organically assured survivable information systems principal investigators meeting l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
ORGANICALLY ASSURED & SURVIVABLE INFORMATION SYSTEMS: PRINCIPAL INVESTIGATORS’ MEETING PowerPoint Presentation
Download Presentation
ORGANICALLY ASSURED & SURVIVABLE INFORMATION SYSTEMS: PRINCIPAL INVESTIGATORS’ MEETING

Loading in 2 Seconds...

play fullscreen
1 / 29

ORGANICALLY ASSURED & SURVIVABLE INFORMATION SYSTEMS: PRINCIPAL INVESTIGATORS’ MEETING - PowerPoint PPT Presentation


  • 197 Views
  • Uploaded on

Operate Through Attacks!!. ORGANICALLY ASSURED & SURVIVABLE INFORMATION SYSTEMS: PRINCIPAL INVESTIGATORS’ MEETING. August 19, 2002. Dr. Jaynarayan H. Lala Program Manager Information Processing Technology Office Defense Advanced Research Projects Agency. TOPICS. New Office

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ORGANICALLY ASSURED & SURVIVABLE INFORMATION SYSTEMS: PRINCIPAL INVESTIGATORS’ MEETING' - brand


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
organically assured survivable information systems principal investigators meeting

Operate Through Attacks!!

ORGANICALLY ASSURED & SURVIVABLEINFORMATION SYSTEMS:PRINCIPAL INVESTIGATORS’ MEETING

August 19, 2002

Dr. Jaynarayan H. Lala

Program Manager

Information Processing Technology Office

Defense Advanced Research Projects Agency

topics
TOPICS
  • New Office
    • Information Processing Technology Office
  • New Program
    • OASIS Demonstration and Validation
  • New Seedlings
    • Self-Regenerative Systems
    • Measuring Assurance in Cyber-Space
    • Survivable Servers
  • New Conference
    • DISCEX III
a problem of national importance
A Problem of National Importance

While computational performance is increasing, productivity and effectiveness are not keeping up

  • Users must adapt to system interfaces, rather than vice versa
  • Systems have become more rigid and more fragile
  • Systems have become increasingly vulnerable to attack

We have to change the game to create an urgent & necessary quantum leap in computer system robustness and capability

ipto will lead the way
IPTO Will Lead the Way
  • Building on a 40 year legacy of changing the world, IPTO will drive revolutionary change in computing and dramatic improvement in how people think of and use computational machines
  • Current IPTO programs lay the foundation for cognitive systems that will
        • Reason
        • Learn
        • Explain
        • Respond
  • Send us your best ideas:

Cognitive Information Processing Technology, BAA 02-21, http://www.eps.gov/spg/ODA/DARPA/CMO/BAA02-21/listing.html

cognitive systems thrusts
Cognitive Systems Thrusts

Dynamic Coordinated Teams

Systems That Know

What They’re Doing

Applications

Perception

Representation

&

Reasoning

Learning

Communication

&

Interaction

Cognitive Architecture

Robust Software and Hardware

FoundationalScience and Mathematics

(incl. Bio-inspired Computing, new approaches to Trust Management,…)

dem val creating an architecture
Dem-Val: Creating an Architecture

OASIS Dem-Val applies the DARPA program results and other technologies to produce an organically robust and dependable system architecture

The OASIS, FTN, and other DARPA programs developed tools, components, architectures, mechanisms.

oasis dem val
OASIS Dem/Val

Key Milestones

Program Objective

  • Demonstrate and validate a working military mission critical system prototype that is highly dependable in the presence of cyber threats and imperfect hardware and software.

6/02

1/03

6/03

1/04

6/04

Award

PDR

CDR/

Downselect

Demonstration

  • Create a secure and survivable JBI architecture employing defense in depth layers of real-time execution monitors, adaptive re-configurable strategies
  • Validate architectural approach using analytical models and formal proofs.
  • Build a survivable JBI instantiation and demonstrate an Air Tasking Order creation, modification and execution under a sustained red team attack

Technical Challenges

Technical Approach

  • Provide 100% of JBI critical functionality when under sustained attack by a “Class-A” red team with 3 months of planning.

Currently many systems can be brought down in seconds to minutes with little planning.

  • Detect 95% of large scale attacks within 10 mins. of attack initiation and 99% of attacks within 4 hours with less than 1% false alarm rate.
  • Prevent 95% of attacks from achieving attacker objectives for 12 hours.

In Integrated Feasibility Experiment (IFE) 3.1 fourteen out of fifteen flags were captured by the red team.

