SlideShare una empresa de Scribd logo

Hakin9 interview w Prof Sood

Zsolt Nemeth
Zsolt Nemeth
Tecnología
1 de 3
Descargar para leer sin conexión
INTERVIEW Interview with Arun Sood Dr. Arun Sood is Professor of Computer Science in the Department of Computer Science, and Co-Director of the International Cyber Center at George Mason University, Fairfax, VA. His research interests are in security architectures; image and multimedia computing; performance modeling and evaluation; simulation, modeling, and optimization. He and his team of faculty and students have developed a new approach to server security, called Self Cleansing Intrusion Tolerance (SCIT). We convert static servers into dynamic servers and reduce the exposure of the servers, while maintaining uninterrupted service. This research has been supported by US Army, NIST through the Critical Infrastructure Program, SUN, Lockheed Martin, Commonwealth of Virgina CTRF (in partnership with Northrop Grumman). Recently SCIT technology was winner of the Global Security Challenge (GSC) sponsored Securities Technologies for Tomorrow Challenge. Dr Sood leads a university spin-off called SCIT Labs Inc, which is commercializing SCIT technology under license from GMU. Since 2009 Dr. Sood has directed an annual workshop on Cyber Security and Global Affairs with Office of Naval Research support. The 2009 workshop was at Oxford, 2010 in Zurich and 2011 in Budapest. He was awarded grants by NATO to organize and direct advance study institutes in relational database machine architecture and active perception and robot vision. Dr. Sood has held academic positions at Wayne State University, Detroit, MI, Louisiana State University, Baton Rouge, and IIT, Delhi. His has been supported by the Office of Naval Research, NIMA (now NGA), National Science Foundation, U.S. Army Belvoir RD&E Center, U. S. Army TACOM, U.S. Department of Transportation, and private industry. Dr. Sood received the B.Tech degree from the Indian Institute of Technology (IIT), Delhi, in 1966, and the M.S. and Ph.D. degrees in Electrical Engineering from Carnegie Mellon University, Pittsburgh, PA, in 1967 and 1971, respectively. His research has resulted in more than 160 publications, 4 patents, 2 edited books. What’s your background? appointments at Indian Institute of Technology, Delhi All my degrees are in Electrical Engineering – BTech (IIT, Delhi), Louisiana State University, and Wayne (IIT, Delhi); MS and PhD (Carnegie Mellon). My State University. dissertation research was in the area of control theory and motivated by the use of „small” computers like the When did you made the decision to get early DEC mini-computers (PDP series). Currently, I am involved in cyber security? a Professor of Computer Science and Co-Director of the For the last 10 years my research interests have shifted International Cyber Center at George Mason University towards cyber security, and especially on recovery at Fairfax, Virginia. My research is focused on modeling strategies. I got introduced to the complexity of the and designing resilient architectures; scalability of issues during a consulting assingment for a bank. This resilient systems; and metrics to evaluate resilience. was the first time that I realized the expenses related to I have worked for process engineering and consulting IDS alert processing. I see cyber security having many companies for about 10 years and have had academic open and challenging problems, and yet opportunity 32 ��������������� 02/2012
Interview with Arun Sood to apply common sense solutions. I like to work at Take for example in the publishing world. The same the edge of practice and research and cyber security article is replicated and published in many venues. If provides an interesting place to be. you subscribe to several publications, then the human has to act as the deduplicator. The same is true of the How do you follow the evolution of this area? search results. (books, newsletters, other sources, etc) Conferences, workshops, technical publications. On What’s your main area of interest / research? line resources. Some IEEE publications that focus on The cyber security problem is an area of intense this topic are well worth reading. IEEE Security and research. The current focus has been on reactive Privacy is a magazine style publication, that is designed methods that are expected to defend against all for lay public. IEEE Transactions on Dependable the attacks. Enterprise systems process millions and Secure Computing and IEEE Transactions on of transaction per day, and failure in even. 01% Information Forensics and Security are two key research of the cases provides for a challenging situation. publications. A number of papers provide information This experience is supported by theory – detection about the current status of the cyber incidents and cyber theory suggests increasing probabilit of detection will threat. Periodically I look at Financial Times, New York increase probability of false positives which requires Times, SC Magazine, Wall Street Journal, Washington more cyber security analyst man hours to resolve. Post, Wired. This reasoning, lead us to 3 principals that drive our research: Do you believe that Moore’s law will continue at its current rate and at one the point an • Intrusions are inevitable evolution in cyber security will be necessary • Once in the system, intruders stay for long periods in order to protect digital assets in light of the – days, weeks and months processing evolution? • Our current servers are sitting ducks Moore suggested that transistors per chips will double every 2 years. I think that this will continue In my research I have focused on reducing the losses for sometime. Multiple cores per chip are helping that are induced by a successful attack. We call this achieve this. However, I expect that more compute intrusion tolerance, and have developed SCIT – Self cycles will be required to protect the digital assests. Cleansing Intrusion Tolerance architecture. SCIT At some point more hardware assets will be used to uses a recovery oriented approach to achieve our manage key security problems