Improvement in our cybersecurity posture results from a combination of advanced reactive techniques, operational risk mitigation measures, and the construction of better software. Multiple lifecycles, including software development and operations, must be brought together and enhanced with a common structure of evidence to improve the confidence we have in our software-based systems in a quantifiable way. In this context, we are pursuing multiple technologies and methods, from machine-readable requirements, code and evidence generation amenable to formal analyses, and virtual integration to automated analysis of binary code artifacts and reverse-engineering. Where formal exhaustive validation and verification are challenged (primarily due to complexity), guided testing helps to enhance the evidence available to make better risk-informed deployment decisions and, ultimately, a reduced cybersecurity attack surface.
Technological advances and novel applications, such as sensors, cyber-physical systems, smart mobile devices, cloud systems, data analytics, and social networks, are making possible to capture, and to quickly process and analyze huge amounts of data from which to extract information critical for security-related tasks. In the area of cyber security, such tasks include user authentication, access control, anomaly detection,user monitoring, and protection from insider threat. By analyzing and integrating data collected on the Internet and Web one can identify connections and relationships among individuals that may in turn help with homeland protection. By collecting and mining data concerning user travels and disease outbreaks one can predict disease spreading across geographical areas. And those are just a few examples; there are certainly many other domains where data technologies can play a major role in enhancing security. The use of data for security tasks is however raising major privacy concerns. Collected data, even if anonymized by removing identifiers such as names or social security numbers, when linked with other data may lead to re-identify the individuals to which specific data items are related to. Also, as organizations, such as governmental agencies, often need to collaborate on security tasks, data sets are exchanged across different organizations, resulting in these data sets being available to many different parties. Apart from the use of data for analytics, security tasks such as authentication and access control may require detailed information about users. An example is multi-factor authentication that may require, in addition to a password or a certificate, user biometrics. Recently proposed continuous authentication techniques extend access control system. This information if misused or stolen can lead to privacy breaches. It would then seem that in order to achieve privacy we must give up privacy. However this may not be necessarily the case. Recent advances in cryptography are making possible to work on encrypted data – for example for performing analytics on encrypted data. However much more needs to be done as the specific data privacy techniques to use heavily depend on the specific use of data and the security tasks at hand. Also current techniques are not still able to meet the efficiency requirement for use with big data sets. In this talk we will discuss methods and techniques to make this reconciliation possible and identify research directions.
Modern vehicles are already partially cyber controlled, using both computers and wireless networking. In the future, vehicular ad hoc networks will support intervehicle communications that allow faster, safer, easier travel on our roads. Some vehicles will even be largely autonomous, using their computers, sensors, and networks to drive themselves with little or no human intervention. However, the increased reliance on computers and wireless networks to drive our vehicles brings with it new security threats, some of which have already begun to emerge. This talk will cover some of the major threats to vehicular networks and autonomous vehicles and describe solution approaches to these problems that will threaten our driving safety.
This is a talk for a general audience, describing my experience and resulting views on what the computer security problem is. It begins by examining the nature of threats and investigates the causes of insecurity. It presents some at some illustrative examples to illustrate the ideas. It closes with some guidelines for building more secure computing systems.