1 / 3

Vulnerability of Complex Networks

Vulnerability of Complex Networks. Prepared for :. ACS Contact: Stuart S. Wagner swagner@appcomsci.com September 20, 2012. “Only the Paranoid Survive” – Andy Grove. Problem Statement. Inadvertent misconfiguration responsible for huge percentage of IP network downtime and vulnerabilities

shasta
Télécharger la présentation

Vulnerability of Complex Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Vulnerability of Complex Networks Prepared for: ACS Contact: Stuart S. Wagner swagner@appcomsci.com September 20, 2012 “Only the Paranoid Survive” – Andy Grove

  2. Problem Statement • Inadvertent misconfiguration responsible for huge percentage of IP network downtime and vulnerabilities • Think what intentional, malicious misconfiguration could do • Fundamentally more powerful botnets are on the horizon • Black Hat Conference regularly features the latest hacks of routers, cellular networks, middleboxes, control planes,… • Network standards organizations and protocol developers don’t usually address the most pernicious attack vectors • Offense is generally easier and cheaper than defense, and is getting more so as networks become more complex • You can’t afford infinite resilience against all possible vulnerabilities and threats

  3. Challenges for Network Resilience • Getting the most bang for the buck in the face of unanticipated vulnerabilities and unforeseen attacks • How do you even know when you have made a good investment? • What metric do you utilize to quantify the gain in trustworthiness and reliability for a given investment? • Providing different levels of resilience for different users, organizations, and missions • When does the cost of failure out-weigh the cost of resilience? • How do assign a probability, or a cost, to an unforeseen failure or attack mode? • How can we design networks to make them fundamentally less vulnerable to attack? Is this even possible?

More Related