ncl facilitating cybersecurity experimentation as a
play

NCL: Facilitating Cybersecurity Experimentation as a Community - PowerPoint PPT Presentation

Aug 13, 2023 •203 likes •382 views

NCL: Facilitating Cybersecurity Experimentation as a Community Liang Zhenkai National Cybersecurity R&D Lab (NCL) National Cybersecurity R&D Lab National Cybersecurity R&D Lab (NCL) Shared national infrastructure of

  1. NCL: Facilitating Cybersecurity Experimentation as a Community Liang Zhenkai National Cybersecurity R&D Lab (NCL)

  2. National Cybersecurity R&D Lab • National Cybersecurity R&D Lab (NCL) – Shared national infrastructure of Singapore for cyber-security research & development • Objectives – Simplify research and experimentation effort – Provide realistic testing environment – Enrich users' testing and validation • Offered services – Infrastructure, Ready-to-use Environments, Data

  3. Services of NCL Environments Infrastructure Data • 200 • Ready-to-Use • Data vulnerability Servers collection configuration • Software • Malware • Malware defined • Akamai runtime network • Data • Cyber Range • GPU hosting components Servers and access • Flexible control network • IMPACT topology dataset

  4. Life Cycle of Cyber Security Research Research Setup Attack Analysis Solution Description Goal: Reuse existing configuration efforts

  5. NCL Infra from User’s View NCL Infrastructure Data Repo

  6. Virtual Enterprise Network

  7. Catalog of Vulnerabilities

  8. The WannaCry Ransomware • Outbreak on May 12, 2017 – Infected more than 300,000 computers over 150 countries. – Encrypting user files – Asking for Bitcoin • Target vulnerability CVE-2017-0143 (MS17- 010) – Vulnerability in SMB (port 445), originally exploited in ETERNALBLUE – Patch released on March 14, 2017 by Microsoft

  9. Virtual Enterprise Network

  10. WannaCry Network Behavior • Kill switch – www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com • HTTPS request to a few IPs – 199.254.238.52 – 154.35.175.225 – 128.31.0.39 – ....... • Random probing of next target – Local network first, then external network – Different interval of probing, 10 – 25 per second

  11. More Network Behaviors • Propagate but never connect with TOR servers • DB349B97C37D22F5EA1D1841E3C89EB4 • Never propagate but do connect with TOR servers • 509C41EC97BB81B0567B059AA2F50FE8 • Query a domain first, and do nothing if no response • 8DD63ADB68EF053E044A5A2F46E0D2CD

  12. WannaCry System Behaviors • Malware related files appear • Background of desktop changes • Encrypted files ‘*.WNCRY’ appear • Notification window appears • Original files disappear

  13. Variants of System Behavior • Different order of events • Different filename extension of encrypted files • E.g. ‘*.wry’ of 8DD63ADB68EF053E044A5A2F46E0D2CD • Different notification windows and backgrounds of deskop

  14. Life Cycle of Cyber Security Research Research Setup Attack Analysis Solution Description Goal: Reuse existing Goal: Share and reuse configuration efforts research knowledge

  15. Facilitating Research • A community-maintained resource set on NCL to support research – E.g. network behavior modeling, binary analysis to identify vulnerability for zero-days.

  16. NCL as a Knowledge Base • With automated vulnerability setup, we can gather knowledge of experiments • E.g., three level of information – CVE description – Executable environment – Analysis results from research projects

  17. The NCL Platform Flexible Ready-to-use Infrastructure Environments NCL Platform http://ncl.sg Data and data Community management Knowledge Base

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
building a culture of experimentation at Spotify @bendressler - experimentation lead user

building a culture of experimentation at Spotify @bendressler - experimentation lead user

building a culture of experimentation at Spotify @bendressler - experimentation lead user retention product satisfaction # of track plays predicting things is hard hi expectations why and how we experiment - in a consumer oriented live

1.03k views • 75 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Dynamic Delegation of Experimentation Yingni Guo Northwestern University ngni Guo (NU)

Dynamic Delegation of Experimentation Yingni Guo Northwestern University ngni Guo (NU)

Dynamic Delegation of Experimentation Yingni Guo Northwestern University ngni Guo (NU) Delegation of Experimentation 1 / 55 Introduction Delegating Experimentation I study how to manage innovation in a hierarchical organization. A principal

1.68k views • 119 slides
Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and measurements MIT Tech Review on The Loon Project The state of affairs An ever growing Internet ~3 billion people 15 billion devices

1.21k views • 107 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
Facilitating Evaluation Use Facilitating Evaluation Use through through 1 Effective

Facilitating Evaluation Use Facilitating Evaluation Use through through 1 Effective

