Jump to content
Nytro

Science of Cyber-Security

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Science of Cyber-Security

JASON

The MITRE Corporation

7515 Colshire Drive

McLean, Virginia 22102-7508

(703)

Contact: D, McMorrow - dmcmorro w@mi tre.org

November 2010

Approved for public release; distribution unlimited

Contents
1 EXECUTIVE SUMMARY 1
2 PROBLEM STATEMENT AND INTRODUCTION 9
3 CYBER-SECURITY AS SCIENCE – An Overview 13
3.1 Attributes for Cyber-Security . . . . . . . . . . . . . . . . . . . . 14
3.2 Guidance from other Sciences . . . . . . . . . . . . . . . . . . . 15
3.2.1 Economics . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.2.2 Meteorology . . . . . . . . . . . . . . . . . . . . . . . . 16
3.2.3 Medicine . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2.4 Astronomy . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2.5 Agriculture . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.3 Security Degrades Over Time . . . . . . . . . . . . . . . . . . . . 18
3.3.1 Unix passwords . . . . . . . . . . . . . . . . . . . . . . . 18
3.3.2 Lock bumping . . . . . . . . . . . . . . . . . . . . . . . 19
3.4 The Role of Secrecy . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.5 Aspects of the Science of Cyber-Security . . . . . . . . . . . . . 22
3.6 Some Science . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6.1 Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6.2 Cryptography . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6.3 Game theory . . . . . . . . . . . . . . . . . . . . . . . . 24
3.6.4 Model checking . . . . . . . . . . . . . . . . . . . . . . . 26
3.6.5 Obfuscation . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.6.6 Machine learning . . . . . . . . . . . . . . . . . . . . . . 27
3.6.7 Composition of components . . . . . . . . . . . . . . . . 27
3.7 Applying the Fruits of Science . . . . . . . . . . . . . . . . . . . 28
3.8 Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.9 The Opportunities of New Technologies . . . . . . . . . . . . . . 32
3.10 Experiments and Data . . . . . . . . . . . . . . . . . . . . . . . . 34
4 MODEL CHECKING 37
4.1 Brief Introduction to Spin and Promela . . . . . . . . . . . . . . . 38
4.2 Application to Security . . . . . . . . . . . . . . . . . . . . . . . 42
4.2.1 The Needham-Schroeder Protocol . . . . . . . . . . . . . 43
4.2.2 Promela model of the protocol . . . . . . . . . . . . . . . 45
4.3 Scaling Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
iii
4.4 Extracting Models from Code . . . . . . . . . . . . . . . . . . . 52
4.5 Relationship to Hyper-Properties . . . . . . . . . . . . . . . . . . 53
5 THE IMMUNE SYSTEM ANALOGY 65
5.1 Basic Biology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
5.2 Learning from the Analogy . . . . . . . . . . . . . . . . . . . . . 68
5.2.1 The need for adaptive response . . . . . . . . . . . . . . . 69
5.2.2 A mix of sensing modalities . . . . . . . . . . . . . . . . 70
5.2.3 The need for controlled experiments . . . . . . . . . . . . 71
5.2.4 Time scale differences . . . . . . . . . . . . . . . . . . . 73
5.2.5 Responses to detection . . . . . . . . . . . . . . . . . . . 74
5.2.6 Final points . . . . . . . . . . . . . . . . . . . . . . . . . 75
6 CONCLUSIONS AND RECOMMENDATIONS 77
A APPENDIX: Briefers 85

Download:

http://www.fas.org/irp/agency/dod/jason/cyber.pdf

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...