Yampolskiy, Analysis of Cyber Infrastructure Authentication Failure Vulnerabilities to Inform Security Decisions



Similar documents
How To Write A Book On Risk Management

M.A., Political Science 2006 University of California, Riverside

Curriculum Vitae. March 2012

Department of Political Science Phone: (805) University of California, Santa Barbara Fax: (805)

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

CAROL KRAKER STOCKMAN, Ph.D Castleman Street, Pittsburgh, Pennsylvania / ckstockman@gmail.com

2010 Master of Science Computer Science Department, University of Massachusetts Amherst

Decision and Risk Analysis, Applied Probability, Economics of Information, Homeland Security

TESTIMONY. Analyzing Terrorism Risk HENRY WILLIS CT-252. November 2005

9700 South Cass Avenue, Lemont, IL URL: fulin

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

JOHN M. CZARNETZKY CURRENT POSITION. UNIVERSITY OF MISSISSIPPI, School of Law, University, Mississippi. Professor of Law (1994 to present).

Supplemental Tool: Executing A Critical Infrastructure Risk Management Approach

WMD Terrorism Risk Assessment in the Department of Homeland Security. Why Risk Assessment? Probabilistic Risk Assessment

Preventing and Defending Against Cyber Attacks November 2010

Fast Facts About The Cyber Security Job Market

Master of Science in Software Engineering Student Guide

Preventing and Defending Against Cyber Attacks June 2011

Cyber Security Research and Development: A Homeland Security Perspective

Statement of. Mike Sena. President, National Fusion Center Association. Director, Northern California Regional Intelligence Center (NCRIC)

Cyber Adversary Characterization. Know thy enemy!

Industrial Control Systems Security Guide

USF Graduate Catalog SECTION 23.

I N S T I T U T E F O R D E FE N S E A N A L Y S E S NSD-5216

v. 03/03/2015 Page ii

Cyber Security Awareness Workshop

Tutorials: Abstracts and Speakers Bio

Discover Viterbi: Computer Science

El Camino College Homeland Security Spring 2016 Courses

Discover Viterbi: Systems Architecting & Engineering. Professor Azad Madni. Meghan McKenna Balding

John Noll, Ph.D. Research Associate, ATRIUM Laboratory, Marshall School of Business, University of Southern California,

Cyber Security and Insider Threat: Research and Challenges

Master of Cyber Security

Risk-Informed Security: Summary of Three Workshops

Actions and Recommendations (A/R) Summary

EDUCATION: EXPERIENCE: Ph.D. Iowa State University, Fall 1998 Fields: Public Economics, Environmental Economics, Microeconomic Theory

Discover Viterbi: Petroleum Engineering

National Cybersecurity & Communications Integration Center (NCCIC)

EDUCATION DEGREES University of California Ph.D. Information & Computer Science 1990

Curriculum Vitae EXPERIENCE WORK HISTORY

CARVER+Shock Vulnerability Assessment Tool

DHS. CMSI Webinar Series

INFORMATION SYSTEMS AND TECHNOLOGY MANAGEMENT

B.Sc. in Computer Engineering, School of Electrical and Computer Engineering,

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Department of Electronic Information Engineering, Beihang Univerisity Specialization: Electrical Engineering, Completion: July 2004

Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary

Discover Viterbi: Cyber Security Engineering & Informatics Programs

Data Security Concerns for the Electric Grid

Department of Political Science

JOHN DAVIDSON WOODWARD, JR.

ECONOMIC ASPECTS OF CYBER/INFORMATION SECURITY

HOMELAND SECURITY INTELLIGENCE RPAD 556

Introduction to NICE Cybersecurity Workforce Framework

Post-Graduation Survey Results 2014 Dietrich College of Humanities & Social Sciences STATISTICS Bachelor of Science

TAMMY L. RAPP 7801 Angel Ridge Rd. Athens, OH (330)

Brian Alan Snyder, Ph. D.

