TAG-Cyber-2018-Annual-Volume-1-Outlook-For-Fifty-Cyber-Security-Controls.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

TAG-Cyber-2018-Annual-Volume-1-Outlook-For-Fifty-Cyber-Security-Controls.Pdf Design – TAG Cyber LLC Finance – M&T Bank Research – TAG Cyber LLC Lead Author – Dr. Edward G. Amoroso Researchers – Liam Baglivo, Matt Amoroso, Miles McDonald Facilities – WeWork, NYC TAG Cyber LLC P.O. Box 260, Sparta, New Jersey 07871 Copyright © 2018 TAG Cyber LLC. All rights reserved. This publication may be freely reproduced, freely quoted, freely distributed, or freely transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system without need to request permission from the publisher, so long as the content is neither changed nor attributed to a different source. Security experts and practitioners must recognize that best practices, technologies, and information about the cyber security industry and its participants will always be changing. Such experts and practitioners must therefore rely on their experience, expertise, and knowledge with respect to interpretation and application of the opinions, information, advice, and recommendations contained and described herein. Neither the author of this document nor TAG Cyber LLC assume any liability for any injury and/or damage to persons or organizations as a matter of products liability, negligence or otherwise, or from any use or operation of any products, vendors, methods, instructions, recommendations, or ideas contained in any aspect of the 2018 TAG Cyber Security Annual volumes. The opinions, information, advice, and recommendations expressed in this publication are not representations of fact, and are subject to change without notice. TAG Cyber LLC reserves the right to change its policies or explanations of its policies at any time without notice. September 7, 2017 To the Reader: This 2018 TAG Cyber Security Annual – Volume 1: Outlook for Fifty Cyber Security Controls is a companion guide to the report of similar name issued last year. I will admit that it was tempting to take last year’s report and tweak a few words, add some new descriptions, and maybe draw a couple of fresh diagrams – and call the result a new report. Luckily, that lazy option passed, and instead, I spent an hour of each day for the past six months writing a new book. So, if you thought you’d get off easy, then forget it: You have some reading to do. This new volume complements two other new volumes issued as part of the TAG Cyber Security Annual series and available to you as free PDF downloads at https://www.tag-cyber.com/. I suppose one could debate whether our TAG Cyber material is useful, but there is full consensus that our material is voluminous. As always, we offer our reports at a whopping price of free, but I suspect that if we ever decide to sell these massive volumes, we will set pricing based on dollars-per-pound. The process used to create this volume had much in common with last year’s approach. The most obvious similarity is that I once again received a lot of help. Like last year, I carefully selected and reached out to a select group of cyber security technology vendors – most of them new this year – and asked that they invest the time, energy, and resources to help me learn their specialty. These wonderful Distinguished Vendors are listed on the next page – and I hope you’ll reach out and learn from them as well. Your time will be well spent. Also, like last year, I spent hours and hours and hours (and more hours) with enterprise security professionals and Chief Information Security Officers (CISOs) from every sector in business and government. I invited them to dinners, I cajoled them into weekly discussion sessions, and I cornered them at every conference. I think some now head the other way when they see me approaching. But this is necessary, because cyber security only comes into focus with many different perspectives. Even within the same company, I often hear different answers to the same question. So, there are no shortcuts. An awesome new input this year was the group of paying customers (yes, that’s right) for which my growing TAG Cyber team – Liam Baglivo, Matt Amoroso, and Miles McDonald – provided cyber security consulting. To respect their privacy, I won’t name the companies here, but they provided amazing insights into current views on best practices in cyber defense. These clients included two banks, a software company, a government support team, a tech company, a non-profit, and a medical device company. Assisting on their projects was enormously helpful in the creation of this volume. My annual caveat on bias must start with AT&T, where I served for thirty-one incredible years. I continue to believe that the expert team there is doing groundbreaking work in software defined networking under John Donovan, and it is ridiculous for me to try to appear unbiased. My comments on managed security services