Embed Size (px)
Citation preview
U.S. Army Research, Development and Engineering Command
Cyber Security CRA Overview
Professor Patrick McDaniel
Cyber Security (CSEC) Collaborative Research Alliance
A Collaborative Alliance between ARL, CERDEC, Academia, & Industry to advance the foundation of cyber science
in the context of Army networks
Cyber Security CRA Objectives
Develop a fundamental understanding of cyber phenomena (incl human
aspects)
Fundamental laws, theories, & theoretically grounded & empirically validated
models
Applicable to a broad array of Army domains, applications, & environments
2
Cyber Security CRA Key Attributes
Alliance to advance cyber science: Collaboration between Government
& Consortium integral to CRA
success
Emphasis on theoretical
underpinnings with validated
models in Army context
Accelerating Transition to Practice
Subject matter experts at ARL enable
accelerated transition into operational environments thru active involvement in research
& operations
CERDEC enables the maturation of promising research & accelerated transition to
industry & PMs/PEOs
3
Cyber Security Science Challenges
Domain
Heterogeneous & convergent networks
Army must:
Use & defend networks that it neither owns
nor directly controls
Construct mission networks with a variety of
partners & allies
Adapt to rapidly changing technologies, tactics, & threats
Maintain situation awareness across complex
networks
Large attack surface
Relatively disadvantaged assets
Large scale & high dynamics
Advanced persistent threats
Close proximity with threats
Disadvantaged users
Must work through contested and compromised
environments
Army-unique Challenges
4
Grand Science Challenges:
Joint study of inter-related areas of cyber-security
Understanding human dynamics: defense and attack
Strategic & tactical networks
Towards a Cyber Science
Scientific understanding should manifest itself in models that:
Are mathematically formulated, developed from first principles
Explicitly & formally specify assumptions, simplifications & constraints
Involve characteristics of threats, defensive mechanisms & the defended network (including quantifiable attributes of the human)
Are at least partly theoretically grounded & yield experimentally testable predictions
Are experimentally validated
5This effort is not focused on the creation of new cyber defenses!
Cyber Security CRA Strategy
Teaming:
Collaborative teams co-led by PIs from government, academic
and industry partner organizations
Accelerate transition to practice via close partnering with SMEs
at ARL and CERDEC
Universities ARL
CERDEC Industry
CRA Leadership
Technical Approach:
Trans-disciplinary; Emphasis on understanding human attackers-
defenders-users; Experimentation to validate models
Impact: Create fundamental understanding of cyber science
encompassing risk, agility, detection and the underlying human dynamics
Funding:
CORE: ~$3M/year for basic research
ENHANCED (unfunded): $500K/$1M per year for 6.1/6.2 research
Consortium cost-share $587K/year
PI Expertise:
Cyber-security, systems, theory, human factors, psychology, networking
6
Prof. Patrick McDaniel
CRA Program Manager (PM)
Professor, Penn State University
Chair, IEEE TC on Security and Privacy
Co-Directory, Systems and Internet Infrastructure Security Laboratory
Area Edit, Secure Systems, IEEE Security and Privacy Magazine
Dr. Ananthram Swami
CRA Collaborative Alliance Manger (CAM)
Army Research Laboratory
ST, Network Science
IEEE and ARL Fellow
Steering Board, IEEE-Transactions on Network Science and Engineering
7
CSEC CRA Leadership
Area Leads
• Risk
• Jean Camp (Indiana)
Hasan Cam (ARL)
• Detection
• Srikanth Krishnamurthy (UCR)
Ananthram Swami (ARL)
• Agility
• Prasant Mohapatra (UCD)
Lisa Marvel (ARL)
• Human Dynamics
• Lorrie Cranor (CMU)
Norbou Buchler (ARL) 8
CSEC CRA TEAM
• University PIs• Penn State : Jaeger, La Porta, and McDaniel• CMU : Bauer, Christin, Cranor, and Gonzalez• Indiana : Bertenthal, Camp, and Henshel• UC Davis : Levitt, Mohapatra, and Su• UC Riverside : Krishnamurthy, Madhyastha, and Neamtiu
• ARL Researchers • Buchler, Cam, Erbacher, Kott, Marvel, Rivera, Swami,
Torrieri, Vaughn
• CERDEC Researchers • Cansever, Hesse, Murawsky, Shahid
9
CSEC CRA Vision
Motivated by key challenge:
Given a security and environmental state, what cyber-maneuvers best mitigate
attacker actions and maximize mission success?
