SoS Lablet Quarterly Meeting at Urbana-Champaign, July 26–27, 2016

 

 
SoS Logo

Lablet Quarterly Meeting at Urbana-Champaign

July 26–27, 2016

 

Urbana, IL
July 28, 2016

Researchers and NSA meet, discuss Science of Security Resiliency Hard Problem

The summer 2016 quarterly Science of Security (SoS) Lablet Meeting, sponsored by NSA, was hosted at the University of Illinois at Urbana–Champaign (UIUC) July 26 and 27, 2016. David Nicol, Principal Investigator at UIUC, chaired the event. Lablet researchers shared current research and stimulated thought and discussion about the Science of Security hard problem of resiliency. A workshop, five technical papers, a keynote, and an industry panel provided an opportunity for researchers to interact with each other and with guests from the government and industry. 

The keynote by Roger Hill, CTO of Veracity Security Intelligence, addressed “An Industry Approach to a Foundational Security Platform Through the Use of Software Defined Networking for Industrial Networks.” He began with an overview of industrial control systems’ layers: the Enterprise zone, DMZ, and manufacturing, security, and safety zones. Identified problems include visibility of the systems (unknown assets, no active scanning), complexity (long life cycles/mixed modes, lack of SMEs), and risk (misconfiguration, misuse, emerging and targeted threats). Challenges include operational requirements at odds with cybersecurity needs, limited security controls at the switch, no auditing, frequent misconfigurations, and redundancy increase complexity. “Leveraging SDN technologies, [his company] gives industrial operators complete situational awareness for asset identification and management, client-defined security zones, and threat-based incident response in near real-time. Our approach improves the reliability, efficiency, and security of OT networks without adding additional layers of complexity to the network,” he said.

The Workshop on Cyber Resilience with James Holt, Steve Danko, and Ahmad Ridley, Department of Defense was enthusiastically interactive. Panelists and the audience offered a range of comments about how to produce research that disrupts the adversary’s ability to get in, stay in, and act within our systems and networks. The targeted impact of this research should, according to the panel, reverse the asymmetry between attack and defense, develop enterprise-level “sense making” using disparate data, reduce operator overload, redefine productivity in terms of enabling proactive actions versus reactive information sifting, and fully engage the research community. Their recommended approach:  to advance multi-year research that builds foundational science to “human-aided, system-driven, and automated response.”

Jim Lenz, John Deere; Mark Scott, Forcepoint; and David Greve, Rockwell Collins offered an industry panel providing their views and interacting with the SoS research audience. Asked what gaps they see in advancing security that a science of security could help solve, they answered they are looking for more research analytics for threat detection; modelling; biometrics; quantum crypto; MANETs; VMs; locking down desktop environments at the hypervisor level; multimedia; general malware and ransomware; and hardening the code they write. 

Technical research presentations included papers by each Lablet.  David Garlan, Carnegie Mellon University, addressed “Improving Resilience through Synthesis of Adaption Strategies.” “Measuring Perceived Privacy Risk in Cybersecurity Information Sharing” was offered by Travis Breaux, also from Carnegie Mellon University.”  Bill Sanders, University of Illinois at Urbana-Champaign, presented  “A Quantitative Methodology for Security Monitor Deployment.”  Michael Reiter, University of North Carolina at Chapel Hill, spoke on “Simplifying Software-defined Network Optimization Using SOL [SDN Optimization Layer].”  “Evidence Based Cyber Security: Suggestions and Recommendations for Building Cyber Resiliency against System Trespassing Events” was presented by David Maimon, University of Maryland. The slides forming these presentations will be posted on the CPS-VO web page at: http://cps-vo.org/group/SoS  (login required).

Adam Tagert, Science of Security Technical Director, National Security Agency Research Directorate spoke on the basics of the Science of Security program—how to move to a scientifically sound approach. “R-2’s goal,” he said, “is to promote rigorous, generalizable, predictable, foundational, and replicable research into the Science of Security.”

More than twenty excellent student poster presentations provided an opportunity to see a range of Science of Security research and to discuss issues, methods and findings. The posters will also be available on the SoS VO web page.

The next lablet quarterly meeting will be held in October 2016 in Maryland.

(ID#: 16-11372)