like attribution and goal of limiting losses. SCIT reduces the exposure assurance. time of the server to the internet, and restores the server to a pristine state every refresh cycle. In this Does the increasing use of distributed way we reduce the time the bad guys have to induce computing, new algorithms and new threats losses. The limited goal of our research is to increase (especially APT) affects the way we do cyber the work effort required by the attackers. security? How? Cyber security can no longer rely on reactive What is your opinion of server security and approaches alone. It is necessary to take a how do you design secure systems? information risk management view to the problem. Our current servers are sitting ducks. The bad guys Our solutions must include information sharing, install malware on the server, and this spreads the proactive and threat independent approaches, agile infection in the system. We need systems that will defense approaches and continuous monitoring of delete the malware as quickly as possibl. For this the system status. We also need new approaches to reason, I think that servers should be regularly taken forensics – maybe we should design systems with the offline and restored to a pristine state. The time the expectation that forensic analysis may be necessary, servers are exposed to the internet is called the server thus reducing the time for trace back and other Exposure Time. If we can keep the Exposure Time low forensic analysis. and restore the server to a pristine state at the end of this period, then the malware will have only a limited Is the growing use of computers and amount of time to do damage. We have built servers digital data leading to system downfall? At with an exposure time of 1 minute. what degree are we dependent on digital It is generally believed that a defense in depth information and processes? approach is appropriate. I agree. If we can make We are increasingly dependent on digital info. I think the layers independent of each other then that that we are increasingly suffer from info overload. will have additional protection characteristics. The www.hakin9.org/en ��������������� 33
INTERVIEW SCIT technology easily integrates with the existing being exposed, and thus systems that have recently infrastructure without interfering with the existing successfully passed a penetration test, will find that security subsystems. they are vulnerable, In this sense the penetration test gives a false sense of confidence. What do you see as the future of cyber security? There are people who predict doomsday Today we are mostly focused on Information Assurance scenarios. Is it likely that eventually we get to – primarliy technology and policy issues. I think that a cyber cold war (let’s say: a code war)? What there needs to be more focus on human factors, would it be like? low cost solutions, and policy. In addition, Attribution To some extent this has already occured in limited deserves much more work. environments. The twin objectives of standardization and cost reduction, reduces the variety or hardware and In terms of players in cyber security, what do software and makes all our systems vulnerable. There is you expect? Small companies, lonely hackers, a risk at the boundary of the cyber – physical connected organized crime, cyber warriors? I assume systems. Protecting the national financial infrastructure this industry is dependent of financial from attack is critically important especially countries resources or lack of them. Is it possible to that are leading users of internet and mobile systems. small companies to prevail? Emerging countries are pushing for using mobile Most of the headlines are about successful attacks devices to perform financial transactions, especially low on large companies, especially financial services value monetary transactions. Most Critical Infrastructure companies, and defense and government offices and Protection projects include water and electric utilities. contractors. However, small companies have also been hacked. Hackers have stolen data, and stolen Has it already started? commercial and business information like forthcoming It appears that Estonia and Georgia events are bids which makes small companies particularly examples of code ware. There are reports of the vulnerable. Rural comunities and small towns are also Israel adn Palestinan conflict leading to cyber security vulnerable to hacking. At the same time emerging nations incidences. There is widespread speculation that the are getting access to larger bandwidths and access to Stuxnet attack on the Iranian nuclear infrastructure was international traffic, with more danger of being targets linked to a foreign government. and orginators of cyber attacks. For such organizations, the current approaches are too expensive, and low cost Are you optimistic or pessimistic of our ability alternatives have to be developed. to mitigate the cyber threat? Ont he other hand, small firms focused on a specific On the whole I am optimistic that the world will problems and solution can be very effective. However, successfully manage and navigate through the cyber usually enterprise solutions require extensive testing and threat. hence the support of large companies. For successes in this space it in necessary to form strategic partnerships between large companies and small companies; by Zsolt Nemeth and Jeffrey Smith between government and small companies; and this information sharing with the entrepreunerial drive of small companies will yield major dividends. What do you think about the future generation of cyber warriors and hackers? Cyber warriors and hackers deserve more respect. We should not underestimate the value provided by the ethical hacking community. We need to build more trusting environments. We also need to switch from penetration testing, to measuring the consequences of bad guy actions. What’s wrong with penetration testing? Do you feel it gives companies a fake confidence? Penetration testing provides the status of the system at one point in time, New vulnerabilities are constantly 34 ��������������� 02/2012