offer a glowing vision of self-provisioned, virtualized security via cloud and SDN, and if that appears to align with AT&T’s approach – well, then I admit the alignment. I spent years helping to design that work, so I cannot untangle myself. I have, however, carefully removed myself this year from all major boards. I loved my year with M&T Bank as an Independent Director on their Corporate Board, but the relationship has been redesigned as senior consultative. That is one fine group of people up in Buffalo, and I hope you use their banking services. I also stepped down from the NSA Advisory Board so that I could write openly, publish more freely, and devote the proper amount of time required for this research. That government board included an awesome group of amazing volunteers and civil servants – and I wish each of them well. My academic affiliations remain intact, albeit perhaps more intense. I continue to teach two courses per year in a massive lecture hall to about two-hundred graduate students at the Stevens Institute of Technology annually. I’ve also accepted a position as a Research Professor at NYU, where I focus on cooperative learning, government-funded research, and cyber awareness events for executives. Finally, I continue to serve as a Senior Advisor to the Applied Physics Lab at Johns Hopkins University, where I support a group of ridiculously smart technologists. Anyway, enough about me: It’s time that you dive into this 2018 TAG Cyber Security Annual: Volume 1 – Outlook for Fifty Cyber Security Controls. As you read the book, my advice is to use the Feynman self-summarization technique to absorb the material using a sharpened Ticonderoga, a fresh lined pad, and an open mind. I hope this book is useful to you. Dr. Edward G. Amoroso Chief Executive Officer, TAG Cyber LLC Fulton Street Station on Broadway 2018 TAG Cyber Distinguished Vendors Each of the vendors listed below invested their valuable time, resources, and money in the development of the volume you have in your hands. They were carefully hand-selected based on the uniqueness, importance, and relevance of their offering to Chief Information Security Officer (CISO) teams from the nearly 1500 vendors we cover each year. I would list them all as co- authors if that was feasible – but of course, it is not. Instead, they are listed below alphabetically, with a brief note of thanks for their unique insight, friendship, and support of the global cyber security industry. It goes without saying that any unexpected errors in this volume, or recommendations that might ultimately prove incorrect, are entirely my fault – not theirs. Here is the list, with a word or two about their fine leaders: 4iQ – I loved working with the 4iQ team this year, including Monica Pal and Julio Casal. The digital risk monitoring and identity threat intelligence services they provide represent one of the most important contributions in our cyber security industry. Agari – It was a delight working again with Pat Peterson and the new Agari CEO Ravi Khatod. The Agari team helped me understand email security perhaps better than any other group – and I am so appreciative of their assistance. AlienVault – Roger Thornton is such a wonderful technologist, always available to expertly help explain some aspect of advanced cyber security. My thanks go to Roger and the entire AlienVault team for their partnership with TAG Cyber. Appthority – Domingo Guerra was generous with his time helping to explain how app risk can be extended to holistic mobility management. Paul Stich, as always, continues to be such a wonderful contributor to our cyber security industry. Arbor Networks – Brian McCann and his team continue to do such a great job reducing DDOS risk and helping to assure business communications. The Arbor team is first class and always great hosts for visits to Boston. Ataata – It was a delight getting to know Michael Madon, CEO of Ataata, and to immerse in his original and amazing content. His fine subscription-based content offering provides an accurate glimpse into the future of security awareness. AT&T – The security community at my former employer has been so incredibly helpful to the TAG Cyber team in areas such as MSS, SDN, NFV, and evolving threat. The Government Solutions team has also been a delight to work with this year! Attivo Networks – Tushar Kothari and his capable team at Attivo continue to improve and advance the state of the art in modern cyber deception for the enterprise. The support and friendship of the entire Attivo team are so appreciated. Bayshore Networks – Francis Cianfrocca is one of my favorite industry partners. His enthusiasm, knowledge, and good humor are such wonderful assets to the IoT/OT/ICS industry. Thank you – Francis, for our many detailed discussions! Blackridge Technology – When John Hayes and Mike Miracle explained first packet authentication to me, I was totally blown away by the concept.
