
Turning Big Data into Big DecisionsTurning Big Data into Big Decisions
Turning Big Data into Big DecisionsGovLoop
 
Examining the Big Data Frontier
Examining the Big Data FrontierExamining the Big Data Frontier
Examining the Big Data FrontierGovLoop
 
The Need for NoSQL - MarkLogic
The Need for NoSQL - MarkLogicThe Need for NoSQL - MarkLogic
The Need for NoSQL - MarkLogicGovLoop
 
Capitalizing on the Cloud
Capitalizing on the CloudCapitalizing on the Cloud
Capitalizing on the CloudGovLoop
 
Build Better Virtual Events & Training for your Agency
Build Better Virtual Events & Training for your AgencyBuild Better Virtual Events & Training for your Agency
Build Better Virtual Events & Training for your AgencyGovLoop
 
Social Media Presentation for The Center for Organizational Effectiveness
Social Media Presentation for The Center for Organizational EffectivenessSocial Media Presentation for The Center for Organizational Effectiveness
Social Media Presentation for The Center for Organizational EffectivenessGovLoop
 
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...Guide to Managing the Presidential Management Fellows (PMF) Application Proce...
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...GovLoop
 
Winning the Cybersecurity Battle
Winning the Cybersecurity BattleWinning the Cybersecurity Battle
Winning the Cybersecurity BattleGovLoop
 

More from GovLoop (20)

How is GovLoop Transforming Learning for Government?
How is GovLoop Transforming Learning for Government?How is GovLoop Transforming Learning for Government?
How is GovLoop Transforming Learning for Government?
 
Teaching vs learning
Teaching vs learningTeaching vs learning
Teaching vs learning
 
Next Gen: Critical Conversations Slide Deck
Next Gen: Critical Conversations Slide DeckNext Gen: Critical Conversations Slide Deck
Next Gen: Critical Conversations Slide Deck
 
Internet of Things: Lightning Round, Sargent
Internet of Things: Lightning Round, SargentInternet of Things: Lightning Round, Sargent
Internet of Things: Lightning Round, Sargent
 
Internet of Things: Lightning Round, Ronzio
Internet of Things: Lightning Round, RonzioInternet of Things: Lightning Round, Ronzio
Internet of Things: Lightning Round, Ronzio
 
Internet of Things: Lightning Round, Hite
Internet of Things: Lightning Round, HiteInternet of Things: Lightning Round, Hite
Internet of Things: Lightning Round, Hite
 
Internet of Things: Lightning Round, Fritzinger
Internet of Things: Lightning Round, FritzingerInternet of Things: Lightning Round, Fritzinger
Internet of Things: Lightning Round, Fritzinger
 
Internet of Things: Lightning Round, McKinney
Internet of Things: Lightning Round, McKinneyInternet of Things: Lightning Round, McKinney
Internet of Things: Lightning Round, McKinney
 
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722
Leap Not Creep Participant Guide Pre-Course Through Week 3 - 20140722
 
Week Three
Week ThreeWeek Three
Week Three
 
FHWA Week Two
FHWA Week TwoFHWA Week Two
FHWA Week Two
 
Building Powerful Outreach - Executive Research Brief
Building Powerful Outreach - Executive Research BriefBuilding Powerful Outreach - Executive Research Brief
Building Powerful Outreach - Executive Research Brief
 
Turning Big Data into Big Decisions
Turning Big Data into Big DecisionsTurning Big Data into Big Decisions
Turning Big Data into Big Decisions
 
Examining the Big Data Frontier
Examining the Big Data FrontierExamining the Big Data Frontier
Examining the Big Data Frontier
 
The Need for NoSQL - MarkLogic
The Need for NoSQL - MarkLogicThe Need for NoSQL - MarkLogic
The Need for NoSQL - MarkLogic
 
Capitalizing on the Cloud
Capitalizing on the CloudCapitalizing on the Cloud
Capitalizing on the Cloud
 
Build Better Virtual Events & Training for your Agency
Build Better Virtual Events & Training for your AgencyBuild Better Virtual Events & Training for your Agency
Build Better Virtual Events & Training for your Agency
 
Social Media Presentation for The Center for Organizational Effectiveness
Social Media Presentation for The Center for Organizational EffectivenessSocial Media Presentation for The Center for Organizational Effectiveness
Social Media Presentation for The Center for Organizational Effectiveness
 
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...Guide to Managing the Presidential Management Fellows (PMF) Application Proce...
Guide to Managing the Presidential Management Fellows (PMF) Application Proce...
 
