cyberspace - a global battlespace?

14
Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.

Upload: orde

Post on 11-Jan-2016

32 views

Category:

Documents


0 download

DESCRIPTION

Cyberspace - A Global Battlespace?. Joel Ebrahimi Solutions Architect Bivio Networks, Inc. A Hacker’s Opportunity is Target Rich!. Joe Hacker. Enterprise Personal Credit Card Government Military secrets Nuclear Information Medical Records Criminal Records - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Cyberspace - A Global Battlespace?

Cyberspace - A Global Battlespace?

Joel EbrahimiSolutions ArchitectBivio Networks, Inc.

Page 2: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

A Hacker’s Opportunity is Target Rich!

Enterprise– Personal – Credit Card

Government– Military secrets– Nuclear Information– Medical Records– Criminal Records– Classified Secrets and Information– Control of Physical Infrastructure

• Power• Electrical• Water

2

Joe Hacker

Page 3: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Exploitation EvolutionWhile we look at the evolution trend, it should be noted that the less severe exploits have not gone away. They still exist today and have even increased in numbers. The problem is that we also have to deal with exploits that now affect our national security.

Experimentation / Notoriety

Hacktivism / Defacements

Criminal Enterprise

Espionage / Cyber Terrorism

Page 4: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Hacking Hotspots and Trends

CHINATargeting Japan, U.S., Taiwan and perceived

allies of those countries; Falun Gong targeted also

INDIA-PAKISTANWorldwide targets,

Kashmir-related and Muslim-related defacements

MIDDLE EASTPalestinian hackers

target Israeli websites; some pro-Israel

activity

WESTERN EUROPE

Cyber-activists with

anti-global/anti-capitalism goals; some malicious

code

BRAZILMultiple hacker groups, many mercenary;

random targets

EASTERN EUROPE/RUSSIA

Malicious code development; fraud and

financial hacking

U.S.Multiple

hacker/cyber-activist/hacktivist groups; random

targets

Page 5: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Is the threat real?

5

Page 6: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Its Real and Happening Now!Stuxnet

Cyber Espionage

DDOS attacks in Estonia

Attacks on Booz Allen Hamilton

Breach of defense contractor computers that let hackers get at information on the Joint Strike Fighter

Power grid compromised

Repeated attacks on .gov websites

Real growing threat of cyber terrorism

6

Page 7: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

The Threats

Malware– Worms– Trojans– Rootkits– Spyware

Remote of local exploitation

Botnets

Page 8: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

A Transforming Network

Explosion in usage, applications, devices, protocolsBasic networking problems remain– Security– Information assurance– Cyber defense– Awareness– Control

Network role transition from connectivity to policyKey Enabling Technology: Deep Packet Inspection

Page 9: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Deep Packet Inspection (DPI)

Set of technologies enabling fine-grained processing of network traffic

Common analogy: processing regular mail based on letter contents vs. address

Not a solution or an application!

L2 L3 L4 L5 – L7

EthernetInternetProtocol

(IP)

TransportLayer

(TCP/UDP)

• Email, IM• Web

• File Transfer• Peer-to-Peer (P2P)

• Viruses

• Intrusions

• Worms

Page 10: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

L3/4 analysis clearly not granular enough– Source/Destination often irrelevant

Most information is in the payload– Deeply embedded– Context dependent– Dynamic

Tunneling makes outer protocols/headers insufficient

Correlation between flows and payload often crucial

Threats are real-time and dynamic; response can’t be– DPI is real-time networking analog to off-line analysis– Dramatically shortens threat identification and response

Why DPI?

Page 11: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

The Right Technology

Scalability: variable throughput, computation

Performance: – Computational: full packet inspection– Network: wire-speed

Flexibility: software is king

Customization: each mission different

Adaptability: inherent in space

Active/Passive: monitoring and enforcement

Multi-function: parallel tasks

Standardization: Avoid proprietary environments

Rapid deployment

Page 12: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Protecting The FutureInfrastructure– Focus on high-compute/high-throughput

• System design• Semiconductors

– Keep pace with networking advances• 40Gb/s • 100Gb/s

– Storage integration• Data Retention• Post-processing

Applications– Increased sophistication of protocol analysis– Increased cross-flow analysis– Information sharing between applications– Dynamic threat response

Page 13: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

SummaryThreats are already here

Cyber Terrorism is real

The network is changing and growing

DPI technology underlies future networking

Core technology for National Security requirements

Challenges addressed in rapidly advancing market

Significant innovation into the future

Page 14: Cyberspace - A Global Battlespace?

©2010 Bivio Networks, Inc.

Not just a presenter, this is what I do

Special purpose networking devices

10Gb/s+

High compute capacity

Throughput and compute scaling

Linux development environment

Multi-application support

Joel [email protected] Networks, Inchttp://www.bivio.net

Thank You!