PRESENTATION for the NUS (Singapore) security industry day
In a fully connected and complex world, solutions to problems in every sphere are no longer simple. Old techniques and thinking are pushed aside as non-linearity and emergent behavior become the norm. So, it is no surprise that security organizations globally on the ‘back foot’ and struggling to cope with agile enemies that are faster to innovate.
“Our challenge is to get ahead of the game by embracing a multiplicity of tools and techniques”
The theatre of the National Security has now expanded to simultaneously include: People; Companies; Governments; Devices; Networks; Services; Vehicles; Properties; LAND; SEA; AIR; SPACE; CYBER. Simple is no more! We have to think and operate across all these domains at the same time, and we have to become even more adaptive than the enemy.
“In an ideal world, our responses to Cyber and Terror would be automated and immediate”
The reality is that we continually expand the opportunity space for our enemies whilst we focus on isolation and containment. In contrast, the enemy operates across cooperative global market buying, selling and sharing knowledge and technologies. To survive, we have to do the same by connecting across all companies and government agencies. It is also essential that global cooperation is extended to new technologies such as the IoT from day one
“No nation is an island”
After briefly setting the wider scene we focus on the behavioural analysis of people and things, and auto-immunity for the IoT as exemplars of how we might think about future security solutions.
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Holistic security
1. H o l ist i c
Security
Peter Cochrane
cochrane.org.uk
University of Singapore
17 November 2017
2. what we know for sure
Attacks are escalating
The Dark Side is winning
The attack surface is increasing
Cyber disruption costs are growing
Companies do not collaborate and share
The attackers operate an open market
All our security tools are reactive
Attacker rewards are on the up
People are the biggest risk
There are no silver bullets
It is time to rethink our strategy and solution space
More of the same but
better & faster will not
change the game…
…we have to think anew
-get out of the box
and do something very
different !
3. C Y B E R w a r f a r e
A new and really big game changer
“The American Military can no longer
protect the nation”
4. C Y B E R w a r f a r e C O S T
Published numbers vary widely - all we can say is
the cost is big and getting bigger year on year
Top 10 economies only
5. C Y B E R w a r f a r e C O S T
Published numbers vary widely - all we can say is
the cost is big and getting bigger year on year
Top 10 economies only
All Nations are
Paying a price
6. T H E B I G P I C T U R E
Cyber security is no longer contained
The Dark Side are winning because
they are 100% committed and see
this war as total; a much wider
conflict than CYBER alone…
They are far more integrated and
sharing - than we are and operate
as a virtualised workforce driven
by money and evil intent…
We do not anticipate their innovation,
tactics, tools, attacks, and we don’t think
as they do…we are always on the back foot!
We need to:
8. R e l at i o ns h i pS
Criminals
T h e D a r k S i d e o f T h e F o rc e !
Rogue
States
Hackers
Politicos
Terrorists
9. responsibility
People have no security abilities
And why should they ?
It is not their problem !
They are just users and
victims of very poor
design and a lack
of support
Industry needs to step up to the
plate; take control; automate &
deliver turnkey solutions.
They sold the products
and services: and
should ensure all
operate safely &
problem free!
10. Dominated by
Government
Forces
Government, Military, Industry,
White Hats, General Population
Warfare continues to rapidly evolve,
and is now total, embracing: Politics
Media, Infrastructure, Institutions,
Financial Systems, Intel Agencies,
Industry, Banks,
Government, Homes,
Appliances, Health Care,
Emergency Services, Defence,
Military, Transportation Systems,
Farming, Food Production, Logistics,
Networks, Devices, Hardware,
Hardware, Software…+++
theatres of war
No longer a sole military preserve
AIR
SEA
LAND
SPACE
CYBERCYBER
11. CYBER EMBRACE
All peoples & all things in the loop
Autonomous Entities
Intelligences
Computers
Networks
Electronic
Electrical
Mechanical
Mankind
Population
ManandMan/MachineMadeThings
Humans Are The
Minor Players
Cyber is now a part of everything we do and
own; what we are - and there are now far
more machines than people
12. AT T A C K S U R F A C E
We a re c o m p o u n d i n g o u r p ro b l e m s
I N T E R N E T
M O B I L I T Y
I O T
A n d , M O R E :
U s e r s
Devices
S e r v i c e s
M o b i l i t y
Networks
B r o a d c a s t
Social Nets
C o m p l e x i t y
e C o m m e rc e
A p p l i c a t i o n s
Transactions
C o n n e c t i v i t y
O p e n A c c e s s
D i g i t a l i s a t i o n
I n f r a s t r u c t u r e
G ro w i n g Re w a rd s
++++
The tar get is growing!
13. W H O A R E T H EY
And their primary occupation ?