Recomendados

Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
Zsolt Nemeth
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutions
Zsolt Nemeth
 
SCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systemsSCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systems
Zsolt Nemeth
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defense
Zsolt Nemeth
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Global Business Events
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Security B-Sides
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
E.S.G. JR. Consulting, Inc.
 

Recomendados

Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
Zsolt Nemeth
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutions
Zsolt Nemeth
 
SCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systemsSCIT Labs - intrusion tolerant systems
SCIT Labs - intrusion tolerant systems
Zsolt Nemeth
 
Moving target-defense
Moving target-defenseMoving target-defense
Moving target-defense
Zsolt Nemeth
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Global Business Events
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Security B-Sides
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
E.S.G. JR. Consulting, Inc.
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Trend Micro
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
Andrew Wong
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
Andris Soroka
 
Ehc brochure
Ehc brochureEhc brochure
Ehc brochure
Ehab El Barbary
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
Stephen Lahanas
 
Deterring hacking strategies via
Deterring hacking strategies viaDeterring hacking strategies via
Deterring hacking strategies via
IJNSA Journal
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
Cyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalCyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasional
Edi Suryadi
 
White Paper: Is Your Network Safe Behind Just a Firewall?
White Paper: Is Your Network Safe Behind Just a Firewall?White Paper: Is Your Network Safe Behind Just a Firewall?
White Paper: Is Your Network Safe Behind Just a Firewall?
Windstream Enterprise
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
Anindya Ghosh,
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
graywilliams
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
Trend Micro
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
Trend Micro (EMEA) Limited
 
Infromation Security as an Institutional Priority
Infromation Security as an Institutional PriorityInfromation Security as an Institutional Priority
Infromation Security as an Institutional Priority
zohaibqadir
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploits
ecarrow
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
ijtsrd
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
audeleypearl
 
Network security
Network securityNetwork security
Network security
Simalike Peter
 

Más contenido relacionado

La actualidad más candente

Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
Andrew Wong
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS
 
Deterring hacking strategies via
Deterring hacking strategies viaDeterring hacking strategies via
Deterring hacking strategies via
IJNSA Journal
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalCyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasional
Edi Suryadi
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
Anindya Ghosh,
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploits
ecarrow
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
ijtsrd
 

La actualidad más candente (20)

Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Ehc brochure
Ehc brochureEhc brochure
Ehc brochure
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
 
