2011 USSTRATCOM Cyber and Space Symposium
Session Seven: Panel: Alternative Futures for Cyber and Space
Panelist:
Mr. James M. Brase
Deputy Program Director for Intelligence
Office of Strategic Outcomes
Lawrence Livermore National Laboratory
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
2011 USSTRATCOM Cyber and Space Symposium Session Seven Mr. James Brase
1. Rethinking Cyber R&D for
Compromised Environments
Jim Brase
Lawrence Livermore National Laboratory
Lawrence Livermore National Laboratory
2. Nuclear Weapons Science and
Engineering
Intelligence and Network
Laser Science and Analysis
Technology
Earth and Atmospheric
Science Chemistry and Materials
High Performance
Computing
Lawrence Livermore National Laboratory 2
3. The rapidly evolving Information network environment
• No such thing as a perimeter – mobility and cloud – your network is
everywhere
• Convergence and proliferation increase attack paths
• Growing adversary capabilities – polymorphism, persistence, …
Lawrence Livermore National Laboratory 3
4. Deterrence is limited Prevention is limited
• Growing cost asymmetries • No path to defect-free systems
• Limited attribution – lack of • Global hardware and software
identity supply chains
Capable adversaries are and will be in our systems and
networks
Lawrence Livermore National Laboratory 4
5. To do this we need new
capabilities
• Situational awareness – Know
the network and its activities at
full-scale and in real-time
• Predict network behaviors - how
the mission will interact with the
network and how defensive
activities will affect it
• Adapt protection and response
for the specific activity,
environment, and threat
resilience
Lawrence Livermore National Laboratory 5
6. Developing a new R&D roadmap for mission assurance in
compromised environments
• Using supercomputers to analyze mission
risk
• How does mission performance degrade if
the network is compromised?
• Predicting the security properties of
complex network systems at full scale
• Cyber situational awareness at scale
Situational awareness through machine
• Rapid, continuous, low-impact network
learning and graph analytics
mapping
• Behavioral anomalies in high-speed streams
• Move from perimeter awareness to
awareness over the full network
Thousands of simultaneous real-time
behavioral models
• Real-time active defense measures –
Adapting defenses in real-time to match the
current threat and environment High-fidelity mission simulation at full-
scale
Lawrence Livermore National Laboratory
7. Operations are informing the science – but the
transition from science back to operations is critical
The DOE/NNSA Labs are working
together to develop government
partnerships to transition R&D in
• Network situational awareness
• Low-impact network mapping
• Multisource network characterization
• Real-time anomaly detection
• Predictive network analysis
• Simulation for mission risk analysis
• Rapid reverse engineering tools
• Malware fingerprinting and attribution
Lawrence Livermore National Laboratory
8. Expanding the set of Enabling secure
innovators operations
• Access to resources • Secure, authenticated
– computation, data, threat information
tools Trusted sharing
Incubation Information • Sharing product and
• Enable broad
Sharing best practices
participation in
development experience
• Managed by UC
Berkeley
Research &
Development
Education and outreach
Building R&D foundations • Education and outreach
• Roadmaps for R&D and policy Education programs transition concepts
• Foundational R&D projects – into practice
behavioral analytics, simulation, • Workshops on technology-
vulnerability analysis policy integration
Lawrence Livermore National Laboratory