Winning the Cybersecurity Battle
Winning the Cybersecurity BattleWinning the Cybersecurity Battle
Winning the Cybersecurity Battle
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Cyber Security Analytics: The Internet of Things

  • 1. Randy Garrett Government Keynote Program Manager, Information Innovation Office, Defense Advanced Research Projects Agency
  • 2. Cyber Security Analytics: The Internet of Things Dr. Randy Garrett The views, opinions, and/or findings contained in this presentation are those of the author and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense Approved for Public Release, Distribution Unlimited
  • 3. DARPA History Approved for Public Release, Distribution Unlimited
  • 4. I2O: information to operations • Cyber • ISR exploitation • New experts Information is a force multiplier Approved for Public Release, Distribution Unlimited
  • 5. The Earth at Night NASA Earth Observatory/NOAA NGDC Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
  • 6. 6 Interconnectivity Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
  • 7. 7 •Instantaneous global communications •Low cost, rapid global transportation •Ubiquitous mass media •Encryption •High Resolution Satellite Imagery •Precision Navigation & Timing •Design & fabrication of sophisticated: parts, electronics, biological materials • IED’s, EFP, semi-submersibles •High performance computing •Capital Equipment • Jet fighters, Naval fighting vessels, long range artillery • Missiles (but not UAV’s, Tomahawks) • Nuclear Weapons (?) •State-of-the-art sensors •Sophisticated C2 •Large numbers of trained troops Democritization of Technology Available to Individuals: State Governments: Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.
  • 8. Understanding Organizations and Their Relationships Traditional DOD (Nation State) Historic Military Counter-Insurgency Unexplored Territory Approved for Public Release, Distribution Unlimited
  • 9. Our physical systems are vulnerable to cyber attacks… Small group of academics took control of a car using Bluetooth and OnStar. They were able to disable the brakes, control the accelerator, and turn on the interior microphone.[1] Chinese cyber attack: “Highly sophisticated and targeted attack” on Google corporate infrastructure (known as Aurora) False speedometer reading Note that the car is in park…[1] K. Koscher, et al. "Experimental Security Analysis of a Modern Automobile," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010. Approved for Public Release, Distribution Unlimited 9
  • 10. Approved for Public Release, Distribution Unlimited •Real-time cyberspace analytics •Intuitive views and interactions •Single fused situational awareness •Machine execution •Assured and integrated battle damage assessment •Work with range of skill sets, novice to expert Plan X A single view of the cyber battlespace for planning, operation and situational awareness Core Plan X Technology Base Intuitive Interfaces Cyber battlespace analytics Mission Planning Capability Database Platforms Mission Execution Plan X System network mapping data deploy, operate, measure
  • 11. 11 Scalable analytics & data processing technology Technical Area 1 - XDATA Quadratic scaling O(n^2) Correlation of subsets of data Statistics for an n^2 scaling analytic based on 20K records with feature vector length of 8000 used to generate a correlation coefficient matrix. Data locality (random access seek times) along with CPU usage are the primary factors in execution. *Actual measured times other times above are estimated n^3 scaling O(n^3) PCA/SVD, betweenness, force-directed layout “Betweenness” using 4.7 million nodes and 29 million edges1. 1 AFRL 2011 Small Medium Large Huge Massive Approved for public release; distribution is unlimited. • Propagation of uncertainty • Measuring non-linear relationships • Sampling and estimation techniques for distributed platforms • Methods for distributed dimensionality reduction, matrix factorization etc. • Streaming data feeds • Optimal cloud configurations and resource allocation with asymmetric components Challenges to achieve practical solutions with know accuracy in realistic environments Reduction methods?
  • 12. Getting convergent: Manageable diversity (CRASH‡) Management Interface & Dynamic Loader Component Map Dependency Map Diversity Management Middleware Address space layout randomization Instruction set randomization Functional Redundancy Methodij Taski Randomization of Lower Layers High-Level Visible Layers to User Remain Unchanged New architectures guided by biology Attacker System Users System Managers Make all systems look the same to the system users and managers, but different to the attackers. • Preventing common attacks. • Adapting in response to unanticipated attacks. • Create diversity so attacker has to deal with heterogeneity. ‡ Clean-slate design of Resilient, Adaptive, Secure Hosts Approved for Public Release, Distribution Unlimited 12
