Download
1 / 5
100 likes | 924 Views
Threats to Information Systems. Don Faatz 5 October 1999. Adversaries are malicious. Adversary is deliberately pursuing a goal - attack is a means to an end Defender’s response to attack may be the goal Deny service Reduce capability Attack may be intended to mislead the defender
E N D
Threats to Information Systems Don Faatz 5 October 1999
Adversaries are malicious • Adversary is deliberately pursuing a goal - attack is a means to an end • Defender’s response to attack may be the goal • Deny service • Reduce capability • Attack may be intended to mislead the defender • Attacks may be combined into a “campaign” • Attack probabilities are volatile • Addressing one branch of an attack tree changes likelihood of other branches • Every piece of software has been sabotaged • Easter eggs
Adversaries evolve • Adversaries learn from every encounter with a defense mechanism • stack attack becomes heap attack • attacks evolve much faster than defenses • Defenders must consider how a defense will make an adversary behave in the future • searching all potential future moves • Defenses must be built with appropriate flexibility to handle adversary evolution • There are no rules for adversaries • “They didn’t attack where we put our sensors …”
Normal System Functionality Represents an Exposure • Who is doing it versus what is being done • Who is hard question to answer • Privacy concerns may keep it a hard question • Other dimensions, when, how much, may also represent and attack • Every service is a tradeoff between exposure and functionality • chargen/echo • finger • login