Goal: Develop a rigorous science of cyber-security that will:
a) Detect the threats and attacks present
in the environment and assess risks
b) Understand / predict users, defenders
and attackers actions
c) Alter the environment to securely
achieve maximal mission success
rates at the lowest resource cost while
maximizing cost to adversary
Outcome: Dictate and control the
evolution of cyber-missions in the presence
of adversarial actions10
Cyber Security CRA Research Focus
Risk: Theories & models that relate fundamental properties of dynamic risk assessment to the
properties of dynamic cyber threats, Army’s networks, & defensive mechanisms
Detection: Theories & models that relate properties & capabilities of cyber threat detection &
recognition to properties of malicious activity
Agility: Theories & models to support planning & control of cyber maneuver in network
characteristics & topologies
Research Areas
Human dimensions: Theoretical understanding of
the socio-cognitive factors that impact the decision
making of the user, defender, & adversary
Cross Cutting
Research Issue
Develop an understanding of cyber phenomena:
Fundamental laws, theories, & theoretically grounded
& empirically validated models
That can be applied to a broad range of Army
domains, applications, & environments
11
Cyber Security CRA Research Interrelationships
Risk, Detection, & Agility are intricately linked & co-evolving
Human dimensions are key to understanding decision making of the user, defender, adversary as they relate to Risk, Detection,
& Agility
Analysts evaluate risk to make cyber security
decisions
Risk is diminished with stronger detection
Improved detection increases confidence in risk
assessment
Higher tolerance for risk can lower detection
requirements
Agile cyber maneuver
can reduce risk
Agility makes risk assessment more difficult &
uncertain
Identification of risks may trigger maneuvers
Agility can hinder accurate timely detection
Agility degrades analyst ability to identify/correlate events
Inaccurate threat detection can cause maneuver flapping
Human Dynamics
Cross-Cutting
Research Issue
Trans-disciplinary approach
to cyber security research
12
Research Areas and Cyber-Science
13
Risk
Develop theories and models of risk assessment in cyber-
environments that combine:
a) system and network risk
b) human oriented risk
Detection
Develop theories and models of detection that provide:
a) what is the most likely threat
b) what impact will it have
c) the confidence in the process
• Agility
• Develop theories and models of system agility that reason about:
a) the universe of security-compliant maneuvers and end-states
b) the impacts of maneuvers on humans and outcomes
• Human Dynamics (CCRI)
• Develop theories and models of users behavior in cyber-environments
that:
a) classify user intent and capability
b) predict how a user will react to stimuli
c) induce mitigating adversarial behavior
Experimentation: validation of science
Validate theories and algorithms via user and system experiments
Team internal and BAA partner driven
Using large-scale test-beds, e.g., DoD GENI, NCR, DETER, etc.
Operations Model provides a framework for Risk, Agility, and Detection
CRA Area and Task Structure
14
Operations Model
Develop formal structures for reasoning about cyber-maneuvers and
security goals & strategies
Mathematical representations must be decomposable and composable in ways that make analysis tractable & answer
questions such as
–What is the state of the network/system?
•Who are users, defenders, and adversary?
•What is the state of the user/defender/adversary?
•Are the systems available and secure?
•Are attacks in progress?
•What are the relative risks in the environment?
–Should we alter the environment and how?
•What outcomes are “globally” optimal?
•What are the available cyber-maneuvers?
•Which maneuvers maximize outcomes while minimizing cost?
