SLIDE 1
Detecting Nation State Cyberattacks with Classified Threat Sensors
- Dr. Steve Weis, Dr. Aloni Cohen, Dr. Amina Asim
- Dr. Stephen Weis
- Dr. Aloni Cohen
- Dr. Amina Asim
Detecting Nation State Cyberattacks with Classified Threat Sensors - - PowerPoint PPT Presentation
Detecting Nation State Cyberattacks with Classified Threat Sensors - - PowerPoint PPT Presentation
Detecting Nation State Cyberattacks with Classified Threat Sensors Dr. Steve Weis, Dr. Aloni Cohen, Dr. Amina Asim Dr. Stephen Weis Dr. Aloni Cohen Dr. Amina Asim Private companies must defend against foreign nations without access to
SLIDE 2
SLIDE 3
Private companies must defend against foreign nations without access to classified threat intelligence.
SLIDE 4
Private Computer Threat Detection Security Logs
Private Company Network
Cyber Attacker 🙃 ☠ 🙃 … Indicator of Compromise Private Logs ☠
The Information Sharing Challenge
SLIDE 5
Private Computer Threat Detection Security Logs
Private Company Network
Cyber Attacker Classified Intelligence ☠ = 👏 🙃 ☠ 🙃 … Indicator of Compromise Private Logs ☠
The Information Sharing Challenge
❓
Can private industry apply classified intelligence without leaking it?
SLIDE 6
What if a classified threat sensor could apply classified intelligence to private company data?
SLIDE 7
Private Computer Classifed Threat Sensor Security Logs
Private Company Network
☠ Cyber Attacker Classified Intelligence ☠ = 👏 🙃 ☠ 🙃 … 🔓 Encrypted Intelligence Indicator of Compromise Private Logs ☠
Classified Threat Sensors
SLIDE 8
CANAREE: Classified Analysis of Network Attacks in a Restricted Execution Environment
SLIDE 9
Secure enclaves are safe spaces to run your own software on someone else’s computer.
SLIDE 10
Private Computer Secure Enclave
Private Data
Verification Service
Classified Unclassified
Classified Intelligence Open Source Code
Starting a Classified Threat Sensor
SLIDE 11
Private Computer Secure Enclave
Private Data 1. Verify enclave is authentic
- 3. Encrypted Intelligence
- 5. Encrypted “Hit or Miss”
Verification Service
Classified Unclassified
Encryption Service Classified Intelligence
- 4. Search
- 2. Encrypt
Searching for Threats in Private Data
SLIDE 12
Private Computer Secure Enclave
Private Data 1. Verify enclave is authentic
- 3. Encrypted Intelligence
- 5. Encrypted “Hit”
Verification Service
Classified Unclassified
Encryption Service Classified Intelligence
- 4. Search
- 2. Encrypt
Analyst
- 6. “Hit”
- 7. “You have a problem…”
Employee
Responding to Detected Threats
SLIDE 13
Private Computer Secure Enclave 🔒 ☠? Security Logs
Private Company Network
☠ Cyber Attacker Classified Intelligence ☠ = 👏 🙃 ☠ 🙃 … 🔓
CANAREE: Classified Analysis of Network Attacks in a Restricted Execution Environment
Encrypted Intelligence Indicator of Compromise Private Logs ☠
SLIDE 14
Five Phase Plan
Phase 1 Open Source Proof of Concept Phase 2 Industry-to-Industry Trial Deployment Phase 3 Government-to-Government Trial Deployment Phase 4 Government-to-Industry Unclassified Sharing Phase 5 Government-to-Industry Classified Sharing
SLIDE 15
Call for Funding
- Call for $150,000 grant to develop a classified threat sensor.
- Funding will cover 2 student developers for 1 semester plus a part time PI.
- Working prototype should be delivered in 6 months.
- All software will be available under open source license.
SLIDE 16
Thanks to Generous Supporters
SLIDE 17