  • Reduce low-level alerts by a factor of 1000 and display meaningful attack state alarms .
  • Show survivability versus cost/performance trade-offs.
  • Avoid single points of failure
  • Design for graceful degradation
  • Exploit diversity to increase the attacker's work factor
  • Disperse and obscure sensitive data
  • Make the system dynamic and unpredictable
  • Deceive the attacker
acquisition strategy
Acquisition Strategy

1/03

9/01

1/02

6/02

6/03

1/04

6/04

OASIS

Real-time Execution Monitors, Stealth, Randomness, Error Compensation,Response, Recovery, Diversity.

Existing projects worked by PI's

in academia and small niche companies.

Phase I

Phase II

Contract

Award

Baseline Prototype Development

BAA 02-16

CDR

PDR

Prototype Demonstration and Red Team Scenario

Select 2

Performers

Down-select

Winner

@CDR

The Prototype Design will be competed between two teams.

Prototype Design

Prototype Development

boeing team oasis demonstration validation

Boeing TeamOASIS Demonstration/Validation

Dan Schnackenberg, Boeing Dr. Sanjai Narain, Telcordia

Dr. Hal Hager, Boeing Dr. Raj Rajagopalan, Telcordia

Dr. Nick Multari, Boeing Pete Dinsmore, NAI Labs

Don McQuinn, Boeing Mark Feldman, NAI Labs

Dr. Yair Amir, Spread Concepts

slide11

Designing Protection and Adaptation into a Survivability Architecture: Demonstration and Validation (DPASA-DV)

Mr. Pete Pflugrath, Program Manager

Dr. Partha Pal, Co-Principal Investigator

Mr. David Levin, Co-Principal Investigator

self regenerative systems program goals
Self-Regenerative Systems:Program Goals
  • Conceive, design, develop, implement, demonstrate and validate architectures, tools, and techniques that would allow fielding of systems that can learn.
  • Develop the basic precepts of representation, reasoning and learning that will form the scientific foundation for all such future systems.
self regenerative systems envisioned capabilities
Self-Regenerative Systems:Envisioned Capabilities
  • Learn from its experience so it performs better tomorrow than it did today.
  • Restore system capabilities to full functionality following an attack event or a component failure.
  • Analyze a specific failure and diagnose the root cause of the failure.
    • Determine if an attack focused on exploiting a specific vulnerability or a misconfiguration, or if the failure was caused by a component failure, an operational error, or a fundamental flaw in the architecture.
self regenerative systems envisioned capabilities15
Self-Regenerative Systems:Envisioned Capabilities
  • Generalize a specific attack event to form a defense against a class of attacks.
  • Adapt to changes in network traffic due to congestion or denial of service attacks or router and link failures.
  • Continually create new deceptions as new threats emerge and old techniques become less effective.
  • Monitor insider activity and develop profiles for appropriate and legitimate behavior.
    • Take preventive and defensive measures as legitimate bounds are exceeded.
measuring assurance program goal
Measuring Assurance: Program Goal

CONTEXT: Create robust software and hardware that are fault-tolerant, attack resilient, and easily adaptable to changes in functionality and performance over time.

PROGRAM GOAL: Create an underlying scientific foundation that will

  • enable clear and concise specifications,
  • measure the effectiveness of novel solutions, and
  • test and evaluate systems in an objective manner.
measuring assurance challenges
Measuring Assurance:Challenges
  • Unable to quantitatively state how assured systems and networks are.
  • Unable to quantify ability of protective measures to keep out intruders.
  • Difficult to characterize capabilities of intrusion detection systems to detect novel attacks.
  • Benefits of novel response mechanisms cannot be measured comparatively or absolutely.
measuring assurance technical approach
Measuring Assurance:Technical Approach
  • Research the theoretic aspects of information assurance
  • Develop measures of merit and metrics to characterize quantitatively various dimensions of security
  • Show the relevance of the theory by applying theory to a realistic exemplar system
measuring assurance major focus areas
Measuring Assurance:Major Focus Areas
  • Concepts and terminologies to succinctly express IA domain issues
  • Threat, attack and vulnerability taxonomies
  • Security models and models of attacker intent, objectives, and strategies
  • Work factor metrics, survivability metrics, operational security metrics, cryptographic protocol metrics
  • Methods for testing and validating protection mechanisms
  • Security and survivability requirements specifications
survivable server seedlings
Survivable Server Seedlings
  • Objectives
    • Create a survivable server using OASIS technologies that are suited to a selected military mission-critical applications (Army CECOM SMS Server and TRANSCOM WebMail Server)
    • Demonstrate server survivability on a prototype platform in March 2003
    • Transition technology to operational C4ISR systems
  • Performers
    • Teknowledge (HACQIT and integration): CECOM SMS Server
    • Architecture Technology Corporation (VPNShield)
    • BBN (ITUA)
    • Secure Computing Corporation (ITSI)
    • Draper Laboratory (DB Transaction Mediator)
    • WireX & SCC: TRANSCOM WebMail Server
oasis roadmap
OASIS Roadmap