15
Operations Model
The operation model provides
a common framework for
Risk and Agility
Continuous optimization of the environment based on models of attackers, defenders, the environment
• Operation survivability is achieved by altering the security configuration and network capabilities in response to detected
adversarial operations and situational needs of users and resources and tools available to defenders.
• Cost and risk metrics are used to select optimal strategies and configurations that maximize success probabilities while mitigating
adversarial actions.
• Models of user, defender, and adversarial behaviors, actions and needs are used to derive the operation state, as well as to
identify those configurations that increase the probability of operation success.
16
Example Operation Model: Lost Assets
Effort: Team of 12 undergrads working with Alliance PIs on
implementation and visualization 17
Scenario: Insurgents capture Sergeant Hill's
AN/PSN-13 DAGR (Defense Advanced GPS
Receiver), his AN/PRC-148 MBITR, and PFC
Stark’s AN/PRC-148 MBITR.
Outcomes: Prevent devices or data therein from
being used by insurgents to penetrate or disrupt
command and control.
Detection: Human-scale reporting, “last gasp”
measures, network monitoring.
Risks: Exfiltration of sensitive intelligence and credentials from devices. Disruption of communications among other
cooperating devices
Agility: Remote zeroing of devices, revocation of credentials. Where device state is unknown, quarantine until better detection
state known. Rekeying of multiparty session keys, changing frequency hopping.
5 and 10 Year Goals
18
• By year 5
• Develop a theory of cyber-security built on operation models. The science and models should produce the
capability to:
• (a) accurately assess current and predict future system states and (b) posit reconfiguration activities that
increase success rates of operations, and (c) decrease success rates of adversarial missions.
• By year 10
• Validate foundational principles of a science of cyber-security. The science and models should produce the
capability to:
• (a) perform the continuous optimization of the mission network environment, and (b) dictate and control
the evolution of missions, adversarial actions and threats.
CRA Collaboration Plan
• Cross-team and cross thrust collaboration will be supported by multi-homed PIs from Universities, ARL, and
CERDEC:
• Yearly week-long boot camps
• CRA Infrastructure provides a mechanism for collaborative research and experimentation, and archival
cra.psu.edu
• Joint development, planning and execution of research by consortium and government scientists
• Will work closely with BAA partner for experimental validation of research, and for transition to ARL and CERDEC
and OGA
19
Summer Undergraduate Research Program
20
• 2014 : 12 top Junior and Senior students recruited from the Computer Science and Engineering Program
• Hired as CRA researchers
• Working on operations model development, tools
• Summer program will support rotation of the students to ARL/CERDEC facilities
• May – Aug 2014
• Develop CRA relevant research
• ARL/CERDEC Mentorship
• Long term: support transition of CRA students to graduate programs
FY14 Events / Visits / Staff Exchanges
Key Events:
20 Sept 2013 Award
9-11 Dec 2013 PI Meeting , ARL, ALC
10 Feb 2014 Visit to ARL/HRED, CERDEC
01 Apr 2014 Today’s formal launch
18 Apr 2014 Student team to visit ARL
11-14 Aug 2014 CRA collaboration Bootcamp
Short visits: already 9 visits between ARL, CERDEC, and PI organizations, many more planned
Planned Staff Rotations: 1 week long rotation already from ARL to Penn State, 8 PI and 3 post doc commitments for
Spring/Summer 1-2 week rotations between organizations, 12 undergraduates for summer rotation to ARL
21
Conclusions
22
• The CSEC CRA Team has been working for six months to plan and begin executing an
approach to address one of the grand challenges of a generation
• This effort will found the science that enables the Army to protect is critical assets and
users in future cyber- and physical battlefields …
• … and will serve as a model for joint collaboration on scientific problems.
“Science is the systematic classification of experience.”
- Philosopher George Henry Lewes (1817-1887)
THANKS!
Develop the theoretical underpinnings for a
Science of Cyber Security
U.S. Army Research, Development and Engineering Command
Way Ahead
McDaniel (PM) & Swami (CAM)