  • 13. Encrypted computing in the cloud as privately as in your data center (PROCEED‡) Program Approach • PROCEED is searching for efficient ways to compute on encrypted data that can be implemented on modern computers • Potential applications • High assurance network guards • Training simulators • Image processing It is theoretically possible to perform arbitrary computations on encrypted data without decrypting. Thus, preserving security even on untrustworthy computational infrastructure. [Gentry, 2009] [1] What if all computation could be done on encrypted data? • Secure computational outsourcing • System hardware and software provenance concerns reduced • Data provenance and availability remain concerns Will your foreign-built computer steal your data? ‡ PROgramming Computation on EncryptEd Data (PROCEED) [1] Craig Gentry. Fully Homomorphic Encryption Using Ideal Lattices. 41st ACM Symposium on Theory of Computing (STOC), 2009. Approved for Public Release, Distribution Unlimited 13
  • 14. Approved for Public Release, Distribution Unlimited. Active Authentication Fingerprint Ridge Ending Ridge Bifurcation Core Island Forensic authorship Average word length Type-token ratio Use of Punctuation Use of unique words Mouse tracking Time over a single location Drifting while reviewing topics Double click Hovering to review alt-text Repurposed TechnologyExisting Technology New Technology Source: epdeatonville.orgwp-content uploads2011 04fingerprint.jpg Source: The Mancurian Candidate, Robert Graves, P2, Amazon PreviewSource: google search for "real estate" with mouse tracking provided by IOGraph Biometric Identity Modalities Beyond passwords Objective Validate the individual at the keyboard by those unique factors that make up the individual. Approach Focus on software biometrics (those without hardware sensors). Rotate many different biometrics as the human at the keyboard is working, resulting in an invisible authentication method.
  • 15. Approved for Public Release, Distribution Unlimited Objective • Develop new program analysis tools and techniques for detecting malicious functionality in mobile applications. • Seek fundamental advances in program analysis that might enable DoD to vet other kinds of software, too. Approach • Produce practical automated analysis tools designed to keep malicious code out of DoD mobile application marketplaces. • Translate goal of keeping malicious code out of DoD mobile application marketplaces into lower-level properties that can be proven with automated program analysis tools. Automated Program Analysis for Cybersecurity (APAC) Third-party developers submit mobile apps to DoD. Some contain hidden malicious functionality. DoD analysts keep mobile app store free of malicious apps. Develop new tools and techniques for vetting mobile apps. APP APP STORE 15
  • 16. Objective •Fully-automated checks for broad classes of malicious features and dangerous flaws in software and firmware Approach •Detect attacks we have never seen before that are not based on signatures • Define malice: • Determine broad classes of hidden malicious functionality to rule out • Confirm the absence of malice: • Demonstrate the absence of those broad classes of hidden malicious functionality • Examine equipment at scale: • Scale to non-specialist technicians who must vet every individual new device used by DoD prior to deployment VET: Vetting Commodity IT Software and Firmware Smart Phones Routers Printers Approved for Public Release, Distribution Unlimited http://www.dtic.mil/whs/esd/cmd/index.htm http://broadband.mt.gov/providers.aspx http://www.benning.army.mil/library/content/MCoELibrariesEResources/mcoelibrarieseresources.htm http://www.mc4.army.mil/hardware/Printers Examples Images of specific hardware are for illustration only and should not be interpreted as implying vulnerabilities 16
  • 17. Objective: • Cost-effective construction of high- assurance cyber-physical systems. • Functionally correct. • Satisfy appropriate safety and security properties. Approach: • Use clean-slate formal methods • Produce high-assurance operating system components and control systems. • Develop a suite of program synthesizers and formal-methods tools. • Generate an integration workbench containing all HACMS tools and assured components. High Assurance Cyber Military Systems Proof • im • sa • sa when • on de • in en Idea: Synthesize & Verify Hig 12/8/11 “If soft by its m vulnera easier Felix Li High Assurance: Correctness, Resource Constraints Environment Description Functional Specification Synthesizer Code Proof Diagnostic Information Hardware Description Verified Libraries Safety Policy Security Policy Clean-slate formal-methods-based approach Approved for Public Release, Distribution Unlimited 17
  • 18. Cyber Grand Challenge Objective: A Cyber Grand Challenge for automated defenders similar to DEFCON Capture the Flag Approach: Create automated systems that can sense and respond to cyber attacks more rapidly than human operators Compete systems that can engage in counter-adaptation cycles and repel novel threats from networks • Anomaly detection, big data analytics, case-based reasoning, heuristics, game theory, and stochastic optimization Compete at a high level in cyber competitions Flag Monitoring Vulnerability Scan Service Poller Mixed Inputs Key Competition Testbed Further dissemination only as directed by DARPA Public Release Center or higher DoD authority
  • 19. Dark Nebula © Robert Traube Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of
  • 20. www.darpa.mil 20 Distribution Statement “A” (Approved for Public Release, Distribution Unlimited) The views, opinions, and/or findings contained in this article/presentation are those of the author/presenter and should not be interpreted as representing the official views or policies, either expressed or implied, of the Defense Advanced Research Projects Agency or the Department of Defense.