Upload
feryal
View
21
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Research Direction Introduction. Advisor : Professor Frank, Y.S. Lin Presented by Yu Pu Wu. Agenda. Introduction Problem description Scenario. Definition of Survivability. - PowerPoint PPT Presentation
Citation preview
S
Research Direction IntroductionAdvisor: Professor Frank, Y.S. Lin
Presented by Yu Pu Wu
Agenda
Introduction
Problem description
Scenario
Definition of Survivability
We define survivability as the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. We use the term system in the broadest possible sense, including networks and large-scale systems of systems. [1]
[1] R. J. Ellison, D. A. Fisher, R. C. Linger, H. F. Lipson, T. Longstaff, and N. R. Mead, “Survivable Network Systems: An Emerging Discipline,” Technical Report CMU/SEI-97-TR-013, November 1997.(Revised: May 1999 )
Defense strategies Honeypot
Existing Classifications Lure Defend (deception& intimidation ) Study
[2] H. Debar, F. Pouget, and M. Dacier, “White Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues”,” Institut Eurécom Research Report RR-03-081, 2003
Defense strategies Honeypot
Level of interaction classification Low-Interaction Mid-Interaction High-Interaction
[3] H. Debar, F. Pouget, and M. Dacier, “White Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues”,” Institut Eurécom Research Report RR-03-081, 2003
Defense strategies Honeypot
The objective of a false target is to distract or conceal something that someone else may search for (to gain access to, control, destroy, etc.)
[4] G. Levitin, and K. Hausken, “False targets efficiency in defense strategy,” European Journal of Operational Research, Vol. 194, Issue 1, Pages 155-162, 1 April
Defense strategies Rotation
[5] Y. Huang, D. Arsenault, and A. Sood, “Closing Cluster Attack Windows Through Server Redundancy and Rotations”, Proc. IEEE CGRIDW'06.
Defense strategies Rotation
Outrunning Component Failures, which replicates key application components and intelligently places new replicas on suitable hosts upon noticing failures.
Attack Containment, which isolates host intrusions and network based distributed denial of service attacks and stops their propagation.
Continuous Unpredictable Changes, which tries to put strict time constraints on the usefulness of obtained attack information by constantly changing unpredictably.
[6] M. Atighetchi, P. Pal, F. Webber, and C. Jones, “Adaptive Use of Network-Centric Mechanisms in Cyber-Defense”, BBN Technologies LLC.
Agenda
Introduction
Problem description
Scenario
Collaborative Attacks
Attack Strategies
Compromise Pretend to Attack
Test Reaction Take Opportunity
[8] S. Braynov and M. Jadliwala, “Representation and Analysis of Coordinated Attacks”,” FMSE'03, 2003,
Risk Avoidance & Risk Tolerance
Risk Avoidance Compromise
Risk Tolerance Pretend to Attack
Period, P
N : The total numbers of nodes in the Defense Networks.
F : The total numbers of node which is compromised in the Defense Networks.
If N is 100 and F is 10, the Period will be 90%.
Success Rate, SR
Success Rate (SR) = Risk Avoidance Compromised / Risk Avoidance Attacks
Risk Avoidance - Compromise Nodes : 10 Risk Tolerance - Pretend to Attack : 5 Compromised Successfully : 6
( 3 Compromise Nodes : 3 Pretend to Attack) Success Rate = 30%
Stage & Risk Attackers
N = 100Risk Avoidance(P, N - F / N)
Risk Tolerance(1-P, F / N)
Early StageF = 5 Most (95%) Rare (5%)
Late StageF = 40 Part (60%) Part (40%)
Early Stage
Early StageCriteria
High Defense Resource
Low Defense Resource
High TrafficLow Traffic
Late Stage
Late Stage
Selection Criteria
High Traffic & Low Defense Resource
No. of Attackers
Number of Attackers
M : Number of selected candidates M = 4, Period = 99%, Success Rate = 100%
Risk Avoidance : 6 Risk Tolerance : 0 M = 25, Period = 80%, Success Rate = 0%
Risk Avoidance : 6 Risk Tolerance : 0
Choose Ideal Attackers
Attack Energy Budget & Capability
Corresponding Defense Resource for Each Attacker Aggressiveness Attack Energy
m
m m
TT t
Choose Ideal Attackers
Example Choose Ideal Attacker 100 Defense Resource
90 ~ 110 Corresponding Defense Resource Appropriate Aggressiveness Lower Bound (50%, 0%)
If Success Rate (SR) is low, raise the Lower Bound. If Success Rate (SR) is high, reduce the Lower
Bound.
Fake Traffic
Fake Traffic
Fake Traffic
Fake Traffic
Dynamic Topology Reconfiguration
Dynamic Topology Reconfiguration
Dynamic Topology Reconfiguration
Dynamic Topology Reconfiguration
Virtual Machine
Virtual Machine Virtual Machine Monitor Local Defense Effect
Core Node could be one of the Virtual Machines. If VMM was compromised, all of its VM would be
compromised, too.
Agenda
Introduction
Problem description
Scenario
Scenario
7
Core Node Compromised False Target Next Hop
Defense Resource Fake Traffic False Target & Fake Traffic Insider
7
9
9
45
5
8
3
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
7
9
9
45
5
8
3
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
7
9
9
45
5
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
7
9
9
C5
5
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O+2
+2
C
7
9
9
5
5
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O+2
+2
7
9
9
B5
5
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O+2
+2
7
9
9
B5
A
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O+2
+2
7
9
9
B5
A
8
D
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O+2
+2
9
9
7
B5
A
8
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
9
9
7
B5
A
5
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
9
9
7
B5
A
8
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
S
9
7
BB
A
8
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
S
9
7
BB
A
8
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
S
9
7
BB
A
8
D
A
B
C
E
D
F
G
H
I
J
K
L
M
N
O+2
+2
Thanks for your attention.