Issue Paper. Wargaming Homeland Security and Army Reserve Component Issues. By Professor Michael Pasquarett

V&V and QA throughout the M&S Life Cycle

Discover Viterbi: New Programs in Computer Science

SECURITY AND RESILIENCE STUDIES

RYAN K. BAGGETT

Department of Homeland Security Federal Government Offerings, Products, and Services

CURRICULUM VITAE. Ph.D. Candidate Kent State University, Department of Geography

Teaching in School of Electronic, Information and Electrical Engineering

Joshua G. Rosett PUBLICATIONS. Refereed Journal Articles

Curriculum Vitae RESEARCH INTERESTS EDUCATION. SELECTED PUBLICATION Journal. Current Employment: (August, 2012 )

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

Physics Graduate Program Handbook

USF Graduate Catalog SECTION 18.

Managing Cyber Risks to Transportation Systems. Mike Slawski Cyber Security Awareness & Outreach

June Zhang (Zhong-Ju Zhang)

Hearing before the House Permanent Select Committee on Intelligence. Homeland Security and Intelligence: Next Steps in Evolving the Mission

UNM Information Assurance Scholarship for Service (SFS) Program

present: Assistant Professor, Foster Faculty Fellow Michael G. Foster School of Business, University of Washington

David Richard Tannenbaum

Transcription:

CREATE FY2016 Statement of Work Yampolskiy, Analysis of Cyber Infrastructure Authentication Failure Vulnerabilities to Inform Security Decisions In this project, we develop and apply a model for estimating probabilities for cyber infrastructure user authentication failures. We estimate failure probabilities using available empirical data and expert judgment. Failure probability estimation provides a decision-analytic theoretical basis for assessing the benefits of development of additional authentication modalities and overall configuration of an optimal multimodal authentication system for secure cyber infrastructure. Project Technical Description: 1. Theme Areas: Risk and Decision Analysis - Management of Risks from Intelligent, Adaptive Adversaries 2. Principal Investigator: Roman Yampolskiy 3. Institution: University of Louisville 4. Co-Investigators: Anthony M. Barrett and Seth Baum (Global Catastrophic Risk Institute) 5. Research Transition Lead: Anthony M. Barrett 6. Keywords: Cyber infrastructure, emergingthreat assessment, intelligence analysis, risk and decision analysis Example Biometric User Authentication Process 7. Brief Description: Many kinds of cyber security failure modes have been found and exploited by intelligent, adaptive adversaries. Efforts to develop more secure systems often aim to balance security benefits against costs imposed on users. Risk analysis and decision analysis methods hold potential for informing decisions to prioritize cyber security development efforts. In this project, we develop and apply a model for estimating probabilities for cyber infrastructure user authentication failure modes. Failure probability estimation provides a decision-analytic theoretical basis for assessing the benefits of development of additional authentication modalities and overall configuration of an optimal multimodal system. We identify cyber security system failure modes, and represent those within our model. To estimate the probabilities of each specific type of failure, we employ two main methods: first, we find and incorporate available empirical data, and second, we use expert judgment to create some approximate estimates. For our main candidate application case, we propose to focus on systems that provide continuous authentication to cyber infrastructure by profiling multiple physical and/or behavioral biometrics of users. We will select a specific application case in partnership with an end customer at the US Department of Homeland Security (DHS), which has significant responsibility for helping to secure U.S. critical infrastructure that have some kind of cyber vulnerabilities in their control and communication systems (including the electric power grid, telecommunications systems, chemical industry plants, and many other Critical Infrastructure/Key Resources areas). 8. Research Objectives: The main research objectives of the proposed year s project are to develop and apply a methodology for cyber system failure mode probability assessment, to inform security system development decisions. The proposed project s methodology will be designed for implementation by risk analysts and cyber security 3710 McClintock Avenue, RTH 314 ~ Los Angeles, CA 90089-2902 ~ (213) 740-5514 ~ www.usc.edu/create

