Detecting Nation State Cyberattacks with Classified Threat Sensors Dr. Steve Weis, Dr. Aloni Cohen, Dr. Amina Asim
Dr. Stephen Weis Dr. Aloni Cohen Dr. Amina Asim
Private companies must defend against foreign nations without access to classified threat intelligence.
The Information Sharing Challenge Private Company Network Security Logs Private Computer π β Threat β Cyber Detection Attacker Private Indicator of β¨ π Logs Compromise β¦
The Information Sharing Challenge Private Company Network Security Logs Private Computer π Classified β β Threat β Cyber Intelligence β¨ Detection Attacker Private Indicator of β¨ β = π π Logs Compromise β¦ Can private industry apply classified intelligence without leaking it?
What if a classified threat sensor could apply classified intelligence to private company data?
Classified Threat Sensors Private Company Network Security Logs Private Computer π Classified Classifed β β π β Cyber Intelligence β¨ Threat Attacker Encrypted Private Indicator of β¨ β = π π Sensor Intelligence Logs Compromise β¦
CANAREE: Classified Analysis of Network Attacks in a Restricted Execution Environment
Secure enclaves are safe spaces to run your own software on someone elseβs computer.
Starting a Classified Threat Sensor Classified Unclassified Private Computer Verification Classified Intelligence Secure Service Enclave Private Data Open Source Code
Searching for Threats in Private Data Classified Unclassified Private Computer Verification 1. Verify enclave is authentic Classified Intelligence Secure Service Enclave Private Data 2. Encrypt 3. Encrypted Intelligence Encryption 4. Search Service 5. Encrypted βHit or Missβ
Responding to Detected Threats Classified Unclassified Private Computer Verification 1. Verify enclave is authentic Classified Intelligence Secure Service Enclave Private Data 2. Encrypt 3. Encrypted Intelligence Encryption 4. Search Service 5. Encrypted βHitβ 6. βHitβ Employee Analyst 7. βYou have a problemβ¦β
CANAREE: Classified Analysis of Network Attacks in a Restricted Execution Environment Private Company Network Security Logs Private Computer π Secure Classified β Enclave β π β Cyber Intelligence β¨ π β¨ Attacker Encrypted Private Indicator of β¨ β = π π β ? Intelligence Logs Compromise β¦
Five Phase Plan Phase 1 Open Source Proof of Concept Phase 2 Industry-to-Industry Trial Deployment Phase 3 Government-to-Government Trial Deployment Phase 4 Government-to-Industry Unclassified Sharing Phase 5 Government-to-Industry Classified Sharing
Call for Funding β’ Call for $150,000 grant to develop a classified threat sensor. β’ Funding will cover 2 student developers for 1 semester plus a part time PI. β’ Working prototype should be delivered in 6 months. β’ All software will be available under open source license .
Thanks to Generous Supporters
CANAREE: Classified Analysis of Network Attacks in a Restricted Execution Environment For more information, please visit: β¨ https://saweis.net/canaree
Recommend
More recommend