(16)

(6)

Survivable Server

(17)

Error

Compensation/

Response/

Recovery

Intrusion-Tolerant Architectures

Graceful Degradation

Fragmentation, Redundancy, Scattering,

Deception

Error Detection/

Tolerance Triggers

Value & Time Domain Error Detection

Redundancy-Based Cyber Attack Detection

Digital Integrity Marks

Execution Monitors

Monitor COTS Binaries

Sandbox Active Scripts

Operate thru’ Mobile/ Malicious Code Attacks

Secure Mobile Code Format

In-lined Reference Monitors

Fault Avoidance

FY02

FY01

FY03

FY04

FY00

FY99

System Dem-Val Program

Survivable JBI Demonstration

PDR

CDR

Technology Demonstrations

Transition

Technology Validation

  • SPAWAR (EC5G, Smart Ship)
  • PACOM
  • CECOM (ABCS)
  • TRANSCOM
  • AFRL

Four Questions

Validation Pilot

Completed Validation Matrices

Project Validation

Peer

Review

PI Meetings & Project Evaluation

Honolulu

Project Evaluations

Santa Rosa

Phoenix

Aspen

Norfolk

Santa Fe

Hilton Head

Program Evaluation

Program Redirection

Program Redirection

  • Ideas for
  • Advanced Research:
  • Self-regenerative Systems
  • Defeating the Insider Threat
  • Measuring Assurance
  • Deception for Cyber Defense

Provably Correct Protocols

Software Vulnerability Detection

Design Assessment & Validation

Secure-design Principles

hot off the presses
Hot Off the Presses!!!
  • DARPA pleased to announce the Third DARPA Information Survivability Conference and Exposition (DISCEX 3)
  • CFP announcement
    • Papers due in late September 2002
    • Notifications by early December 2002
    • Camera-Ready papers due by mid-January 2003
  • Conference will be held in late April 2003 in Wash. D.C.
  • Formal Program Committee
    • Much stronger reviews than previous DISCEX conferences
  • Expected paper acceptance rate of 20-25%
  • I encourage all OASIS PIs to participate
discex 3
DISCEX 3
  • Download CFP – http://www.iaands.org/discex3/cfp.html
  • Start thinking about your paper
  • Start thinking about your demo for the exposition
  • Things that will happen before the next PI meeting
    • Paper submission, review, acceptance, and camera-ready
    • Non-accepted papers  Summary project description (6 pgs)
    • Exposition participants  Demonstration summary (3 pgs)
  • Help advertise – open conference
  • Plan to attend – Apr. 22-24 in Washington, D.C.
industry versus dod needs
Industry versus DoD Needs

DoD Needs

Industry Direction

Future:

Command & Control Systems

Combat Systems

Intel/Reconnaissance

Strategic Indicators & Warning

Logistics & Personnel

Coordinated

Large scale

Stealthy

Nation States

Exploit unknown vulnerabilities

Self-Regenerative Systems

Terrorists/ Multinationals

OASIS and OASIS Dem/Val

Malicious Attacks

Financial Transaction Systems (Banks, Stock Markets)

Random, uncoordinated

Serious Hackers

Small scale

IBM Autonomic Computing

Exposed

Script Kiddies

Original Arpanet

AT&T Switching Systems

Boeing 777 Flight Control System

Exploit known vulnerabilities

Internet

Wireless Phones

Power Grid Control/ SCADA

Medical/ Radiology

No Attacks

No Failures

Benign

Byzantine

Most desktop & commercial H/W & S/W (designed for ideal/non-realistic conditions)

Memory Bit Errors

Comm Errors

Inconsistent

Processor Fail-stop/ Fail-crash

Stop/Start

Intermittent

* Householder, Houle, and Dougherty, "Computer Attack Trends Challenge Internet Security," Security & Privacy, IEEE Computer Society, Jan 2002

Permanent

Transient

Accidental Faults and Errors