practitioners. Yampolskiy, Analysis of Cyber Infrastructure Authentication Failure Vulnerabilities to Inform Security Decisions 9. Research Transition Objectives: The main research transition objectives of the proposed year s project are to identify and develop a practical prototype and/or application case for cyber system failure mode probability assessment. The case study will be selected to best inform practical security system development decisions of a DHS end customer, e.g. for the DHS Office of Cyber Security and Communications (CS&C). 10. Interfaces to CREATE Projects: This work will seek to build on work from CREATE s projects on adaptive-adversary risk analysis, emerging-threat technology risks [1], expert elicitation [2], and assessment of value of information [3]. 11. Previous or current work relevant to the proposed project: The PI (Yampolskiy) has conducted numerous cyber security development projects [4-7] and is also the Director of Cybersecurity Laboratory and an Associate Professor of Computer Engineering and Computer Science at the University of Louisville. The Co-PI of the proposed work (Barrett) was the PI of the CREATE Year 10 (Year 4 of Cooperative Agreement) project Analysis of Current and Future Catastrophic Risks from Emerging-Threat Technologies and the CREATE Year 11 (Year 5 of Cooperative Agreement) project Extending Analysis of Current and Future Catastrophic Risks from Emerging-Threat Technologies. The PI (Barrett) has also developed attack path and accident scenario fault-tree logic models and computational models in assessing risks of terrorism scenarios in CREATE s Adaptive Adversary Modeling methodology development project [8], and other work at CREATE and elsewhere. The third investigator (Baum) has performed expert elicitation to quantitatively forecast the development of rapidly developing technology in artificial intelligence. 12. Major Deliverables, Research Transition Products and Customers: Project deliverables and products will include reports and computational models for a methodology to use available information and expert judgment to assess cyber system security failure mode estimation probabilities and inform security development decisions. The reports will include discussion of methodological limitations, extensions, and practitioner implementation steps. The proposed year s application prototype and/or case will be designed with the end customer. The focus will be selected to maximize customer value within constraints. Potential end customers at DHS include a variety of offices with programs on user authentication and infrastructure security, such as the Office of Cyber Security and Communications (CS&C), including the US Computer Emergency Readiness Team (US-CERT) or another part of the National Cybersecurity and Communications Integration Center (NCCIC), as well as the Science & Technology (S&T) Cyber Security Division. 13. Technical Approach: To develop and apply a model for estimating probabilities for cyber infrastructure user authentication failure modes, we use the following steps. 1. Identify and model cyber security system failure modes 2. Estimate the probabilities of each specific type of failure 3. Use failure probability estimates in decision analysis to assess the benefits of development of Page 2 of 6

additional authentication modalities and overall configuration of an optimal multimodal system For inputs to both steps one and two, we employ two sources of information: We find and incorporate available empirical data, and We use expert elicitation to capture the best judgment available, reflecting uncertainties, for cases where empirical data is lacking To estimate probabilities for each failure mode, we will use empirical data and/or expert judgment in several complementary ways designed to make greatest use of available information. Where possible, we will directly estimate the probabilities of failures. We will also seek to characterize attributes of the failure modes that could be used indirectly to estimate failure probabilities. For example, for failure modes that could be caused by intelligent adversaries, we will seek to characterize relevant attributes of attack difficulty and attractiveness that could affect an adversary s probabilities of attempting such an attack and of succeeding in such an attack. (We will aim for compatibility with analogous frameworks used in other DHS intelligent-adversary modeling efforts.) For our main candidate application case, we plan to focus on systems that provide continuous authentication to cyber infrastructure by profiling multiple physical and/or behavioral biometrics of users. We also plan to consider an alternate application case, in which we use the same failure mode probability estimation analysis methods on a different cyber authentication problem: authentication of a secure communication protocol involving steganography/side channel free communication between two parties. Such authentication methods are key parts of cyber security systems, which underpin a broad range of critical infrastructures in sectors with which DHS works. We will select a specific methodology application case in discussion with research partners after project funding is secured. The case will be selected to maximize value within constraints. We are in contact with potential research partners, both at DHS and in technology-related nongovernmental organizations, who could serve as clients and/or sources of experts for this project. (Several offices in DHS CS&C have communicated their interest and indicated that the proposed study could be relevant to their development and technology programs.) We will appropriately protect sensitive information, while providing description of our methods sufficient to allow other researchers to examine and employ them. Finally, we will seek case studies that would allow prototype application of probability estimation methods. However, our investigators efforts in those areas will necessarily be limited in the proposed one-year project. We would propose more extensive related work in follow-on projects. The PI (Yampolskiy) will lead work on cyber security system modeling, and co-lead work on identification of failure modes as well as research transition efforts. (Yampolskiy will be assisted by a graduate student.) The Co-PI (Barrett) will lead work on estimating the probability that a particular system will perform as specified, and will co-lead work on identification of failure modes, as well as colead expert elicitations. Barrett will also co-lead the research transition effort. Finally, the third investigator (Baum) will co-lead expert elicitations. As part of the project, we plan to develop and apply computational models using commercially available off-the-shelf (COTS) software, such as Analytica by Lumina Decision Systems or R statistical software. The computational models will reflect the frameworks and specific examples used in the application case, Page 3 of 6

