SlideShare une entreprise Scribd logo

Scaling Cyberwarfare (Roelker)

Michael Scovetta
Michael Scovetta

Presentation from the Colloquium on Future Directions in Cyber Security on Nov 7, 2011.

TechnologieFormation
1  sur  7
Télécharger pour lire hors ligne
Dan Roelker Program Manager, Information Innovation Office Scaling Cyberwarfare DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
Cyberartisan production doesn’t scale All cybertools have a limited shelf-life and operational relevance Cyberartisan Automation Skill Individual Technology-based Level of effort Manually intensive Mass produced Cost/Benefit “Too big to fail” Cost effective Approved for Public Release, Distribution Unlimited.
Program: Binary Executable Transforms (BET) Identify Extract Combine 1 1 1 Binary A 2 1 2 3 1 2 3 2 1 3 2 Binary B 1 2 2 1 2 3 1 3 2 1 1 Binary C 2 3 1 2 1 2 3 1 2 BET Basic Research Areas Automated combinatorial approach to software development given requirements could provide novel outcomes and diverse binary sets BET identifies and extracts functional components from binary executables with potential for reusing components in new combinations Approved for Public Release, Distribution Unlimited.
Hacker vs. Hacker approach doesn’t scale Skill Level Not everyone can be the cyber equivalent of a Navy SEAL Scaling Limitations Force size Execution speed Tactical depth We don’t win wars by out-hiring an adversary, we win through technology Approved for Public Release, Distribution Unlimited.
Limitations to the Hacker vs. Hacker approach Cyberwarfare is executed at the speed of light . . . Force Size Limitations #of people trained per year # of people to execute a mission Execution Speed Limitations Speed of planning process Speed of mission operation Tactical Depth Limitations Real-time move-counter-move Multi-phase mission strategy we need breakthroughs in technology to accomplish this goal Approved for Public Release, Distribution Unlimited.
Pillars of Foundational Cyberwarfare Exploitation Research automation techniques, defeating formal methods, high-fidelity emulation Network Analysis on-demand topology, infrastructure capability, platform positioning Planning and Execution assured and automated execution, large-scale analytics, distributed planning Cyberwarfare Platform Development Visualization new interfaces, adaptable views, large-scale data representation Approved for Public Release, Distribution Unlimited.
Ideas, thoughts, code? daniel.roelker@darpa.mil Approved for Public Release, Distribution Unlimited.

Recommandé

Final report
Final reportFinal report
Final reportM Shehan Perera
 
Firsthalf Ocr D
Firsthalf Ocr DFirsthalf Ocr D
Firsthalf Ocr DDon Willemann, P.E.
 
BALAJI K _Resume
BALAJI K _ResumeBALAJI K _Resume
BALAJI K _ResumeBalaji K
 
Skype testing overview
Skype testing overviewSkype testing overview
Skype testing overviewQA Club Kiev
 
Skype testing overview
Skype testing overviewSkype testing overview
Skype testing overviewQA Club Kiev
 
Integratedbook
IntegratedbookIntegratedbook
IntegratedbookeLearningGchu
 
Addin Revit.pdf
Addin Revit.pdfAddin Revit.pdf
Addin Revit.pdfssuser589db1
 
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...Daniel Krook
 

Recommandé

Final report
Final reportFinal report
Final reportM Shehan Perera
 
Firsthalf Ocr D
Firsthalf Ocr DFirsthalf Ocr D
Firsthalf Ocr DDon Willemann, P.E.
 
BALAJI K _Resume
BALAJI K _ResumeBALAJI K _Resume
BALAJI K _ResumeBalaji K
 
Skype testing overview
Skype testing overviewSkype testing overview
Skype testing overviewQA Club Kiev
 
Skype testing overview
Skype testing overviewSkype testing overview
Skype testing overviewQA Club Kiev
 
Integratedbook
IntegratedbookIntegratedbook
IntegratedbookeLearningGchu
 
Addin Revit.pdf
Addin Revit.pdfAddin Revit.pdf
Addin Revit.pdfssuser589db1
 
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...
Commit to the Cause, Push for Change: Contributing to Call for Code Open Sour...Daniel Krook
 
Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization Ivano Malavolta
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0ATianwei_liu
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sQAware GmbH
 
Fast Depth Paper Review
Fast Depth Paper ReviewFast Depth Paper Review
Fast Depth Paper ReviewJoondong KIM
 
Investor's Presentation
Investor's PresentationInvestor's Presentation
Investor's PresentationEltechs
 
A New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From ViosoftA New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From Viosoftguestc28df4
 
JDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile TeamsJDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile TeamsWojciech Seliga
 
Cldc Hotspot Architecture
Cldc Hotspot ArchitectureCldc Hotspot Architecture
Cldc Hotspot Architecturezdmilan
 
Multiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game enginesMultiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game enginesLeonel Morgado
 
A New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft CorporationA New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft Corporationart_lee
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Amin Bandeali
 
