Panel I : "Security for Clean Slate and Future Internet
14:00 - 15:30 October 14, 2013
Moderator: Wade Trappe (Rutgers University, USA)
- Nick Feamster, Georgia Institute of Technology
- Amir Herzberg, Bar-Ilan University, Israel
- Radia Perlman, Intel Laboratories, USA
- Jonathan Smith, University of
- Arun Venkataramani,
University of Massachusetts Amherst
The Internet was designed in a different era, when protocol layer separation was the norm and during which bandwidth, storage and computation at routers were at a premium. At this time, the focus on protocol design was simply to get the network to work, and security was an afterthought. This is perhaps best illustrated by weaknesses in the most famous of network protocols, TCP, which had to make use of meager buffers. This limitation in turn led to conservative flow control procedures that have since been undermined by a plethora of security threats. Technology has changed dramatically since that time, and even though technology now allows for interaction between protocol layers, and provides significant computing and in-network storage resources, the purpose behind the Internet has also changed dramatically. The applications running on the Internet involve a quantity of users that is several orders of magnitude more than originally intended. We are now envisioning a future where everything is networked as has been described in the much touted Internet of Things. The Internet is being asked to support mobile applications involving far more than mere smartphones, where vast quantities of data are being pushed and pulled from the “cloud”. All of these new applications have serious security implications, and thus there are numerous projects world-wide to investigate “a clean slate” redesign of the Internet where security is a primary consideration in the design. This panel will explore aspects related to security in the “future Internet”. Topics will include discussion on the types of threats facing the Internet, which security principles can be integrated into a secure Internet architecture (and which cannot), specific mechanisms and tools that can be employed to implement or realize such a clean slate and secure Internet, and whether this new “secure Internet” would introduce new vulnerabilities.
Panel II : "Metrics and Tools for Cyber Situation Awareness"
14:00 - 15:30 October 15, 2013
Moderator: Massimiliano Albanese (George Mason
- Hasan Cam, U.S. Army Research Laboratory
- Anita D’Amico, Applied Visions, Inc.
- Sushil Jajodia, George Mason University
- Sukarno Mertoguno, Office of Naval Research
- John Yen, Pennsylvania State University
An ever increasing number of critical applications and services rely today on increasingly complex and interconnected Information Technology infrastructures, exposing companies and government agencies to an elevated risk of potentially devastating cyber-attacks. Attackers can exploit network configurations and vulnerabilities to incrementally penetrate a network and compromise critical systems. Cyber-security analysts need to continuously monitor large amounts of alerts and sensory data in order to recognize attacks in a timely manner and mitigate their potential impact. However, manual analysis is labor-intensive and error-prone, given the inherent complexity of the problem, and distracts the analyst from getting the “big picture” of the cyber situation.
This panel will explore tools and metrics that have been developed, or need to be developed, in order to provide Cyber Situational Awareness frameworks with the capability of automatically answering a number of questions the analyst may ask about: current situation, impact and evolution of an attack, behavior of the attackers, forensics, quality of available information and models, and prediction of future attacks. Some of these questions are: Is there any ongoing attack? If so, where is the attacker and what has been compromised? How can we measure the risk? Are available attack models sufficient to understand what is observed? Can we predict an attacker’s goal? If so, how can we prevent that goal from being reached? Ultimately, the ability to automatically and effectively answer these questions will enable the analyst to focus on a higher-level view of the cyber situation and make informed decisions about the best course of action to take in response to detected or perceived threats.