Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror

Comment Further Explanation (Score 1) 88

Thanks for all of the comments. Let me further explain, and I'm excited to hear more ideas from the community on the topic. First, to clarify the point I made about collaboration across public sector, academia, and private sector. Government agencies like DHS, NSA's IAD, universities like MIT's CSAIL, and hundreds of private sector companies are doing some amazing work in the area of breach detection, incident response, and security analytics. The challenge is that these efforts aren't synchronized or coordinated, and as a result, we are not as effective as we could otherwise be in transforming our national & critical infrastructure cyber defense capabilities. The collaboration required across public sector, academia, and private sector has not been seen since the Space Race, hence why I believe the effort to transform cyber defense will be the "Space Race" of our generation. With regard to "shape shifting networks", this is an idea that falls within the domain of "Moving Target Defense" (MTD), an emerging area of cyber defense, that is still in its early days, and has the potential to be a game changer in how we defend our critical systems. The concept of MTD, and the specific idea of shape-shifting networks, is not yet in production anywhere (as far as I know), but this work is in prototype and in research. If you're interested in diving into this topic, here are some resources to get you started:
  • Problem statement from DHS: In the current environment, information technology systems are built to operate in a relatively static configuration. For example, addresses, names, software stacks, networks and various configuration parameters remain more or less the same over long periods of time. This static approach is a legacy of information technology systems designed for simplicity in a time when malicious exploitation of system vulnerabilities was not a concern
  • Solution approach from DHS: Moving Target Defense (MTD) is the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts. MTD assumes that perfect security is unattainable. Given that starting point, and the assumption that all systems are compromised, research in MTD focuses on enabling the continued safe operation in a compromised environment and to have systems that are defensible rather than perfectly secure.
  • “[MTD] Enables us to create, analyze, evaluate, and deploy mechanisms and strategies that are diverse and that continually shift and change over time to increase complexity and cost for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency.” – Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program published by the Executive Office of the President, National Science and Technology Council, December 2011
  • Links to additional reading material
    1. 1. DHS overview: https://www.dhs.gov/science-an...
    2. 2. Morphisec's blog on MTD: http://blog.morphisec.com/movi...
    3. 3. Details on Morphisec's solution (one of many in this space): http://www.morphisec.com/how-i...
    4. 4. The "Morphinator" project sponsored by the Army for shape-shifting networks: https://gcn.com/articles/2012/...
  • It is the combination of at least 6 key initiatives that will fundamentally disrupt and transform the cyber defense capabilities of our critical infrastructure and beyond:
    1. 1. "Shift left" by applying Continuous Delivery, Architecture-as-Code, and other concepts to prevent or catch problems before they go into production.
    2. 2. Create a frictionless operational model for cyber defenders that enable them to focus on hunting breaches, versus jumping through processes, tools, and other friction.
    3. 3. Use security analytics and unsupervised machine learning algorithms to help our security hunters "hunt better".
    4. 4. Use automated incident response to proactively or automatically disrupt a breach in progress
    5. 5. Use natural language processing to simplify how cyber defenders interact with security technologies, accelerating their "ramp to productivity"
    6. 6. Apply moving-target defense techniques (deception, shape-shifting, etc) to disrupt common attack vectors

I appreciate the comments and passion the community has for this topic, and I look forward to having a constructive discussion.

Slashdot Top Deals

Everybody needs a little love sometime; stop hacking and fall in love!

Close