Deterring hacking strategies via
Deterring hacking strategies viaDeterring hacking strategies via
Deterring hacking strategies via
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
Cyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalCyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasional
 
White Paper: Is Your Network Safe Behind Just a Firewall?
White Paper: Is Your Network Safe Behind Just a Firewall?White Paper: Is Your Network Safe Behind Just a Firewall?
White Paper: Is Your Network Safe Behind Just a Firewall?
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
 
Infromation Security as an Institutional Priority
Infromation Security as an Institutional PriorityInfromation Security as an Institutional Priority
Infromation Security as an Institutional Priority
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploits
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
 

Similar a Hakin9 interview w Prof Sood

Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
audeleypearl
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
Ken Flott
 
Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your Computer
Angie Willis
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016
Janghyuck Choi
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdf
aquazac
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
IJERA Editor
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
IJERA Editor
 
Advantages and Disadvantages of Network Security.pdf
Advantages and Disadvantages of Network Security.pdfAdvantages and Disadvantages of Network Security.pdf
Advantages and Disadvantages of Network Security.pdf
Careerera
 
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESDETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
IJNSA Journal
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
Maurice Dawson
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
ijtsrd
 
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
IJCI JOURNAL
 

Similar a Hakin9 interview w Prof Sood (20)

Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
 
Network security
Network securityNetwork security
Network security
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your Computer
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Cisco - See Everything, Secure Everything
Cisco - See Everything, Secure EverythingCisco - See Everything, Secure Everything
Cisco - See Everything, Secure Everything
 
Why Endpoint Security Matters: Safeguarding Your Virtual Frontiers
Why Endpoint Security Matters: Safeguarding Your Virtual FrontiersWhy Endpoint Security Matters: Safeguarding Your Virtual Frontiers
Why Endpoint Security Matters: Safeguarding Your Virtual Frontiers
 
Network security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdfNetwork security architecture is the planning and design of the camp.pdf
Network security architecture is the planning and design of the camp.pdf
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
 
Advantages and Disadvantages of Network Security.pdf
Advantages and Disadvantages of Network Security.pdfAdvantages and Disadvantages of Network Security.pdf
Advantages and Disadvantages of Network Security.pdf
 
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESDETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research Paper
 
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
 
NetWitness
NetWitnessNetWitness
NetWitness
 
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
IS THERE A TROJAN! : LITERATURE SURVEY AND CRITICAL EVALUATION OF THE LATEST ...
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Hakin9 interview w Prof Sood

