1 / 14

A Deception Framework for Survivability Against Next Generation Cyber Attacks

A Deception Framework for Survivability Against Next Generation Cyber Attacks. Ruchika Mehresh and Shambhu Upadhyaya Department of Computer Science and Engineering, University at Buffalo, Buffalo , NY 14260. Motivation. The Asymmetric warfare.

pascale-frank
Télécharger la présentation

A Deception Framework for Survivability Against Next Generation Cyber Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Deception Framework for Survivability Against Next Generation Cyber Attacks RuchikaMehresh and ShambhuUpadhyaya Department of Computer Science and Engineering, University at Buffalo, Buffalo, NY 14260

  2. Motivation The Asymmetric warfare • Kind of sophisticated attacks happening lately: • Botnets, command and control • Operation Aurora • Stuxnet

  3. Problem Statement How to enable critical systems to survive the next-generation of sophisticated attacks Deception

  4. Introduction • Survivability is the ability of a system to perform its mission (essential operations) in presence of attacks, faults or accidents • Focus on how to survive an attack • Does not focus on source or type of attack

  5. Introduction • Survivability involves four phases: • Prevention against faults/attacks • Detection of faults/attacks • Recovery from faults/attacks • Adaptation/Evolution to avoid future attacks • Timeliness property

  6. Introduction • Next-generation attack assessment • Formal requirements • Deception as a tool of defense • Proposed framework

  7. Underlying pattern in sophisticated attacks [6] Features: Multi-shot Stealth Contingency plan Solution

  8. Formal system requirements • Recognizing the smart adversary • Prevention • Surreptitious detection • Effective recovery with adaptation • Zero-day attacks

  9. Formal system requirements • Conserving timeliness property • Non-verifiable deception

  10. Deception as tool of defense • Preventive deception • Hiding, Distraction, Dissuasion • Detection • Honeypot farm • Recovery • Concealing the detection till an effective patch has been worked out

  11. Framework

  12. Work in progress • Design issues • Controlling the feedback loop • Smart-box design • Assess the nature of the traffic flow • Map AIOS to a honeypot

  13. Conclusion • Deception based survivability solution against sophisticated attacks • Dealing with zero-day attacks while conserving timeliness property • Stronger recovery with surreptitious detection

  14. References • E. Nakashima and J. Pomfret. China proves to be an aggressive foe in cyberspace, November 2009. • M. Ramilli and M. Bishop. Multi-stage delivery of malware. 5th International Conference on Malicious and Unwanted Software (MALWARE), 2010. • E. J. Kartaltepe, J. A. Morales, S. Xu, and R. Sandhu. Social network based botnet command-and-control: emerging threats and countermeasures. Proceedings of the 8th international conference on Applied cryptography and network security (ACNS), pages 511–528, 2010. • M. Labs and M. F. P. Services. Protecting your critical assets, lessons learned from operation aurora. Technical report, 2010. • M. J. Gross. A declaration of cyber-war, April 2011. • K. A. Repik. Defeating adversary network intelligence efforts with active cyber defense techniques. Master’s thesis, Graduate School of Engineering and Management, Air Force Institute of Technology, 2008. • A. D. Lakhani. Deception techniques using honeypots. Master’s thesis, MSc Thesis, ISG, Royal Holloway, University of London, 2003.

More Related