1 / 50

Shit Happens!

Shit Happens!. Robert Ghanea-Hercock Chief Researcher in Centre for Information & Security Systems Research, BT Innovate 2009. A D A S T R A L P A R K. EXCHANGE IN GREENOCK WITH OPERATORS CIRCA 1908. Unleashing open innovation. Customers. BT FON. BT Vision. Future services.

bunny
Download Presentation

Shit Happens!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shit Happens! Robert Ghanea-HercockChief Researcher in Centre for Information & Security Systems Research, BT Innovate 2009

  2. A D A S T R A L P A R K

  3. EXCHANGE IN GREENOCK WITH OPERATORS CIRCA 1908

  4. Unleashing open innovation Customers BT FON BT Vision Future services BT Snap&Send

  5. Motivation • Autonomous Cyber Defence Solutions • Where we are • In trouble! • Research • Biology & Artificial Immune Systems • Self* systems • Complex Networks, Dynamics and Topology • Conclusions

  6. Next Generation Web Research Semantic Business Intelligence ICT Infrastructure Virtualisation Policy based management Service Management Research Adaptive ICT Automated management of network, storage and computing Information Security Research Security Architectures Research Enterprise Risk Research Overview of Centre for Information & Security Systems Research

  7. BT Pervasive ICT Centre

  8. Real-time performance & risk intelligence

  9. Motivation • Static network security techniques are failing • Cyber Defence must become Adaptive & Autonomous • Goal: Resilient and self-healing Enterprise systems

  10. Biological Defence as a model • Artificial Immune Systems (Forrest et al) • Biological defence examples • External (teeth, claws etc) • Internal (lymphatic network & immune system) • Social networks in animal groups (Soldier Ants, herding, swarms..)

  11. The Problem • Attacks occur at machine speed 10-6 sec • Responses at human speed 103 sec • Economics trades cost of response with risk • Information Assurance boring • Business Continuity, dull and expensive • Humans are very, very, bad at risk assessment

  12. Network Dynamics & Topology • Topology impacts spread of viral/self-replicating processes (Satorras & Vespignani 2001) • “Error and attack tolerance in complex networks”, Albert R., Jeong H., and Barabási A., Nature 406 , 378 (2000). • In a Small-World: Topology counts

  13. Past & Future Defence

  14. Simulated tactical network under attack

  15. With adaptive link allocation

  16. NetStress Topology Analysis Toolkit

  17. BT Pervasive ICT Centre BT Exact - Agent Immunology Model Agent-based Modelling of Anti-viral systems • Two-dimensional discrete spatial world model, in which a population of artificial agents interact, move, and infect each other: based on the Sugarscape model (Epstein and Axtell 1996). • Cooperative exchange of simulated antibodies, used to create group immunity • Built on the REPAST agent toolkit from the University of Chicago (http://repast.sourceforge.net/).

  18. Graph showing decrease in average viral infection level without, and with shared antibodies between agents.

  19. Nexus Middleware • Smart middleware for resilient & agile ICT Services • Enables flexible applications composed of services + sensors in dynamic and unreliable networks • Emphasis on • Robustness • Adaptivity • Runtime flexibility/re-configurable • Rapid deployment • Low cost

  20. Rules of Resilience • Engineer the Network to fail gracefully • Incorporate multiple-layers of defence (Defence in Depth) • Use robust response mechanisms • Design out human options: choices = threats • Resilience not Optimality

  21. P2P Networks • A virtual overlay network • Very resilient • Highly adaptive • Low cost deployment • Automatic load balancing (e.g. Bittorrent) • BBC iPlayer = 5% UK traffic, 1 Million shows/week • But • Challenges: security and management e.g. Marine One

  22. BT Pervasive ICT Centre PHOBOS P2P Agent Authentication Agent-based user authentication model

  23. Goal Creation Goal Creation Service Interaction Service Interaction KnowledgeManipulation KnowledgeManipulation UserAssistance UserAssistance Execution Execution Composition Composition Querying/Retrieval Querying/Retrieval Discovery Discovery Monitoring Monitoring Substitution Substitution Selection/Allocation Selection/Allocation RPC/RMI RPC/RMI Publish/Subscribe Publish/Subscribe Streaming Streaming Multicast Multicast Technology Stack Interaction Layer Process Management Layer Resource ManagementLayer Communication Layer SOA P2P Semantic Web Information Integration Agents & AC

  24. BT Pervasive ICT Centre Neural Adaptive Network Algorithm (SCAN) • Algorithms for resilience in P2P middleware • Frequency Rule • Feedback rule • Decay rule • Dynamic Growth Rule • Constrained virtual connection Rule

  25. SCAN network resistance to a targeted attack (i.e. nodes with high degree k)

  26. Nexus Architecture

  27. Cyclone • Visual Data Mining • Not just data visualisation • Mixed-initiative operation • Automatic clustering & User feedback • Learning to cluster better & auto-categorise • Artificial neural network • Minimising cognitive load / Maximising tag quality • Tag suggestion

  28. Cyclone • Categorisation of unstructured information

  29. MoD CWID 2008

  30. The Cyclone Framework • Categorization Process 2009 IEEE International Symposium on Intelligent Agents (IA 2009), Nashville, Tennessee, USA - 30th March 2009

  31. The Cyclone Framework • Force-based Visual Clustering 2009 IEEE International Symposium on Intelligent Agents (IA 2009), Nashville, Tennessee, USA - 30th March 2009

  32. The Cyclone Framework • Force-based Visual Clustering • Simulated Physical Forces • Attracting and Repelling Forces • Cosine Similarity to determine Force weights 2009 IEEE International Symposium on Intelligent Agents (IA 2009), Nashville, Tennessee, USA - 30th March 2009

  33. The Cyclone Framework 2009 IEEE International Symposium on Intelligent Agents (IA 2009), Nashville, Tennessee, USA - 30th March 2009

  34. Human factors

  35. Conclusion • Cyber Defence must become autonomous • Self*, P2P, Topology design, Dynamics • Autonomy vs. Control debate • More research required • Resilience as a design principal • Pagodas • Dependability needs sophisticated risk analysis • Human Factors • Simpson's

  36. Questions • How autonomous should Cyber Security become? • Is there any alternative? • Will AI become a threat?

  37. Links • BT Security Solutions • http://www.counterpane.com/ • UK Cyber Security KTN • http://www.ktn.qinetiq-tim.net/ • Santa Fe Institute • www.arcs-workshop.org

  38. Contact Dr Robert Ghanea-Hercock robert.ghanea-hercock@bt.com

  39. BT Pervasive ICT Centre

More Related