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Samy Fodil
 
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...IRJET Journal
 
Design Verification: The Past, Present and Futurere
Design Verification: The Past, Present and FuturereDesign Verification: The Past, Present and Futurere
Design Verification: The Past, Present and FuturereDVClub
 
Design verification--the-past-present-and-future
Design verification--the-past-present-and-futureDesign verification--the-past-present-and-future
Design verification--the-past-present-and-futureObsidian Software
 
Usha_BuildandRelease_Resume
Usha_BuildandRelease_ResumeUsha_BuildandRelease_Resume
Usha_BuildandRelease_ResumeUsha Nagubandi
 
Wakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWSWakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWSMenno van der Sman
 
Vb
VbVb
VbKuldeep Sharma
 
Wakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWSWakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWSAmazon Web Services
 
Web2MexADL - CSMR Presentation
Web2MexADL - CSMR PresentationWeb2MexADL - CSMR Presentation
Web2MexADL - CSMR Presentationjccastrejon
 
Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Michael Scovetta
 
Android Attacks
Android AttacksAndroid Attacks
Android AttacksMichael Scovetta
 

Contenu connexe

Similaire à Scaling Cyberwarfare (Roelker)

Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization Ivano Malavolta
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0ATianwei_liu
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sQAware GmbH
 
Fast Depth Paper Review
Fast Depth Paper ReviewFast Depth Paper Review
Fast Depth Paper ReviewJoondong KIM
 
Investor's Presentation
Investor's PresentationInvestor's Presentation
Investor's PresentationEltechs
 
A New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From ViosoftA New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From Viosoftguestc28df4
 
JDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile TeamsJDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile TeamsWojciech Seliga
 
Cldc Hotspot Architecture
Cldc Hotspot ArchitectureCldc Hotspot Architecture
Cldc Hotspot Architecturezdmilan
 
Multiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game enginesMultiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game enginesLeonel Morgado
 
A New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft CorporationA New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft Corporationart_lee
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Amin Bandeali
 
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Samy Fodil
 
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...IRJET Journal
 
Design Verification: The Past, Present and Futurere
Design Verification: The Past, Present and FuturereDesign Verification: The Past, Present and Futurere
Design Verification: The Past, Present and FuturereDVClub
 
Design verification--the-past-present-and-future
Design verification--the-past-present-and-futureDesign verification--the-past-present-and-future
Design verification--the-past-present-and-futureObsidian Software
 
Usha_BuildandRelease_Resume
Usha_BuildandRelease_ResumeUsha_BuildandRelease_Resume
Usha_BuildandRelease_ResumeUsha Nagubandi
 
Wakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWSWakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWSMenno van der Sman
 
Wakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWSWakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWSAmazon Web Services
 
Web2MexADL - CSMR Presentation
Web2MexADL - CSMR PresentationWeb2MexADL - CSMR Presentation
Web2MexADL - CSMR Presentationjccastrejon
 

Similaire à Scaling Cyberwarfare (Roelker) (20)

Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization Software Architecture by Reuse, Composition and Customization
Software Architecture by Reuse, Composition and Customization
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
 
Fast Depth Paper Review
Fast Depth Paper ReviewFast Depth Paper Review
Fast Depth Paper Review
 
Investor's Presentation
Investor's PresentationInvestor's Presentation
Investor's Presentation
 
A New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From ViosoftA New Paradigm In Linux Debug From Viosoft
A New Paradigm In Linux Debug From Viosoft
 
JDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile TeamsJDD Effective Code Review In Agile Teams
JDD Effective Code Review In Agile Teams
 
Cldc Hotspot Architecture
Cldc Hotspot ArchitectureCldc Hotspot Architecture
Cldc Hotspot Architecture
 
Multiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game enginesMultiuser serious game development: Virtual worlds vs. Game engines
Multiuser serious game development: Virtual worlds vs. Game engines
 
A New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft CorporationA New Paradigm In Linux Debug From Viosoft Corporation
A New Paradigm In Linux Debug From Viosoft Corporation
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)
 
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
Connectivity is here (5 g, swarm,...). now, let's build interplanetary apps! (1)
 
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
IRJET- Generation of HTML Code using Machine Learning Techniques from Mock-Up...
 
Design Verification: The Past, Present and Futurere
Design Verification: The Past, Present and FuturereDesign Verification: The Past, Present and Futurere
Design Verification: The Past, Present and Futurere
 
Design verification--the-past-present-and-future
Design verification--the-past-present-and-futureDesign verification--the-past-present-and-future
Design verification--the-past-present-and-future
 
Usha_BuildandRelease_Resume
Usha_BuildandRelease_ResumeUsha_BuildandRelease_Resume
Usha_BuildandRelease_Resume
 
Wakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWSWakoopa Recommendation Engine on AWS
Wakoopa Recommendation Engine on AWS
 
Vb
VbVb
Vb
 
Wakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWSWakoopa Recommendations Engine on AWS
Wakoopa Recommendations Engine on AWS
 
