by: International Cyber Center, George Mason University, and
When: February 14 : 0800 to 1230
Where: Lincoln Hall 155, National Defense University
Directions to NDU and Fort McNair map are at
Points of Contact:
Dr. Alenka Brown, NDU BrownVanHoozerS@ndu.edu
Dr. James Keagle, NDU Keaglej@ndu.edu
Dr. Arun Sood, GMU email@example.com
For Registration Questions: James Burchill firstname.lastname@example.org
Keynote Speaker: General Harry Raduege (Ret)
To Register Click Here
0800-0830 Registration and Networking
Dr. James Keagle, Distinguished Research Fellow, Center for Technology and National Security Policy, National Defense University
0840-0900 Introduction to Workshop Series and Keynote Speaker
Dr. Arun Sood, Professor
& Co-Director, International Cyber Center, George Mason University
0900-0945 Keynote Speaker:
Lt. Gen (Ret.) Radeuge, Chairman, Deloitte Center for Cyber Innovation
0945-1000 Question and Answer Session
1000-1015 Coffee Break
1015-1115 Requirements and Forms of Resilience
Moderator: Dr. James Keagle, Distinguished
Research Fellow, CTNSP
1115-1215 Implementation of Recovery Driven Resilience
Moderator: Dr. Vitalij Garber,
former Deputy Undersecretary of Defense for International Programs and
1215-1230 Closing Remarks
Motivation and Theme
The increasing reliance of government, business and not-for-profit sector on computing infrastructure has provided our adversary with an opportunity to gain advantage by launching organized, targeted, and coordinated attacks. The attackers have several motivations, including: (1) desire to steal specific intellectual property or personal information; (2) vandalism instinct leading to defacement and reduced availability on the internet.
The current approaches to cyber security are reactive and rely on our ability to identify the vulnerabilities in our systems and model attacker strategy. These are difficult tasks. To illustrate the complexity, we note that Symantec reports encountering 286 million unique variants of malware in 2010.
In this workshop we explore additional mechanisms for increasing the resilience of national cyber assets. The focus is on delivering service even in the presence of a successful attacker in the system. A resilient system provides critical services even though there is an on-going system breach – the performance is likely to be affected though in most cases the impact is not noticeable by the users. To achieve higher level of resilience, we examine alternative strategies, and expect the addition of a proactive element to the current reactive approach. In this quest we are motivated by analogs in engineering and medicine. (1) To increase reliability of systems, engineers device strategies to reduce the failure rate and also reduce the time for failure. Optimal solutions find a balance between the cost of increasing MTTF and the cost of reducing MTTR. (2) Vaccines have been developed to immunize the population and reduce the risk of spreading disease. But these often require booster shots. The flu vaccine is recommended every year and incorporates protection against 3 most likely flu viruses for the next year. Although it is not perfect, it reduces the intensity of the infection and speeds recovery.
The IT cost containment strategies have relied on reducing redundancy and adopting standards. Cloud computing and mobile computing are two examples of this thrust. These strategies have the undesirable consequence of enabling the attacker to successfully use the same attack methodology against a number of targets. We conclude that intrusions are inevitable, and we should focus on adding other protection mechanisms to the cyber security quiver. In this workshop we explore restoration and recovery mechanisms that will enhance the system resilience.
In future workshops of this series we expect to focus on approaches driven by fault and intrusion tolerance; decoys and deception; intrusion avoidance and malware removal; rapid reconfiguration and diversity; capital and operations costs; policy requirements; human factors and information overload etc.
Workshop Information Pack
Please CLICK HERE to download the information pack.