This project investigates the hard problem of resilient architectures from the standpoint of enabling new potential for incorporating privilege separation into computing systems. However, privilege separation alone is insufficient to achieve strong security guarantees. It must also include a security policy for separated components without impacting the functional requirements of the system. The general hypothesis of this project is that, legacy computing systems contain emergent properties that allow automatic software partitioning for privilege separation capable of supporting practical least privilege security policies.
Team
PIs: William Enck & Xiaohui (Helen) Gu
Students: Adwait Nadkami, Tsun-Hsuan (Anson) Ho, Ashwin Shashidharan
Welcome to C3E2013!
Now in our fifth year, we'll gather again at West Point later this October to continue our exploration of work begun during the April 2013 mid-year event by focusing in two areas:
Drawing upon past C3E themes of predictive analytics, visualization, decision-making and others, we’ll take C3E into its fifth year by focusing in two key areas:
Welcome to C3E2013!
Now in our fifth year, we'll gather again at West Point later this October to continue our exploration of work begun during the April 2013 mid-year event by focusing in two areas:
You have been invited to attend the C3E Weekly Planning Meeting on Friday August 2, 2013 from 12:30PM - 1:30PM.
Conference Call-In Line: 1-605-475-4350
Access Code: 783 6212
To ensure the the CPS-VO's e-vite capability will work to our standards for C3E 2013, I have created a "test invition" for this week's C3E planning meeting. Please follow the instructions to either Accept or Decline the invitaiton for this week's meeting. Feedback is greatly appreciated!
Thank you!
Test event
The 2013 third quarter Science of Security quarterly Lablet meeting will be held at Carnegie Mellon University on Thursday, September 26th and Friday, September 27th. The meeting for both days will take place on the CMU Campus in the Gates-Hillman Center room 4405.
The first day will feature open workshop sessions, focused on two topics: (1) Addressing usability and security challenges through design and empirical methods, (2) Addressing challenges of scale through composable modeling and analysis.
The second 2013 quarterly Science of Security lablet meeting will be hosted by David Nicol and Bill Sanders, at the University of Illinois in Urbana-Champaign.
Cyber security is a global phenomenon. For example, recent socially-engineered attacks that target CEOs of global corporations appear to be instigated by the Chinese group dubbed the “comment crew.” In their 2011 survey Symantec found that the number one cyber risk business concern was external cyber-attacks, followed by concerns about both unintentional insider error (2nd risk) and intentional insider error ( 3rd risk). Analysis by Verizon’s cyber forensics team indicates that the massive increase in external threats overshadows insider attacks. Despite the increase in external threats little is known about the source of such threats; or the global implications this evolving threat environment.
At the global level, cyber security requires not only attribution and forensics, but harmonized laws and effective information sharing. In spite of this growing consensus there is still little empirical understanding of the global cyber threat environment, an understanding that is critical for forensics. Currently, many cyber theories are based on anecdotal evidence and case studies. However, the science of security needs a strong empirical base for strong theory. It is now possible to create such an empirical base as companies like Symantec have been amassing large quantities of data on attacks. In contrast to much of the work in cyber security we take a socio-technical approach looking at the human element. As such, we postulate that the potential severity of the threat is a function of the political environment rather than the just the technology.
The objective of this project is to empirically characterize the global cyber threat environment and to test this hypotheses using Symantec data. A virtual machine will be constructed and global data on the threat network (which IP attacks which) attributed by location, type of attack, severity and potential impact will be collected by time period. The resultant geo-temporal network will then analyzed at the global level controlling for factors such as machines per country, internet access and the interstate hostility and alliance. The proposed research will create a global mapping of the threat environment, changes in that environment, and its relation to geographical and political factors. This will provide an empirical baseline for reasoning about the threat environment. An empirical basis is critical for the growth of science.
|
Internet Access – Red High Blue Low |
Dr. Kathleen M. Carley is a Professor of Computation, Organizations and Society in the department – Institute for Software Research, in the School of Computer Science at Carnegie Mellon University & CEO of Carley Technologies Inc. Dr. Carley is the director of the center for Computational Analysis of Social and Organizational Systems (CASOS) which has over 25 members, both students and research staff. Dr. Carley’s received her Ph.D. in Mathematical Sociology from Harvard University, and her undergraduate degrees in Economics and Political Science from MIT. Her research combines cognitive science, organization science, social networks and computer science to address complex social and organizational problems. Her specific research areas are dynamic network analysis, computational social and organization theory, adaptation and evolution, text mining, and the impact of telecommunication technologies and policy on communication, information diffusion, disease contagion and response within and among groups particularly in disaster or crisis situations. She and the members of the CASOS center have developed infrastructure tools for analyzing large scale dynamic networks and various multi-agent simulation systems. The infrastructure tools include ORA, AutoMap and SmartCard. ORA is a statistical toolkit for analyzing and visualizing multi-dimensional networks. ORA results are organized into reports that meet various needs such as the management report, the mental model report, and the intelligence report. Another tool is AutoMap, a text-mining system for extracting semantic networks from texts and then cross-classifying them using an organizational ontology into the underlying social, knowledge, resource and task networks. SmartCard is a network and behavioral estimation system for cities in the U.S.. Carley’s simulation models meld multi-agent technology with network dynamics and empirical data resulting in reusable large scale models: BioWar a city-scale model for understanding the spread of disease and illness due to natural epidemics, chemical spills, and weaponized biological attacks; and Construct an information and belief diffusion model that enables assessment of interventions. She is the current and a founding editor of the journal Computational Organization Theory and has published over 200 papers and co-edited several books using computational and dynamic network models.