Web2MexADL - CSMR Presentation
Web2MexADL - CSMR PresentationWeb2MexADL - CSMR Presentation
Web2MexADL - CSMR Presentation
 

Plus de Michael Scovetta

Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Michael Scovetta
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesMichael Scovetta
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State MachinesMichael Scovetta
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesMichael Scovetta
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client BackdoorMichael Scovetta
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForMichael Scovetta
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesMichael Scovetta
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst PracticesMichael Scovetta
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsMichael Scovetta
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)Michael Scovetta
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)Michael Scovetta
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationMichael Scovetta
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)Michael Scovetta
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Michael Scovetta
 

Plus de Michael Scovetta (20)

Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013Peter Norvig - NYC Machine Learning 2013
Peter Norvig - NYC Machine Learning 2013
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 
Strategic Surprise
Strategic SurpriseStrategic Surprise
Strategic Surprise
 
Stackjacking
StackjackingStackjacking
Stackjacking
 
Modern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and TechniquesModern Kernel Pool Exploitation: Attacks and Techniques
Modern Kernel Pool Exploitation: Attacks and Techniques
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State Machines
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade Machines
 
Attacking the WebKit Heap
Attacking the WebKit HeapAttacking the WebKit Heap
Attacking the WebKit Heap
 
The Listening: Email Client Backdoor
The Listening: Email Client BackdoorThe Listening: Email Client Backdoor
The Listening: Email Client Backdoor
 
Smooth CoffeeScript
Smooth CoffeeScriptSmooth CoffeeScript
Smooth CoffeeScript
 
DEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking ForDEFCON 18- These Aren't the Permissions You're Looking For
DEFCON 18- These Aren't the Permissions You're Looking For
 
Systematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android SmartphonesSystematic Detection of Capability Leaks in Stock Android Smartphones
Systematic Detection of Capability Leaks in Stock Android Smartphones
 
Consumer Password Worst Practices
Consumer Password Worst PracticesConsumer Password Worst Practices
Consumer Password Worst Practices
 
HTML5 Web Security
HTML5 Web SecurityHTML5 Web Security
HTML5 Web Security
 
A collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programsA collection of examples of 64 bit errors in real programs
A collection of examples of 64 bit errors in real programs
 
If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)If You Don't Like the Game, Hack the Playbook... (Zatko)
If You Don't Like the Game, Hack the Playbook... (Zatko)
 
High Assurance Systems (Fisher)
High Assurance Systems (Fisher)High Assurance Systems (Fisher)
High Assurance Systems (Fisher)
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal Verification
 
National Cyber Range (Ranka)
National Cyber Range (Ranka)National Cyber Range (Ranka)
National Cyber Range (Ranka)
 
Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)Beyond Passwords (Guidorizzi)
Beyond Passwords (Guidorizzi)
 

Dernier

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 

Dernier (20)

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 

Scaling Cyberwarfare (Roelker)

  • 1. Dan Roelker Program Manager, Information Innovation Office Scaling Cyberwarfare DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
  • 2. Cyberartisan production doesn’t scale All cybertools have a limited shelf-life and operational relevance Cyberartisan Automation Skill Individual Technology-based Level of effort Manually intensive Mass produced Cost/Benefit “Too big to fail” Cost effective Approved for Public Release, Distribution Unlimited.
  • 3. Program: Binary Executable Transforms (BET) Identify Extract Combine 1 1 1 Binary A 2 1 2 3 1 2 3 2 1 3 2 Binary B 1 2 2 1 2 3 1 3 2 1 1 Binary C 2 3 1 2 1 2 3 1 2 BET Basic Research Areas Automated combinatorial approach to software development given requirements could provide novel outcomes and diverse binary sets BET identifies and extracts functional components from binary executables with potential for reusing components in new combinations Approved for Public Release, Distribution Unlimited.
  • 4. Hacker vs. Hacker approach doesn’t scale Skill Level Not everyone can be the cyber equivalent of a Navy SEAL Scaling Limitations Force size Execution speed Tactical depth We don’t win wars by out-hiring an adversary, we win through technology Approved for Public Release, Distribution Unlimited.
  • 5. Limitations to the Hacker vs. Hacker approach Cyberwarfare is executed at the speed of light . . . Force Size Limitations #of people trained per year # of people to execute a mission Execution Speed Limitations Speed of planning process Speed of mission operation Tactical Depth Limitations Real-time move-counter-move Multi-phase mission strategy we need breakthroughs in technology to accomplish this goal Approved for Public Release, Distribution Unlimited.
  • 6. Pillars of Foundational Cyberwarfare Exploitation Research automation techniques, defeating formal methods, high-fidelity emulation Network Analysis on-demand topology, infrastructure capability, platform positioning Planning and Execution assured and automated execution, large-scale analytics, distributed planning Cyberwarfare Platform Development Visualization new interfaces, adaptable views, large-scale data representation Approved for Public Release, Distribution Unlimited.
  • 7. Ideas, thoughts, code? daniel.roelker@darpa.mil Approved for Public Release, Distribution Unlimited.