Possible
Recruit
Terrorist
Trainee
CIA Agent
Rogue
Gov Spy
Black Hat
Terrorist
Criminal
Terrorist
Recruitor
White Hat
Hacker
Police
Security
Agent
CEO/CIO
Social
Engineer
Cyber
Bully Malware
Breeder
Security
Consultant
14. W H O A R E T H EY
And their primary occupation ?
Possible
Recruit
Terrorist
Trainee
CIA Agent
Rogue
Gov Spy
Black Hat
Terrorist
Criminal
Terrorist
Recruitor
White Hat
Hacker
Police
Security
Agent
CEO/CIO
Social
Engineer
Cyber
Bully Malware
Breeder
Security
Consultantpeople are not just bad
and good in one domain
their habitualities are
permiate all domains
WHAT ARE THEIR DEVICES
communicating / hiding
To whom and what are
they communicating
15.
16.
17. W h at i s t h i s ?
A DDoS attack, or something more
Main Event ?
Decoy ?
Masking ?
Diversion ?
Tunnel set up ?
Infiltration ?
Intel Ops ?
Implant ?
Theft ?
Tests ?
+++
18. AXIOMATIC
Machines dominate
Number of Machines >> Number of People
They are by far the biggest communicators
Their sensory capabilities growing
Their intelligence is growing
T h e y a re a p a r t o f u s
We are a part of them
We enjoy an irreversible mutual dependency
“I think we can safely assume that they are collecting
vast amounts of data and information…and we do not
understand the significance of most of it”
19. AXIOMATIC
P r o b l e m s o l v i n g
“Our biggets and most complex cyber
security problems cannot be solved by
analogue methods, and that almost
certainly includes the human mind”
20. AXIOMATIC
P r o b l e m s o l v i n g
“Our biggets and most complex cyber
security problems cannot be solved by
analogue methods, and that almost
certainly includes the human mind”
A
AI AND Machine Help
has become vital
21. NEEDLE IN A NEEDLE STACK
A multi-tool challenge
People Surveillance
Communications
Employments
Associations
Individuals
Purchases
Networks
Habits
Social
Travel
Work
+++
Device/s Surveillance
Other Device Connect
Net Node Connect
Social Networks
eAssociations
eConnections
ePurchases
Locations
Habits
Travel
eMail
TXTs
Calls
Web
+++
A
Habits+Activities
GIVE VITAL CLUES
22. W HAT W E NOW NEED ?
An essentials shopping list is reasonably short
Global monitoring and shared situational awareness
Cooperative environments on attacks and solutions
Universal sharing of identified attacks/developments
Address cloaking & decoy customer sites/net nodes
Behavioural analysis of networks, devices, people
To continue and expand all established efforts
Auto-Immunity for all devices including IoT
Secure wireless channels - invisible signals
23. L ets e x aM I N E T H R E E
The grey items have been addressed elsewhere
Global monitoring and shared situational awareness
Cooperative environments on attacks and solutions
Universal sharing of identified attacks/developments
Address cloaking & decoy customer sites/net nodes
Behavioural analysis of networks, devices, people
To continue and expand all established efforts
Auto-Immunity for all devices including IoT
Secure wireless channels - invisible signals
24. Sociology of things
The sociology of things is not
understood and has yet to be
studied- and it is digital!
Relationships
The keys to the security kingdom
and behaviors
25. b e h a v i o u r a l a n a lys i s
People, devices, networks, components, things are habitual
Habituality identifies us
Any deviation indicates some form of change
26. b e h a v i o u r a l a n a lys i s
Network data shows a marked increase in activity
222120191817161514131210987654
Attack generated data
Normal data
27. Auto-immunity
Mirrors biological forebears
Applied everywhere 24 x 7
ICs
ISPs
WiFi
Hubs
LANs
Cards
Traffic
Servers
Circuits
Devices
Internet
Networks
Organisations
Companies
Platforms
Groups
People
Mobile
Fixed
29. A Multiplicity of channels
Attack detection/exposure/thwarting using access diversity
BlueTooth
Short Range
Device to Cloud
Device to Device
WiFi, WiMax
Medium Range
WLAN/Cloud
Integrated and intelligent
security systems embedded
into all products and components
ZigBe/Other ??
