Upload
others
View
11
Download
0
Embed Size (px)
Citation preview
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
ConfigSynth: A Formal Framework for Network Security Design Synthesis
Mohammad Ashiqur Rahman and Ehab Al-Shaer
CyberDNA Research Center, UNC Charlotte
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Motivation • Complexity of Security Configuration is a major source of network
vulnerability: – “inappropriate or incorrect security configurations were responsible for
80% of United States Air Force vulnerabilities.”, Center for Strategic and International Studies Report on "Securing Cyberspace for the 44th Presidency“, December 2008.
– “human error is blamed for 50 to 80% of network outages.” , Juniper Networks Report, May 2008
– “the human factor” themselves cause more than 30% of network outages, “a major concern for carriers and causes big revenue-loss.” , British Telecom 2009
• Lack of security design analytics and automation tools
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Security Design Automation Problem
Automating the design synthesis of security configurations by determining security countermeasures along with device placements that reduces risk (attack surface) while satisfying different constraints: – Security requirements – Business (Usability and Cost) constraints – Mission objective (Connectivity requirements)
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Challenge: 1 – Contention between the security and
usability constraints. – Lack of metrics to measure these factors. – Budget constraints. – Security architecture should consider large-scale networks.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Challenges: 2 – Contention between the security and usability constraints.
– Lack of metrics to measure these factors. – Budget constraints. – Security architecture should consider large-scale networks.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Challenge: 3 – Contention between the security and usability constraints. – Lack of metrics to measure these factors.
– Budget constraints. – Security architecture should consider large-scale networks.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Challenge: 4 – Contention between the security and usability constraints. – Lack of metrics to measure these factors. – Budget constraints.
– Security architecture should consider large-scale networks.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Architecture
Security
Usability
Cost Security-Device Placements
Security Policy
Configuration Synthesis
SMT Solver
Security Specifications
Usability Specifications
Device Placement Model
Isolation, Usability, and Cost Model
Constraint Model
Network Topology and Placement Strategy
Connectivity Requirements
User-defined Constraints
ConfigSynth
Cost Specifications
ConfigSynth
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Architecture
Security
Usability
Cost Security-Device Placements
Security Policy
Configuration Synthesis
SMT Solver
Security Specifications
Usability Specifications
Device Placement Model
Security, Usability, and Cost Model
Constraint Model
Network Topology and Placement Strategy
Connectivity Requirements
User-defined Constraints
ConfigSynth
Cost Specifications
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Architecture
Security
Usability
Cost Security-Device Placements
Security Policy
Configuration Synthesis
SMT Solver
Security Specifications
Usability Specifications
Device Placement Model
Security, Usability, and Cost Model
Constraint Model
Network Topology and Placement Strategy
Connectivity Requirements
User-defined Constraints
ConfigSynth
Cost Specifications
Evaluation
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Security in terms of Isolation • Security requirements are indicated by isolation measures
between the hosts. • An isolation pattern signifies the type of security
resistance. • Network level isolation patterns:
– Access deny – Trusted communication, i.e., authenticated/encrypted communication. – Payload inspection. – Source identity hiding communication. – Traffic forwarding through proxy.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Isolation Model
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Isolation Score
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Isolation Requirement
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Usability Constraint
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Cost Constraint
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Miscellaneous Constraints
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Analytical Result
The maximum possible isolation with respect to the usability constraint considering a fixed cost constraint
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Evaluation
The model synthesis time with respect to the number of hosts.
Science of Security Lablet
Security Metrics-Driven Evaluation, Design, Development, & Deployment
Summary • Our work has been accepted for publication in IEEE
ICDCS 2013 (13% acceptance rate). • Future works
– We are investigating the methodologies for the risk evaluation of the synthesized security design, and hypothesis generation for feedback controls to the synthesis engine.
– Interactive security analytics
Thanks