including relevant scenario fault-tree logic model structures and parameter estimates. The prototypes and computational models will be provided to the application case research end customer to aid in transition to operational use of methods and implementation by risk practitioners. 14. Major Milestones and Dates: 1. Conduct initial literature review, conduct initial discussions with end customer, subject matter experts, and build first-iteration models using representative data available at that point, -- November 2015. 2. Conduct initial discussions with subject matter experts, conduct initial analyses -- January 2016. 3. Conduct expert elicitations and obtain other data to improve models and analyses -- March 2016. 4. Finalize models and analyses; write final report June 2016. 5. Develop research transition product development plan and conduct webinar June 2016. 15. References: 1. Barrett, A.M. Analyzing Current and Future Catastrophic Risks from Emerging-Threat Technologies. 2014 [cited May 5, 2014]; Available from: http://research.create.usc.edu/cgi/viewcontent.cgi?article=1062&context=current_synopses. 2. Hora, S.C., Probability Modeling and Expert Judgment, in Research Project Summaries. 2011, CREATE. 3. Willis, H.H. and M. Moore, Improving the Value of Analysis for Biosurveillance. Decision Analysis, 2013. 4. Yampolskiy, R.V., Action Based User Authentication. International Journal of Electronic Security and Digital Forensics, 2008. 1(3): p. 281-300. 5. Yampolskiy, R.V. and V. Govindaraju, Behavioral Biometrics: a Survey and Classification. International Journal of Biometrics, 2008. 1(1): p. 81-113. 6. Yampolskiy, R. and M. Gavrilova, Artimetrics: Biometrics for Artificial Entities. IEEE Robotics and Automation Magazine, 2012. 19(4): p. 48-58. 7. Yampolskiy, R. and D. D'Souza, Natural vs Artificial Face Classification using Uniform Local Directional Patterns and Wavelet Uniform Local Directional Patterns, in Conference on Computer Vision and Pattern Recognition (CVPR), IEEE Computer Society Workshop on Biometrics. 2014: Columbus, Ohio. 8. Barrett, A.M., et al., Adaptive Adversary Modeling for Terrorism Risk Management, in Fifth Annual Conference of the Security Analysis and Risk Management Association. 2011: Arlington, Virginia. Page 4 of 6

16. CVs (of the Principal Investigator and Co-PI): Roman V. Yampolskiy (Principal Investigator) EDUCATION Ph.D., Computer Science and Engineering, University at Buffalo (2008) B.S. and M.S., Computer Science, Rochester Institute of Technology (2004) PROFESSIONAL EXPERIENCE Associate Professor - Speed School of Engineering, University of Louisville - Department of Computer Engineering and Computer Science Dates Position, Research Center, Supervisor 2014 2008 2014 2008 Summer 2014 Summer 2012 Summer 2011 Associate Professor, with TENURE awarded from August 1, 2015. Assistant Professor, Department of Computer Engineering & Computer Science Founding Director, Cyber Security Laboratory, University of Louisville Visiting Faculty (Funded by NSF) Information Systems & Internet Security, Polytechnic School of Engineering, New York University. Advisor: Dr. Nasir Memon Postdoctoral Student (80/3150 = 2.5% Acceptance Rate, Funded by Google) Singularity University, Graduate Studies Program, Mountain View, CA. Advisor: Dr. Ray Kurzweil Postdoctoral Student. New Kind of Science Summer Institute (NKSSI), Boston, MA. Advisor: Dr. Stephen Wolfram 2004-2007 Researcher, Center for Unified Biometrics and Sensors. University at Buffalo. Supervisor: Dr. Venu Govindaraju Research 100+ Peer-Reviewed Publications (60% of papers as the first or only author) o 29 Journal, 65 Conference, 11 Book Chapters, 6 books, 16 Workshop papers H-Index = 14, based on 700+ Citations (Google Scholar) PI or Co-PI on Multiple Cybersecurity Related Projects Mentoring Graduated: 2 PhD, 3 MS Thesis and 11 MS Project students Currently supervising 3 PhD students (all ABD), 2 MS students and 1 undergraduate Served on the Defense Committees for 17 students (MS Thesis and PhD) Promotion of Research Research featured by: BBC, Yahoo, MSNBC, New Scientist, Forbes, ACM, 200+ news stories, dozens of interviews for TV, Radio, and Magazines Over 3 million viewers/readers, 1000s of comments, articles reposted 100s of times. Page 5 of 6