Recommended publications
  • Statistics for Sdo2.Oma.Be (2021-02) - Main
    Statistics for sdo2.oma.be (2021-02) - main Statistics for: sdo2.oma.be Last Update: 01 Mar 2021 - 00:00 Reported period: Month Feb 2021 When: Monthly history Days of month Days of week Hours Who: Countries Full list Hosts Full list Last visit Unresolved IP Address Robots/Spiders visitors Full list Last visit Navigation: Visits duration File type Downloads Full list Viewed Full list Entry Exit Operating Systems Versions Unknown Browsers Versions Unknown Referrers: Origin Referring search engines Referring sites Search Search Keyphrases Search Keywords Others: Miscellaneous HTTP Status codes Pages not found Summary Reported period Month Feb 2021 First visit 01 Feb 2021 - 00:10 Last visit 28 Feb 2021 - 23:21 Unique visitors Number of visits Pages Hits Bandwidth 652 903 7,528 32,360 82.04 GB Viewed traffic * (1.38 visits/visitor) (8.33 Pages/Visit) (35.83 Hits/Visit) (95270.57 KB/Visit) Not viewed traffic * 28,374 37,407 96.96 GB * Not viewed traffic includes traffic generated by robots, worms, or replies with special HTTP status codes. Monthly history Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec 2021 2021 2021 2021 2021 2021 2021 2021 2021 2021 2021 2021 Month Unique visitors Number of visits Pages Hits Bandwidth Jan 2021 690 1,051 98,163 104,987 1443.12 GB Feb 2021 652 903 7,528 32,360 82.04 GB Mar 2021 0 0 0 0 0 Apr 2021 0 0 0 0 0 May 2021 0 0 0 0 0 Jun 2021 0 0 0 0 0 Jul 2021 0 0 0 0 0 Aug 2021 0 0 0 0 0 Sep 2021 0 0 0 0 0 Oct 2021 0 0 0 0 0 Nov 2021 0 0 0 0 0 Dec 2021 0 0 0 0 0 Total 1,342 1,954 105,691 137,347 1525.16 GB Days of
    [Show full text]
  • Understanding the Value of Arts & Culture | the AHRC Cultural Value
    Understanding the value of arts & culture The AHRC Cultural Value Project Geoffrey Crossick & Patrycja Kaszynska 2 Understanding the value of arts & culture The AHRC Cultural Value Project Geoffrey Crossick & Patrycja Kaszynska THE AHRC CULTURAL VALUE PROJECT CONTENTS Foreword 3 4. The engaged citizen: civic agency 58 & civic engagement Executive summary 6 Preconditions for political engagement 59 Civic space and civic engagement: three case studies 61 Part 1 Introduction Creative challenge: cultural industries, digging 63 and climate change 1. Rethinking the terms of the cultural 12 Culture, conflict and post-conflict: 66 value debate a double-edged sword? The Cultural Value Project 12 Culture and art: a brief intellectual history 14 5. Communities, Regeneration and Space 71 Cultural policy and the many lives of cultural value 16 Place, identity and public art 71 Beyond dichotomies: the view from 19 Urban regeneration 74 Cultural Value Project awards Creative places, creative quarters 77 Prioritising experience and methodological diversity 21 Community arts 81 Coda: arts, culture and rural communities 83 2. Cross-cutting themes 25 Modes of cultural engagement 25 6. Economy: impact, innovation and ecology 86 Arts and culture in an unequal society 29 The economic benefits of what? 87 Digital transformations 34 Ways of counting 89 Wellbeing and capabilities 37 Agglomeration and attractiveness 91 The innovation economy 92 Part 2 Components of Cultural Value Ecologies of culture 95 3. The reflective individual 42 7. Health, ageing and wellbeing 100 Cultural engagement and the self 43 Therapeutic, clinical and environmental 101 Case study: arts, culture and the criminal 47 interventions justice system Community-based arts and health 104 Cultural engagement and the other 49 Longer-term health benefits and subjective 106 Case study: professional and informal carers 51 wellbeing Culture and international influence 54 Ageing and dementia 108 Two cultures? 110 8.
