Implementing Security Control Loops in Security Autonomous Response - - PowerPoint PPT Presentation

implementing security control loops in security
SMART_READER_LITE
LIVE PREVIEW

Implementing Security Control Loops in Security Autonomous Response - - PowerPoint PPT Presentation

Sep 22, 2023 140 likes •410 views

Introduction Research Questions Proof of Concept Results Conclusions Questions? Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE University of Amsterdam & TNO Supervisors: Marc X. Makkes

slide-1
SLIDE 1

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Implementing Security Control Loops in Security Autonomous Response Networks

Hristo Dimitrov

SNE University of Amsterdam & TNO Supervisors: Marc X. Makkes & Robert J. Meijer

July 3, 2014

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-2
SLIDE 2

Introduction Research Questions Proof of Concept Results Conclusions Questions? Why was this research conducted?

Introduction

Imagine your banking website or application does not work!

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-3
SLIDE 3

Introduction Research Questions Proof of Concept Results Conclusions Questions? Why was this research conducted?

Introduction

Imagine your banking website or application does not work! ANNOYING!!!

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-4
SLIDE 4

Introduction Research Questions Proof of Concept Results Conclusions Questions? Why was this research conducted?

Introduction

Imagine your banking website or application does not work! ANNOYING!!!

  • A way for adopting the

best countermeasures technologies which are available

  • Support for very

complex networks

  • Easier organizing the

security of company networks

  • Faster response times

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-5
SLIDE 5

Introduction Research Questions Proof of Concept Results Conclusions Questions? How can we do that?

Introduction

  • Software Defined

Networks (SDNs) are

  • ut there...
  • Implementing Security

as a Service (SaaS)

  • By using control loops
  • Share security modules

with other companies and organizations

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-6
SLIDE 6

Introduction Research Questions Proof of Concept Results Conclusions Questions? What will be the result?

Introduction

Security Autonomous Response Networks - Software Defined Networks that adjust themselves in order take care of security threats and risks

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-7
SLIDE 7

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Research Questions

How could a security control loop be implemented as a software solution?

  • What properties should the implementation of a Security

Autonomous Response Network have, in order to make it beneficial and effective against security threats?

  • How can a Security Autonomous Response Network decide on

which response will be better to execute in a given situation?

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-8
SLIDE 8

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-9
SLIDE 9

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-10
SLIDE 10

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-11
SLIDE 11

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-12
SLIDE 12

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Control Loop

  • Creating topology
  • Testing the Network
  • Start Services
  • Start Control Loop
  • Collect TCP Connections

Statistics

  • Check Number Of

Connections

  • (Determine Potential

Attacks)

  • (Create New Server)
  • (Redirect Traffic To It)

Moving resources to new server

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-13
SLIDE 13

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-14
SLIDE 14

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-15
SLIDE 15

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-16
SLIDE 16

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-17
SLIDE 17

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-18
SLIDE 18

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-19
SLIDE 19

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-20
SLIDE 20

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Control Loop

  • Creating topology
  • Testing the Network
  • Start Services
  • Start Control Loop
  • Collect TCP Connections

Statistics

  • Check Number Of

Connections

  • (Determine Potential

Attacks)

  • (Collect Bandwidth

Statistics)

  • (Adjust Rate Limits)
  • (Implement New Rate

Limits) Determine potential attacks vectors

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-21
SLIDE 21

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Isolation Results

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-22
SLIDE 22

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Attack Limiting Results

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-23
SLIDE 23

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Conclusions

(What properties should the implementation of a Security Autonomous Response Network have, in order to make it beneficial and effective against security threats?)

  • Software Modularity - Scalability, Reusable and pluggable

modules

  • Company Infrastructure Modularity - Flexibility, More
  • ptions for responses to security threats

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-24
SLIDE 24

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Conclusions

(How can a Security Autonomous Response Network decide on which response will be better to execute in a given situation?) Responses to security threats should be:

  • Classified - based on which problems they can solve
  • Rated - based on their effectiveness

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov

slide-25
SLIDE 25

Introduction Research Questions Proof of Concept Results Conclusions Questions?

Questions Please ask your questions now, thank you!

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov