1 / 31

Is Deterrence Working? Some Empirical Studies in Cybersecurity

Delve into empirical studies on cybersecurity deterrence and educational outreach programs fostering cyber awareness. Learn about ACES honors program, summer camps, Saturday workshops, and research findings on deterrence in cyberspace. Discover the challenges in identifying, locating, and prosecuting cyber attackers. Uncover the efforts to enhance cybersecurity education and promote deterrence strategies in today's digital landscape.

ireneking
Download Presentation

Is Deterrence Working? Some Empirical Studies in Cybersecurity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Is Deterrence Working? Some Empirical Studies in Cybersecurity Michel CukierDirector, Advanced Cybersecurity Experience for Students Associate Director for Education, Maryland Cybersecurity CenterAssociate Professor, Reliability Engineering

  2. Outline • Education • Outreach • ACES • Research • Deterrence: empirical studies

  3. Outline • Education • Outreach • ACES • Research • Deterrence: empirical studies

  4. Summer Camps • Cyber Defense Training Camp: • Intermediate level one-week summer program for high school boys/girls (rising juniors/seniors) • Collaboration with National CyberWatch Center • Participants learn about system administration, operating systems, networking, programming and more • Includes a campus tour, guest speakers, and field trips to the NSA Cryptologic Museum and Industry Leaders such as Northrop Grumman and Lockheed Martin

  5. Summer Camps • CyberSTEM Camp: • One-week commuter summer program for middle school (incoming 7th/8th grade) girls • Collaboration with National CyberWatch Center • Participants learn about programming using Scratch, digital forensics, gaming and modeling, cryptography, and cyber safety • Includes a campus tour, guest speakers, and field trips to the NSA Cryptologic Museum and Industry Leaders such as Northrop Grumman and Lockheed Martin

  6. Summer Camps • Intermediate CyberSTEM Camp: • One-week commuter summer program for middle school (incoming 9th/10th grade) girls • Collaboration with National CyberWatch Center • Participants learn about programming using MicroWorlds and Python, gaming and modeling, digital forensics, cyber safety, cryptography, and careers in cybersecurity • Includes a campus tour, guest speakers, and field trips to the NSA Cryptologic Museum and Industry Leaders such as Northrop Grumman and Lockheed Martin

  7. Saturday Cybersecurity Awareness Workshops • Saturday Awareness Workshop for Middle School Girls • Interactive learning and mentoring experience for girls in grades 6-8 who are interested in technology, computers, and cybersecurity • Undergraduate students lead workshops in various computer and technology related topics • Goal is to have young women feel confident and competent when using technology • Topics include internet privacy, computer safety, password protection, cryptography, and lock-picking

  8. Saturday Cybersecurity Awareness Workshops • Saturday Awareness Workshop for 4th and 5th Graders • Interactive learning and mentoring experience boys and girls in grades 4-5 who are interested in technology, computers, and cybersecurity • Undergraduate students lead workshops in various computer and technology related topics • Goal is to introduce young students to STEM topics and spark their interest in computers and technology • Topics include public key encryption, information hiding, networking, and an introduction to the concept of programming languages

  9. Saturday Cybersecurity Awareness Workshops

  10. Outline • Education • Outreach • ACES • Research • Deterrence: empirical studies

  11. ACES Overview • First four year honors undergraduate program in cybersecurity • Launched with the help of a major gift from Northrop Grumman • Features a multidisciplinary approach to cybersecurity • Two linked academic programs in a 2 + 2 model • Apply during sophomore year to continue into ACES II ACES I Freshmen & Sophomores Living-Learning Program First cohort entered Fall 2013 ~75 students per year ACES II Juniors & Seniors Advanced Academic Program Launching in Spring 2016 ~50 students per year

  12. ACES I Curriculum • 14 total credits over the two years • Earn Honors College Citation in Cybersecurity

  13. HACS208 Seminars • Honors seminars are limited to 20 seats • Sample Courses: • HACS208A: Accounting and Economic Aspects of Cybersecurity • HACS208C: Human Actors and Cyber Attacks • HACS208E: Reverse Engineering • HACS208F: A Global Perspective on Cybersecurity • HACS208P: Beyond Technology, the Policy Implications of Cyberspace • HACS208Z: Methods for Solving (and Not Solving) Puzzles

  14. Program Activities • Extracurricular events focused around three areas: • EducationalEvents • Social Opportunities • Professional Development

  15. ACES I Students Fall 2015

  16. Classes and Enrollment

  17. ACES News • ACES year 3-4 approved as a minor • Northrop Grumman renews funding for ACES • LTS/NSA becomes a major partner of ACES • Additional support: • Parsons, MITRE, Leidos, and Secunetics • UMD wins 2015 Innovation & Economic Prosperity (IEP) University Awards by the Association of Public and Land-grant Universities (APLU)

  18. Outline • Education • Outreach • ACES • Research • Deterrence: empirical studies

  19. Deterrence and Cyberspace

  20. Deterrence and Cyberspace • Difficulty to identify the attacker • Difficulty to locate the attacker • Difficulty to prosecute in other countries  No empirical study supporting that claim

  21. Deterrence Aspects * * * WARNING * * * Unauthorized access to this computer is in violation of Md. Annotated Code, Criminal Law Article sections 8-606 and 7-302 and the Computer Fraud and Abuse Act, 18 U.S.C. sections 1030 et seq. … Warning Surveillance and monitoring tools Banner announcing Surveillance Surveillance

  22. Cybercrime Framework SSH as point of entry Support different honeypot configurations (treatment) Support several experiments Large number of public IP addresses per experiment

  23. Honeypot Lifecyle Honeypot recycled after 30 days Attacker brute-forces the honeypot After ~100+ login/password access is granted Attacker connects to honeypot and uses it Data collection

  24. Surveillance • Experimental Setup • 300 public IP addresses • 4 different honeypot types • Metrics • Number of crimes • Temporal distribution of the crimes • Datasets • Network flow records to identify crimes • Keystrokes to identify malicious software installations

  25. Honeypot Types

  26. Surveillance Banner

  27. Surveillance Processes

  28. Observations • Results from April 2012 to October 2013 • 2,914 honeypots deployed • 611 crimes committed

  29. Results • 64% of the honeypots with activity are used to build malicious attacks • Only 3% of the honeypots committed at least one crime

  30. Deterrence Summary 3% of the honeypots Deterrence has no effect 64% of the honeypots • Reduces significantly the duration of the sessions Warning Surveillance • Impacts whether commands are typed in first session

  31. More Information Michel Cukier Email: mcukier@umd.edu Phone: 301 314 2804 URL: http://terpconnect.umd.edu/~mcukier/ MC2 Education: http://www.cyber.umd.edu/education ACES: http://www.aces.umd.edu

More Related