    [Show full text]
  • Next-Gen Technology Transformation in Financial Services
    April 2020 Next-gen Technology transformation in Financial Services Introduction Financial Services technology is currently in the midst of a profound transformation, as CIOs and their teams prepare to embrace the next major phase of digital transformation. The challenge they face is significant: in a competitive environment of rising cost pressures, where rapid action and response is imperative, financial institutions must modernize their technology function to support expanded digitization of both the front and back ends of their businesses. Furthermore, the current COVID-19 situation is putting immense pressure on technology capabilities (e.g., remote working, new cyber-security threats) and requires CIOs to anticipate and prepare for the “next normal” (e.g., accelerated shift to digital channels). Most major financial institutions are well aware of the imperative for action and have embarked on the necessary transformation. However, it is early days—based on our experience, most are only at the beginning of their journey. And in addition to the pressures mentioned above, many are facing challenges in terms of funding, complexity, and talent availability. This collection of articles—gathered from our recent publishing on the theme of financial services technology—is intended to serve as a roadmap for executives tasked with ramping up technology innovation, increasing tech productivity, and modernizing their platforms. The articles are organized into three major themes: 1. Reimagine the role of technology to be a business and innovation partner 2. Reinvent technology delivery to drive a step change in productivity and speed 3. Future-proof the foundation by building flexible and secure platforms The pace of change in financial services technology—as with technology more broadly—leaves very little time for leaders to respond.
    [Show full text]
  • The Role of Business in Disaster Response a Business Civic Leadership Report BCLC Is an Affilliate of the U.S
    The Role of Business in Disaster Response A Business Civic Leadership Report BCLC is an affilliate of the U.S. Chamber of Commerce. The Role of Business in Disaster Response Introduction Information Technology S 2 Business Civic Leadership Center 30 Cisco Corporate Expertise in Disasters Using Expert Networking Knowledge to Assist T Communities in Crisis Resilience 32 IBM Preparedness Beyond Search & Rescue: Improving Disaster Zone’s Long-Term Prospects 6 Office Depot Talking About Preparedness: EN 34 Google Leave No Stone Unturned Google’s Crisis Response Initiative 8 Citi T 36 Microsoft Natural Disaster Financial Management: Increasing Information and Technology Capacity It’s All About Precrisis Preparation in Times of Disaster 10 Shell A Strategic Approach to Response and Recovery Insurance 40 Allstate A Promise to Our Communities Is Our Business Public-Private Partnership CON 14 Maryland Emergency Management Agency Infrastructure F Maryland Businesses Get Their Stake in 44 Degenkolb Engineers Emergency Response Degenkolb’s 70-Year Tradition of Earthquake Chasing Lessons Learned 16 Walmart Public-Private Collaboration: Six Years 46 Proteus On-Demand After Hurricane Katrina Learn From the Past, Be Involved in the Future E O 48 Project Jomo Storm of Ideas Logistics L 20 UPS We Love the Logistics of Disaster Response Debris Removal 22 FedEx 52 Caterpillar Logistics Support During Disasters: Changing Lives Through Sustainable Progress Another Day at the Office 54 Ceres Environmental TAB Helping Jefferson County Recover Food 26 Cargill An Unprecedented Crisis in the Horn of Africa Prompts an Extraordinary Response From Cargill bclc.uschamber.com 2012 • 1 INTRODUCTION Corporate Expertise in Disasters By Stephen Jordan and Gerald McSwiggan, U.S.
