Upload
valerie-newman
View
214
Download
0
Embed Size (px)
Citation preview
Defensive Terrain in Defensive Terrain in CyberspaceCyberspace
Thomas Pingel
January 31, 2002
Advisor: Sara Fabrikant
Committee?
Research Questions
How does the spatial arrangement of a computer network impact its security properties?
How do such arrangements compare with human defense strategies that rely on control of territory?
What explains the similarities and differences?
Rationale
Networks have a path/node structure Different spatial arrangements Spatial patterns affect data flows Current network defense includes
– Segmentation– Isolation– control over information flows
Similarity to human defense strategies of territory
What Is the Role of Geography?
Historical ties to analyzing how the medium of conflict impacts the outcome of contests of force– terrain analysis, Global politics, military geography
Heavy use of language of physical security – Firewalls, bastion hosts, choke points
Computer networks – geographic space – topology – Spatial analysis of that topology
Visualizations
Compare to Physical Security
Sources– Geography (O’Sullivan)– U.S. Army (FM 5-33) – historical records of battles
Identify– Obstacles– Cover– Concealment
Game simulations as a model Comparison to spatial games
– Chess & Go
Defensive Terrain in CyberspaceIs it Terrain, Is it Like Terrain, and What
Difference Does It Make?
Oxford English Dictionary says: 2a. A tract of country considered with regard to
its natural features, configuration, etc.; … in military use esp. as affecting its tactical
advantages, fitness for maneuvering, etc. So… Terrain is the irregularity and configuration
of the medium
Defensive Terrain in CyberspaceIs it Terrain, Is it Like Terrain, and What
Difference Does It Make?
U.S. Army explicitly calls its network defenses “cyberterrain” (and they should know).
The network topology affects how movement occurs; it is a medium of conflict.
It is a terrain. The question is, do the network medium and earth medium influence the use of force in similar ways?
An Example: The Game of Risk
Risk is a strategic board game 6 populated continents divided into 42
territories Armies occupy territories Each territory can attack only adjacent
territories Spatial distribution of territories and troops
affects the outcome of the game
Literature Review – Putting The Pieces Together
An interdisciplinary project – Time to absorb more disciplines!
Geography– spatial & network analysis– historical involvement in security design– terrain analysis
Computer Science– technical knowledge – resources for network simulation and testing– theoretical research in computer security
Other– Philosophy, Political Science, Psychology, …
Methods
Gather data – Obstacle behavior– Cover and concealment
Evaluate– Compare terrain with security information
Compare – military geography
Methods: Obstacles
Data Source– A 16 host network test bed– Record of network based attacks on routers
with complete traffic records
Analyze traffic records with GIS network analysis (and other?) techniques.
Methods: Cover and Concealment
Data Source– A real, working network– Use of intrusion detection and port scanning
software Looking for a measure of visibility of a
host as well as intrusion data Difficulty looking for volunteer network
due to sensitive information.