Car-to-Car Direct
Communications
Defence opportunities in channel/device/system diversity
A wide plurality of channel detection and protection
Attacks almost never isolated or single sourced
Not restricted to single channel/attempt
Secure attack and infection isolation
Diverse immunity/support access
Distributed info sharing
GEO info location
3, 4, 5 G
Long Range
Device to Net
Device to Cloud
SatCom
Broadcast
30. A uto - i m m u n ity
F i g h t i n g f i r e w i t h f i r e
31. Infinite IoT WirElesS
Sans channels, bands & regulation
“ T h e r e i s n o b a n d w i d t h c r i s i s , a n
adherence to the past, limited thinking,
bad design and engineering….we have to
rethink the day and not be constrained by
the past”
32. Where it all started
Fork lift radio - analogue - long distances - lots of power
CW, AM, FM, SSB+++
P2P Fixed, Broadcast+++
LW, MW, SW, VHF, UHF+++
Terrestrial, Maritime, Airborne+++
~30Bn fixed and mobile
broadcast radio & TV receivers
dominate followed by simplex
voice transceivers
33. Big cells and n x1000s of towers
Fast forward
~7Bn live devices on 3/4G
connected to a global net of
duplex voice & data comms
• Digital modes only
• Personal mixed use and traffic
• Static base stations dominate
• Terrestrial concentration
• Large cells <20km
34. Does everything, but badly
THE BIG FIX ?
5g
• Replaces optical fibre
• Outguns 3 & 4G
• Gbit/s everywhere
• Will dominate the IoT
• +++++
• Cooks a chicken
• Improves your sex life….
35. Observations
It is a miracle it all works
Protocols very inefficient
We avoid interference by dynamic juggling!
The spectrum shortage is an illusion
We seldom use more than 20% of the available space
5G unlikely to be a big player
It cannot fully service the IoT
We need more than incrementalism
More bands, channels, modulation and coding schemes are not enough
36. n e w d i r e c t i o n S
From connected people to connected things
People
~10Bns
Traffic
~1 Bn
Goods
~100Bns
Components
~1 Tn IoT
37. E n e r g y l i m i t a t i o n S
We cannot realise such a future using our current approach
Internet and connected devices ~ 10% of all energy generated
What would 50, 250 or 1000Bn IoT devices demand ?
We have to get down from mW to µW, nW and pW
This demands ‘simplicity’ of processing and communications
38. N e w M o d e s
More things linking off net than on
Most THINGS will never connect to the internet
THINGS will want to network and connect with other THINGS
The IoT is entirely evolutionary and not just revolutionary
New sporadic networks and associations will occur
39. one size fits all - not!
We are going to need a multiplicity of technologies
Cost Per Unit ~ 0 - 20 £, $, €
Size of Units ~ 1 - 50 mm3
Power Used ~ pW - mW
Single Chips Rule
40. C o n t i n u e t W e a k i n g ?
This heritage/thinking cannot possible get us there
41. The Illusion of scarcity
Why do we do this - it is largely legacy thinking
42. The Illusion of scarcity
Why do we do this - it is largely legacy thinking
Actually the
spectrum
is m
ostly unused!
43. A dense london location
~50k WiFi nodes within a 1km radius of Liverpool St
44. New Opportunities
High loss is a short distance/reuse +++
God Given Spatial Filters
Status Quo
Leave well
alone
New Territory
and new
opportunities
Continues untouched
All modulation
schemes from
the past +new
New modulation
schemes & modes
including hyper
Direct Sequence
Spread Spectrum
45. The Illusion of scarcity
Why do we do this - it is largely legacy thinking
far too complex & expensive
Unfit for the IoT purpose - especially at 30 - 300 GHz
46. N e w O p p o rt u n i t i es
High loss ideal for short distance/reuse +++
Direct Sequence
Spread Spectrum
HYPER
Direct Sequence
Spread Spectrum
47. S/N dB
BW Hz
Duration
T seconds
Volumetric representation of S/N, BW and Time
Claude Shannon 1945/46
I = B.T log2(1 + k.S/N)
I ~ B.T.K.S/NdB
vv
Back to basics
k.S/N >> 1
48. The same information transmitted in 3
different modes exploiting S/N, BW and T
S/N dB
BW Hz
Duration
T seconds
degrees of freedom
49. S/N dB
BW Hz
Duration
T seconds
In the Extreme
‘Waste Bandwidth’ to push the Signal Below the Noise
Filters
Coding
Modulation
Timing Recovery
Amplifiers & Mixers
Jitter
Phase Noise
Doppler Shift
Frequency Stability
Multi-Path Propagation
Negated
50. BW ~ 500MHz
All digital no analogue elements - mixers, amplifies, filters
UWB ON AFTERBURNERS
From UWB
To HWB Hyper Wide Band
BW ~ 50GHz
SIGNAL CODING/Error Correction => Bit Counting/Averaging
1bit/Hz
0.01bit/Hz
51. Antennas spanning huge
frequency ranges are a non-
trivial problem…and whilst
fractal antennas are seen to
be (theoretically) the holy grail,
no one has yet succeeded in
realising fully workable designs
Challenge
52. For the usa army
The cyber war HAS
becomE Just war
Thank You
www.cochrane.org.uk