Facilitating Evaluation Use Facilitating Evaluation Use through through 1 Effective Communicating & Reporting 1 Effective Communicating & Reporting Rosalie T. Torres, Ph.D. Torres Consulting Group 1028 College Ave. Alameda, CA 94501

1.35k views • 77 slides
Experimentation in Virtual Environments Will Steptoe 29 th January 2010 Whats in this

Experimentation in Virtual Environments Will Steptoe 29 th January 2010 Whats in this

Experimentation in Virtual Environments Will Steptoe 29 th January 2010 Whats in this lecture? 1. Introduction to experimentation in VEs 2. Experimental Design 3. Case study What is an Experiment? A set of actions and observations,

692 views • 46 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
Tackling the Obesity Epidemic Facilitating Consumer Adoption of Healthy Lifestyle Facilitating

Tackling the Obesity Epidemic Facilitating Consumer Adoption of Healthy Lifestyle Facilitating

Tackling the Obesity Epidemic Facilitating Consumer Adoption of Healthy Lifestyle Facilitating Consumer Adoption of Healthy Lifestyle Gary D. Foster, Ph.D. Chi f S i Chief Scientific Officer ifi Offi Weight Watchers International 1 Requires

570 views • 7 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides
Review First, operating systems solves time-sharing multi-tasking context = memory address

Review First, operating systems solves time-sharing multi-tasking context = memory address

Review First, operating systems solves time-sharing multi-tasking context = memory address space + stack pointer + instruction pointer IBM360 uses context-switch for time-sharing multi-tasking Second, operating systems solves

870 views • 39 slides
Quantum & blockchain Best friendmies ! Introduction Blockchain technologies, of which the

Quantum & blockchain Best friendmies ! Introduction Blockchain technologies, of which the

Quantum & blockchain Best friendmies ! Introduction Blockchain technologies, of which the most famous representative is the Bitcoin crypto currency, all have a point in common (hacker thinking : single point of failure) : cryptography.

310 views • 10 slides
Stylight Apps - Our Learnings Sebastian Schuon Stylight Make Style happen Millennial Women -

Stylight Apps - Our Learnings Sebastian Schuon Stylight Make Style happen Millennial Women -

Stylight Apps - Our Learnings Sebastian Schuon Stylight Make Style happen Millennial Women - 18 to 35 years old - 60% are living in big cities - 55% have a higher education How to create the product that inspires women? Team &

719 views • 33 slides
ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS

ADVANCED COMPUTER SECURITY ASSURANCE AND ACCOUNTABILITY ASSURANCE AND ACCOUNTABILITY GENERAL INFO / ANNOUNCEMENTS Reminder : read and post response to Enforceable Security Policies by tomorrow afternoon. Please send me your talk

524 views • 41 slides
Digital Design Methodology CENG/ELEC/SENG 399 Dr. F . Gebali, PhD, PEng ECE Dept. Faculty of

Digital Design Methodology CENG/ELEC/SENG 399 Dr. F . Gebali, PhD, PEng ECE Dept. Faculty of

Engineering Design Flow CAD Tools Summary Digital Design Methodology CENG/ELEC/SENG 399 Dr. F . Gebali, PhD, PEng ECE Dept. Faculty of Engineering http://www.ece.uvic.ca/ fayez 2012 c September 23, 2013 1 / 27 Engineering Design

673 views • 27 slides
Robots are becoming an essential part in the human evolution. Robots or machines can

Robots are becoming an essential part in the human evolution. Robots or machines can

Running head: Robotics 1 (Intelligent) Robotics Omar Alenezi Montana Tech at University of Montana Running head: Robotics 2 Abstract This paper covers robotic history and their advancement and contribute in various of fields. Then talked about

336 views • 15 slides
!"#$%&'(')"*#+',-."/0123/-'%-0' !1./"*%4 5617*',86**' 9*7*':%;%*'

!"#$%&'(')"*#+',-."/0123/-'%-0' !1./"*%4 5617*',86**' 9*7*':%;%*'

(N(EOL-0' P1.1"#',-.#"-#.'!#8.Q#0'R/"?86/D !"#$%&'(')"*#+',-."/0123/-'%-0' !1./"*%4 5617*',86**' 9*7*':%;%*' <8617*=#*7*>?%@A-*2.BC/B7D' E%3/-%4',-83.1.#'/+',-+/"$%3/-'%-0'F/$$1-*2%3/-8'

758 views • 63 slides
John hn Luk uke e Hill, Jr. (October 29, 1923 July 9, 2007) graduated from UT

John hn Luk uke e Hill, Jr. (October 29, 1923 July 9, 2007) graduated from UT

John hn Luk uke e Hill, Jr. (October 29, 1923 July 9, 2007) graduated from UT Law in 1947 and led a remarkable legal and public service career spanning 60 years. He is thus far the only person in Texas history to serve as

1.06k views • 49 slides

More recommend