Anthony M. Barrett (Co-PI) EDUCATION Ph.D., Engineering & Public Policy, Carnegie Mellon University (2009). Bachelor of Science, Chemical Engineering, University of California, San Diego (2000). PROFESSIONAL EXPERIENCE Senior Risk Analyst, 2013 Present; ABS Consulting, Arlington, VA Supporting risk analysis efforts of several parts of US Department of Homeland Security (DHS), including Infrastructure Security Compliance Division (ISCD) and Domestic Nuclear Detection Office (DNDO). Stanton Nuclear Security Fellow, 2012 2013; RAND Corporation, Arlington, VA Conducted independent research to analyze residual risks of inadvertent and accidental nuclear war scenarios during one-year residential fellowship. Director of Research and Co-Founder, 2011 Present, Global Catastrophic Risk Institute (GCRI) Leading research initiatives on topics including nuclear war and emerging technologies. Risk Analyst, 2010 2012; ABS Consulting, Arlington, VA Principal Investigator on US DHS Chemical Security Analysis Center project to develop metrics for risk impacts of changes in hazardous chemical processes and supply chains. Researched and developed analytic methodologies for Adaptive Adversary Modeling for Terrorism Risk Analysis as member of project team funded by DHS Science and Technology. Also led or contributed to risk and decision analysis projects for several other parts of the US Department of Homeland Security (DHS), including the Domestic Nuclear Detection Office (DNDO), the Office of Risk Management and Analysis (RMA), and the US Coast Guard. Postdoctoral Research Associate, 2008 2010; National Center for Risk & Economic Analysis of Terrorism Events (CREATE), University of Southern California, Los Angeles, CA Graduate Research Assistant, 2004 2008; Department of Engineering & Public Policy, Carnegie Mellon University, Pittsburgh, PA Federal Fellow to US Department of Homeland Security, 2005; American Society of Mechanical Engineers / AAAS / DHS, Washington, DC SELECTED PUBLICATIONS Barrett, A. M., S. D. Baum and K. R. Hostetler, Analyzing and Reducing the Risks of Inadvertent Nuclear War Between the United States and Russia, Science and Global Security, 2013. Vol. 21, No. 2, pp. 106-133. Barrett, A.M. and E.A. Casman, Should Cities Invest in Sheltering-in-Place Measures against Chlorine Truck Attacks by Terrorists?, Risk Analysis, 2013. Vol. 33, No. 5, pp. 931-944. Barrett, A.M., and P.J. Adams, Chlorine Truck Attack Consequences and Mitigation, Risk Analysis, Vol. 31 (2011), No. 8, pp. 1243-1259. Barrett, A.M., Cost Effectiveness of On-site Chlorine Generation for Chlorine Truck Attack Prevention, Decision Analysis, Vol. 7 (2010), No. 4, pp. 366-377. Barrett, A.M., Modeling and Analysis for Robust Risk Management: PortSec Resource Allocation Decision Support Framework, in Workshop on Grand Challenges in Modeling, Simulation and Analysis for Homeland Security (MSAHS-2010), March 17-18, 2010, Washington, DC. Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information