  • 1. INTERVIEW Interview with Arun Sood Dr. Arun Sood is Professor of Computer Science in the Department of Computer Science, and Co-Director of the International Cyber Center at George Mason University, Fairfax, VA. His research interests are in security architectures; image and multimedia computing; performance modeling and evaluation; simulation, modeling, and optimization. He and his team of faculty and students have developed a new approach to server security, called Self Cleansing Intrusion Tolerance (SCIT). We convert static servers into dynamic servers and reduce the exposure of the servers, while maintaining uninterrupted service. This research has been supported by US Army, NIST through the Critical Infrastructure Program, SUN, Lockheed Martin, Commonwealth of Virgina CTRF (in partnership with Northrop Grumman). Recently SCIT technology was winner of the Global Security Challenge (GSC) sponsored Securities Technologies for Tomorrow Challenge. Dr Sood leads a university spin-off called SCIT Labs Inc, which is commercializing SCIT technology under license from GMU. Since 2009 Dr. Sood has directed an annual workshop on Cyber Security and Global Affairs with Office of Naval Research support. The 2009 workshop was at Oxford, 2010 in Zurich and 2011 in Budapest. He was awarded grants by NATO to organize and direct advance study institutes in relational database machine architecture and active perception and robot vision. Dr. Sood has held academic positions at Wayne State University, Detroit, MI, Louisiana State University, Baton Rouge, and IIT, Delhi. His has been supported by the Office of Naval Research, NIMA (now NGA), National Science Foundation, U.S. Army Belvoir RD&E Center, U. S. Army TACOM, U.S. Department of Transportation, and private industry. Dr. Sood received the B.Tech degree from the Indian Institute of Technology (IIT), Delhi, in 1966, and the M.S. and Ph.D. degrees in Electrical Engineering from Carnegie Mellon University, Pittsburgh, PA, in 1967 and 1971, respectively. His research has resulted in more than 160 publications, 4 patents, 2 edited books. What’s your background? appointments at Indian Institute of Technology, Delhi All my degrees are in Electrical Engineering – BTech (IIT, Delhi), Louisiana State University, and Wayne (IIT, Delhi); MS and PhD (Carnegie Mellon). My State University. dissertation research was in the area of control theory and motivated by the use of „small” computers like the When did you made the decision to get early DEC mini-computers (PDP series). Currently, I am involved in cyber security? a Professor of Computer Science and Co-Director of the For the last 10 years my research interests have shifted International Cyber Center at George Mason University towards cyber security, and especially on recovery at Fairfax, Virginia. My research is focused on modeling strategies. I got introduced to the complexity of the and designing resilient architectures; scalability of issues during a consulting assingment for a bank. This resilient systems; and metrics to evaluate resilience. was the first time that I realized the expenses related to I have worked for process engineering and consulting IDS alert processing. I see cyber security having many companies for about 10 years and have had academic open and challenging problems, and yet opportunity 32 ��������������� 02/2012
  • 2. Interview with Arun Sood to apply common sense solutions. I like to work at Take for example in the publishing world. The same the edge of practice and research and cyber security article is replicated and published in many venues. If provides an interesting place to be. you subscribe to several publications, then the human has to act as the deduplicator. The same is true of the How do you follow the evolution of this area? search results. (books, newsletters, other sources, etc) Conferences, workshops, technical publications. On What’s your main area of interest / research? line resources. Some IEEE publications that focus on The cyber security problem is an area of intense this topic are well worth reading. IEEE Security and research. The current focus has been on reactive Privacy is a magazine style publication, that is designed methods that are expected to defend against all for lay public. IEEE Transactions on Dependable the attacks. Enterprise systems process millions and Secure Computing and IEEE Transactions on of transaction per day, and failure in even. 01% Information Forensics and Security are two key research of the cases provides for a challenging situation. publications. A number of papers provide information This experience is supported by theory – detection about the current status of the cyber incidents and cyber theory suggests increasing probabilit of detection will threat. Periodically I look at Financial Times, New York increase probability of false positives which requires Times, SC Magazine, Wall Street Journal, Washington more cyber security analyst man hours to resolve. Post, Wired. This reasoning, lead us to 3 principals that drive our research: Do you believe that Moore’s law will continue at its current rate and at one the point an • Intrusions are inevitable evolution in cyber security will be necessary • Once in the system, intruders stay for long periods in order to protect digital assets in light of the – days, weeks and months processing evolution? • Our current servers are sitting ducks Moore suggested that transistors per chips will double every 2 years. I think that this will continue In my research I have focused on reducing the losses for sometime. Multiple cores per chip are helping that are induced by a successful attack. We call this achieve this. However, I expect that more compute intrusion tolerance, and have developed SCIT – Self cycles will be required to protect the digital assests. Cleansing Intrusion Tolerance architecture. SCIT At some point more hardware assets will be used to uses a recovery oriented approach to achieve our manage key security problems like attribution and goal of limiting losses. SCIT reduces the