1 / 10

Red Teams & Other Experiment Process Headaches NDSS 2000 Symposium, 4 February 2000

Learn the importance of Red Teams in experiment processes, including motivation, objectives, and benefits. Discover the role of Red Teams in studying adversaries, developing metrics, and providing checks and balances. Get insights on Cyber-terrorist models, tips for using Red Teams effectively, and current challenges in the field. Join the exploration of effective experimentation methods, realistic operational scenarios, and the fun of planning experiments with Red Teams! Let's rock & roll in the world of Red Teams!

mpaul
Download Presentation

Red Teams & Other Experiment Process Headaches NDSS 2000 Symposium, 4 February 2000

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Red Teams&Other Experiment Process HeadachesNDSS 2000 Symposium, 4 February 2000 Brad Wood (bjwood@sandia.gov) Information Design Assurance Red Team http://www.sandia.gov/idart Sandia National Laboratories Albuquerque, NM 87185-0449

  2. Experimentation Emphasis • Inspired by DARPA • Objectives • Support or refute the some hypothesis • Probe the “dark spaces” • Evaluate approaches and assumptions quickly • Develop and execute experiments which are… • Motivated by programmatic goals • Scientifically well-posed • Quantitative and repeatable • Collect hard data • on an “illusive” adversary and hard issues

  3. Opportunity to study a pervasive influence “The Adversary” Add realism to the experimentation process Gather some hard data Support or refute program & researcher assertions. Develop relevant metrics Provide limited checks and balances Why use a Red Team?

  4. Basic Concepts • The Red Team is a model adversary • A Red Team can model different adversaries. • The Red Team attempts to model a real adversary • Differs from a real adversary. • Limits potential for destruction • Potential for accountability • Discloses all tools and techniques • Part of a team to achieve some common goal The Red Team is your friend! 3

  5. Cyber-terrorist Model

  6. Red Teams are... • Goal oriented • Typically have some goal or mission when attacking. • Well-informed • They have read all the documents. • Well-financed • Access to commercial technology & consulting • Lazy • Shy • Seeks to avoid premature detection • Creative & Sneaky • Often accused of cheating

  7. When to use a red team? • Evaluating developmental systems • Studying a particular adversary • How often do you get to pick a bad guy’s brain? • Studying adaptations & interactions • both human or cyber • Planning experiments • Scripting or planning attacks • even when you are NOT interested in adaptation. • Non-traditional Exercises • War gaming on a white board • “Ask the Adversary”, with your host …

  8. Tips for using Red Teams • Good communication between all parties is essential! • Realistic operational scenario helps. • Drives selection of appropriate “flags” • Flag selection is critical! • Rules of engagement • Consistent with Operational Scenario • Clear Exercise Goals • So everyone cooperates toward the same goals! • “I before E (Integration before Experimentation) , always!” • System needs to be working when the Red Team arrives • Arbitrator function • Consistent rulings from test director, white team, or judge.

  9. Current Challenges • Promoting & preserving diversity within the team • Developing & comparing different teams • Appropriate applications of Red Team methods • Effective experimentation methods & metrics • Transferring “lessons learned”

  10. In summary… • Experimentation can be fun! • Even with information systems. • Even with Red Teams :-) • Experiments need lots of planning & cooperation. • Good data is the ultimate goal. • This is new territory • We are making up the rules as we go! • We can make a lot of progress! Let’s rock & roll!

More Related