NetSPA A software program aimed to avert cyber hackers

1. NetSPAA software program aimed to avert cyber hackers Group 8 Tiffany Duhamel Elizabeth Sewell Katherine Watson

2. Key Words: • Hackers • Vulnerability Scanners • Attack Graphs • CyberAnalytix • Firewalls • Routers

3. NetSPA Network Security Planning Architecture

4. Developed by Richard Lippman, a senior staff member in Lincoln Laboratory’s Information Systems Technology Group, and his colleagues. His team consists of two computer scientist, Kyle Ingols and Seth Webster, along with MIT graduate student Leevar Williams. NetSPA NetSPA was developed in response to the unwavering threat of cyber hackers on the U.S. Government.

5. Facts about NetSPA: • NetSPA identifies any potential way that a network can be attacked. • NetSPA uses information about networks and the individual machines and programs running on them to create a graph that visually displays how an attacker could infiltrate the system.

6. Facts about NetSPA (cont.): • The system administrator can review the graph and decide which actions need to be taken. • NetSPA analyzes the graph and suggests the best and quickest way to fix most vulnerable areas. • The software relies on vulnerability scanners to identify the known weak spots that could pose a threat to the network.

7. Facts about NetSPA (cont.): • Once the vulnerable areas have been identified, NetSPA analyzes the firewall and router rules. • This will determine which weak areas can actually be reached and how attackers will be able to spread through the network by jumping from one vulnerable host to another. • NetSPA can also seek out vulnerabilities that otherwise would be unforeseen.

8. NetSPA graph: • The graph that NetSPA generates is setup as an attack graph cascade. • There are four rectangular regions that represent one subnet in a larger network. • Within each subnet, there are smaller rectangular regions that represent groups of hosts that are treated identically by all firewalls and are compromised by an attacker to the same level.

9. NetSPA graph (cont.): • There is a dot in the center of each region that signifies all hosts in that region. • The attacker will start at the upper subnet (“EXTLAN”) on a single host. The lines connecting the hosts represent vulnerabilities that the attacker uses to progressively compromise more hosts.

10. What triggered the development of NetSPA? • Between 2003 and 2005 there were a series of breaches on the U.S. government computers known as Titan Rain. • Government officials believe hackers were able to gain sensitive information about military readiness.

11. Can NetSPA benefit you? • Software such as NetSPA is invaluable for any individual or organization that has nay kind of information they want to shield from the unauthorized public. • NetSPA is not only beneficial for the protection of things such as trade secrets and client information, but for our countries safety as well • Keeping the government protected is very time sensitive and crucially important.

12. CyberAnalytix • A group of MIT students, with Lippman as their technical advisor, have proposed a business plan for a company called CyberAnalytx to commercialize NetSPA. • Their proposal won $10,000 in the MIT $100K Entrepreneurship Competition in May.

13. Why use NetSPA? • NetSPA is an excellent new software that will utilize information about networks, individual machines and programs running on them to create a graph that shows where the networks vulnerable points are located. • Being able to locate possible access points for attackers is a huge step in preventing computer network hacking.

14. One must realize that locating theses points is only half of what NetSPA is capable of. • The developers of NetSPA are continuously improving this new technology and expanding its boundaries. • This innovative development in cyber threat prevention will have a tremendously positive effect on organizations and even this countries safety.

15. The End Hope you enjoyed the show!