exposure assurance. time of the server to the internet, and restores the server to a pristine state every refresh cycle. In this Does the increasing use of distributed way we reduce the time the bad guys have to induce computing, new algorithms and new threats losses. The limited goal of our research is to increase (especially APT) affects the way we do cyber the work effort required by the attackers. security? How? Cyber security can no longer rely on reactive What is your opinion of server security and approaches alone. It is necessary to take a how do you design secure systems? information risk management view to the problem. Our current servers are sitting ducks. The bad guys Our solutions must include information sharing, install malware on the server, and this spreads the proactive and threat independent approaches, agile infection in the system. We need systems that will defense approaches and continuous monitoring of delete the malware as quickly as possibl. For this the system status. We also need new approaches to reason, I think that servers should be regularly taken forensics – maybe we should design systems with the offline and restored to a pristine state. The time the expectation that forensic analysis may be necessary, servers are exposed to the internet is called the server thus reducing the time for trace back and other Exposure Time. If we can keep the Exposure Time low forensic analysis. and restore the server to a pristine state at the end of this period, then the malware will have only a limited Is the growing use of computers and amount of time to do damage. We have built servers digital data leading to system downfall? At with an exposure time of 1 minute. what degree are we dependent on digital It is generally believed that a defense in depth information and processes? approach is appropriate. I agree. If we can make We are increasingly dependent on digital info. I think the layers independent of each other then that that we are increasingly suffer from info overload. will have additional protection characteristics. The www.hakin9.org/en ��������������� 33
  • 3. INTERVIEW SCIT technology easily integrates with the existing being exposed, and thus systems that have recently infrastructure without interfering with the existing successfully passed a penetration test, will find that security subsystems. they are vulnerable, In this sense the penetration test gives a false sense of confidence. What do you see as the future of cyber security? There are people who predict doomsday Today we are mostly focused on Information Assurance scenarios. Is it likely that eventually we get to – primarliy technology and policy issues. I think that a cyber cold war (let’s say: a code war)? What there needs to be more focus on human factors, would it be like? low cost solutions, and policy. In addition, Attribution To some extent this has already occured in limited deserves much more work. environments. The twin objectives of standardization and cost reduction, reduces the variety or hardware and In terms of players in cyber security, what do software and makes all our systems vulnerable. There is you expect? Small companies, lonely hackers, a risk at the boundary of the cyber – physical connected organized crime, cyber warriors? I assume systems. Protecting the national financial infrastructure this industry is dependent of financial from attack is critically important especially countries resources or lack of them. Is it possible to that are leading users of internet and mobile systems. small companies to prevail? Emerging countries are pushing for using mobile Most of the headlines are about successful attacks devices to perform financial transactions, especially low on large companies, especially financial services value monetary transactions. Most Critical Infrastructure companies, and defense and government offices and Protection projects include water and electric utilities. contractors. However, small companies have also been hacked. Hackers have stolen data, and stolen Has it already started? commercial and business information like forthcoming It appears that Estonia and Georgia events are bids which makes small companies particularly examples of code ware. There are reports of the vulnerable. Rural comunities and small towns are also Israel adn Palestinan conflict leading to cyber security vulnerable to hacking. At the same time emerging nations incidences. There is widespread speculation that the are getting access to larger bandwidths and access to Stuxnet attack on the Iranian nuclear infrastructure was international traffic, with more danger of being targets linked to a foreign government. and orginators of cyber attacks. For such organizations, the current approaches are too expensive, and low cost Are you optimistic or pessimistic of our ability alternatives have to be developed. to mitigate the cyber threat? Ont he other hand, small firms focused on a specific On the whole I am optimistic that the world will problems and solution can be very effective. However, successfully manage and navigate through the cyber usually enterprise solutions require extensive testing and threat. hence the support of large companies. For successes in this space it in necessary to form strategic partnerships between large companies and small companies; by Zsolt Nemeth and Jeffrey Smith between government and small companies; and this information sharing with the entrepreunerial drive of small companies will yield major dividends. What do you think about the future generation of cyber warriors and hackers? Cyber warriors and hackers deserve more respect. We should not underestimate the value provided by the ethical hacking community. We need to build more trusting environments. We also need to switch from penetration testing, to measuring the consequences of bad guy actions. What’s wrong with penetration testing? Do you feel it gives companies a fake confidence? Penetration testing provides the status of the system at one point in time, New vulnerabilities are constantly 34 ��������������� 02/2012