1 / 6

Information Technology and Operations Center (ITOC) itocma/

A Conjecture for Control of Intrusion Detection Search John R. James John-James@usma.edu 845 938-5563 DSN: 688-5563, http://www.eecs.usma.edu/Personnel/James/default.htm. Information Technology and Operations Center (ITOC) http://www.itoc.usma.edu/

kasa
Télécharger la présentation

Information Technology and Operations Center (ITOC) itocma/

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Conjecture for Control of Intrusion Detection SearchJohn R. JamesJohn-James@usma.edu 845 938-5563 DSN: 688-5563, http://www.eecs.usma.edu/Personnel/James/default.htm Information Technology and Operations Center (ITOC)http://www.itoc.usma.edu/ Department of Electrical Engineering and Computer Science (EE&CS) http://www.eecs.usma.edu/ United States Military Academy (USMA)

  2. A Knowledge Value Chain • The knowledge pyramid defines an information Value chain • The value of information increases as we move up the value chain from data to knowledge • Knowledge varies from enterprise to enterprise • Conjecture: Intrusion Detection will be more effective if explicit efforts are made to allocate Intrusion Detection Resources to support efforts to maintain acceptable levels of risk that enterprise knowledge has been compromised

  3. A Value Chain for Military Operations • For the military, a high-priority value chain is support for use of deadly force • For military operations deadly force is largely applied by officers in the Navy and Air Force and by units for the Army and Marines (i.e. officers make the decision to engage in the Air Force and Navy while soldiers in units make decisions to engage in the Army and Marines) • Information Assurance resources (including Intrusion Detection resources) should be allocated to maintain an acceptable level of risk that application of deadly force to support meeting the commander’s intent has not been compromised • The conjecture rests upon the assumption that a knowledgeable enemy will concentrate malicious activities upon those friendly assets most useful to meeting the commander’s intent which is the purpose for use of deadly force

  4. Survival and Control Information on the Global Information Grid (GIG)

  5. A Simulation of the Engagement Control Process

  6. Summary • We should expect that malicious activities will be targeted to cause maximum harm • We should structure our allocation of intrusion detection resources based upon that expectation • An example of considerations of metrics for military enterprise processes has been given

More Related