1 / 14

Cyberspace - A Global Battlespace?

Cyberspace - A Global Battlespace?. Joel Ebrahimi Solutions Architect Bivio Networks, Inc. A Hacker’s Opportunity is Target Rich!. Joe Hacker. Enterprise Personal Credit Card Government Military secrets Nuclear Information Medical Records Criminal Records

orde
Télécharger la présentation

Cyberspace - A Global Battlespace?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.

  2. A Hacker’s Opportunity is Target Rich! Joe Hacker • Enterprise • Personal • Credit Card • Government • Military secrets • Nuclear Information • Medical Records • Criminal Records • Classified Secrets and Information • Control of Physical Infrastructure • Power • Electrical • Water

  3. Exploitation Evolution • While we look at the evolution trend, it should be noted that the less severe exploits have not gone away. They still exist today and have even increased in numbers. The problem is that we also have to deal with exploits that now affect our national security. Experimentation / Notoriety Hacktivism / Defacements Criminal Enterprise Espionage / Cyber Terrorism

  4. Hacking Hotspots and Trends WESTERN EUROPE Cyber-activists with anti-global/anti-capitalism goals; some malicious code EASTERN EUROPE/RUSSIA Malicious code development; fraud and financial hacking CHINATargeting Japan, U.S., Taiwan and perceived allies of those countries; Falun Gong targeted also U.S. Multiple hacker/cyber-activist/hacktivist groups; random targets MIDDLE EASTPalestinian hackers target Israeli websites; some pro-Israel activity INDIA-PAKISTANWorldwide targets, Kashmir-related and Muslim-related defacements BRAZIL Multiple hacker groups, many mercenary; random targets

  5. Is the threat real?

  6. Its Real and Happening Now! Stuxnet Cyber Espionage DDOS attacks in Estonia Attacks on Booz Allen Hamilton Breach of defense contractor computers that let hackers get at information on the Joint Strike Fighter Power grid compromised Repeated attacks on .gov websites Real growing threat of cyber terrorism

  7. The Threats • Malware • Worms • Trojans • Rootkits • Spyware • Remote of local exploitation • Botnets

  8. A Transforming Network • Explosion in usage, applications, devices, protocols • Basic networking problems remain • Security • Information assurance • Cyber defense • Awareness • Control • Network role transition from connectivity to policy • Key Enabling Technology: Deep Packet Inspection

  9. L2 L3 L4 L5 – L7 Ethernet InternetProtocol(IP) TransportLayer(TCP/UDP) • Email, IM • Web • File Transfer • Peer-to-Peer (P2P) • Viruses • Intrusions • Worms Deep Packet Inspection (DPI) • Set of technologies enabling fine-grained processing of network traffic • Common analogy: processing regular mail based on letter contents vs. address • Not a solution or an application!

  10. Why DPI? • L3/4 analysis clearly not granular enough • Source/Destination often irrelevant • Most information is in the payload • Deeply embedded • Context dependent • Dynamic • Tunneling makes outer protocols/headers insufficient • Correlation between flows and payload often crucial • Threats are real-time and dynamic; response can’t be • DPI is real-time networking analog to off-line analysis • Dramatically shortens threat identification and response

  11. The Right Technology • Scalability: variable throughput, computation • Performance: • Computational: full packet inspection • Network: wire-speed • Flexibility: software is king • Customization: each mission different • Adaptability: inherent in space • Active/Passive: monitoring and enforcement • Multi-function: parallel tasks • Standardization: Avoid proprietary environments • Rapid deployment

  12. Protecting The Future • Infrastructure • Focus on high-compute/high-throughput • System design • Semiconductors • Keep pace with networking advances • 40Gb/s • 100Gb/s • Storage integration • Data Retention • Post-processing • Applications • Increased sophistication of protocol analysis • Increased cross-flow analysis • Information sharing between applications • Dynamic threat response

  13. Summary • Threats are already here • Cyber Terrorism is real • The network is changing and growing • DPI technology underlies future networking • Core technology for National Security requirements • Challenges addressed in rapidly advancing market • Significant innovation into the future

  14. Not just a presenter, this is what I do • Special purpose networking devices • 10Gb/s+ • High compute capacity • Throughput and compute scaling • Linux development environment • Multi-application support Thank You! Joel Ebrahimi jebrahimi@bivio.net Bivio Networks, Inc http://www.bivio.net

More Related