Proactive Cyber Deterrance



Cyber risk is a product of threats, vulnerabilities and consequences. Driving any one of these to zero, will achieve zero risk. Most of us do not have a James Bond 007 license and thus cannot eliminate threats. For some time the general belief has been that all vulnerabilities can be eliminated, thus driving cyber risk to zero. Are there any CISOs who are telling their CEOs that all vulnerabilities are eliminated? Detection is a much more difficult problem than most expected. At SCIT Labs, we believe that intrusions are inevitable and focus on reducing the consequences of a successful intrusion. 


If we rely exclusively on the current reactive systems, then the virtualized servers, or the cloud, are going to be no more secure than the existing systems. In fact, multi tenancy, additional software, sharing of the memory resources, sharing of the internal data paths like the internal buses, all point to the possibilities of additional vulnerabilities, with shared resources providing a path for spreading the impact of an initial foot hold intrusion. However, this is only part of the story - the virtualized and clustered computer environments provide the system designer new opportunities to improve system security.

In this on-demand webinar we present Self Cleansing Intrusion Tolerance (SCIT) a patented novel approach for reducing cost of intrusions. This Moving Target Defense (MTD) strategy leads to higher level of cyber defense. We show through experimental results and simulations that using SCIT results in much lower data ex-filtration losses even for zero day and APT attacks. Another interesting result of our work is that combining reactive and proactive systems provides significant advantage as compared to either separately.

The SCIT strategy effectively converts static servers into dynamic systems. In this way, we can facilitate a new series of strategies to effectively protect physical systems and virtualized environments including the cloud.

Speaker and Presenter Information

 

 

 

 

 

 

 

 


 

Dr Arun Sood Professor(Computer Science) & Co-Director, International Cyber Center

Dr. Arun Sood is Professor of Computer Science in the Department of Computer Science, and Co-Director of the International Cyber Center (ICC) at George Mason University, Fairfax, VA. His research interests are in security architectures; image and multimedia computing; performance modeling and evaluation; simulation, modeling, and optimization. He and his team of faculty and students have developed a new approach to server security, called Self Cleansing Intrusion Tolerance (SCIT). We convert static servers into dynamic servers and reduce the exposure of the servers, while maintaining uninterrupted service. This research has been supported by the U.S. Army, NIST through the Critical Infrastructure Program, SUN, Lockheed Martin, Commonwealth of Virginia CTRF (in partnership with Northrop Grumman). Recently SCIT technology was the winner of the Global Security Challenge (GSC) sponsored Securities Technologies for Tomorrow Challenge. This technology has been awarded three patents and three additional patents are pending. SCIT Labs, a university spinoff, has been formed to commercialize SCIT technology.

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC


    Event Type
    Webcast


    This event has no exhibitor/sponsor opportunities


    When
    Thu, Apr 23, 2015


    Cost
    Complimentary:    $ 0.00


    Website
    Click here to visit event website


    Organizer
    Covenant Security Solutions, Inc.


    Contact Event Organizer



    Return to search results