    [Show full text]
  • Physical Or Virtual Firewall for Perimeter Protection in Cloud Computer Infrastructure
    16th INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS & TECHNOLOGY MANAGEMENT - CONTECSI - 2019 DOI: 10.5748/16CONTECSI/ITM-6115 PHYSICAL OR VIRTUAL FIREWALL FOR PERIMETER PROTECTION IN CLOUD COMPUTER INFRASTRUCTURE Thiago Mello Valcesia - IPT - Instituto de Pesquisas Tecnológicas - [email protected] Antonio Luiz Rigo - IPT - Instituto de Pesquisas Tecnológicas - [email protected] SUMMARY This article presents an examination of the different types of firewalls geared toward protecting Datacenters. The idea is to perform a survey of the different ways of installation, the safety perceived by customers, the positive and negative points of each model and the market trends for perimeter protection. In addition, it is intended to categorize rules, protection filters, application inspection criteria and services offered by firewalls, by analyzing the various protection schemes available in firewalls, regardless of the structure as a service in Cloud adopted. Keywords: Physical firewall, Virtual firewall, Cloud firewall, Security, Cloud Computing. INTRODUCTION The term Digital Security is increasingly present in our daily lives. The need to protect computers or prevent corporate networks from receiving unnecessary traffic, improper access, and unknown packets, coupled with the concern of professional information security staff about content accessed by Internet users, make data control a vital task. Firewall is much more than a "fire wall" isolating the company network from the external world represented by the Internet. The Firewall function is therefore essential to raise the level of security of the internal environment, protecting it from external attacks, increasing security and reducing the vulnerability of the local network. There are currently three Firewall alternatives to install on enterprise networks that aggregate cloud network segments: 1.
    [Show full text]
  • 14 Months to Turn $2M Into $4M with Your Help CONTENTS
    MAGAZINE WINTER 2015 We have 14 months to turn $2M into $4M with your help CONTENTS Dean David Saunders welcomes alumni, faculty and staff to the annual Homecoming Brunch in Goodes Hall in October. ii MAGAZINE WINTERWINTER 2015 FEATURES 8 A NEW WAVE — Introducing seven new faculty members. 15 START-UPS SNAPSHOT — Alumni-led new ventures produce a treadmill desk, provide a novel income tax- preparation service and revolutionize colour 3-D printing. 18 VIVE LA RÉSISTANCE, TO CHANGE — Peter Lawton, BCom’74, uncovers a dark chapter in Parisian history. 20 BE A MATCHMAKER — Introducing a $2M gift-matching program that’s on a fixed deadline. PROFILES 22 UP AND AWAY — Inside Google’s Project Loon (“Balloon-Powered Internet for Everyone”) with Doug Wightman, BCom’04, PhD’13-Computer Science. 26 A SEAT AT THE TABLE — Brenda Trenowden, BCom’89, a 25-year international banking veteran, champions increasing the number of women on corporate boards. DEPARTMENTS 2 From the Dean 3 Inside Goodes 29 Alumni Notes 37 Alumni News MAGAZINE Queen’s School of Business’S MAGAZINE FOR ALUMNI & FRIENDS MANAGING EDITOR CONTRIBUTORS Shelley Pleiter Claire Bouvier [email protected] Yadira Gonzalez CONTRIBUTING EDITOR Andrea Gunn Amber Wallace, QSB Director of Kari Knowles Communications & External Relations Peter Lawton Tanya Ligthart DESIGN Alan Morantz ReVue Design & Communications Andrea Strike Published three times a year by Queen’s School of Business Kingston, Ontario, Canada K7L 3N6 Tel 613.533.3118 Fax 613.533.6978 Email [email protected] Web www.qsb.ca © Copyright 2015, Queen’s University Volume 55, Winter 2015 ISSN 0714798 Available by subscription and online at www.qsb.ca/magazine amont L uzy S FROM THE DEAN QSB ADVISORY Board MEMBERS Steven Albiani, BCom’03, Managing Partner, Stratum Advisory Group Inc.
    [Show full text]
  • Between Enforcement and Regulation
    Katharina Voss Between Enforcement and Regulation A Study of the System of Case Resolution Mechanisms Used by the Between Enforcement and Regulation Between European Commission in the Enforcement of Articles 101 and 102 TFEU Katharina Voss ISBN 978-91-7797-570-0 Department of Law Doctoral Thesis in European Law at Stockholm University, Sweden 2019 Between Enforcement and Regulation A Study of the System of Case Resolution Mechanisms Used by the European Commission in the Enforcement of Articles 101 and 102 TFEU Katharina Voss Academic dissertation for the Degree of Doctor of Laws in European Law at Stockholm University to be publicly defended on Friday 12 April 2019 at 10.00 in Nordenskiöldsalen, Geovetenskapens hus, Svante Arrhenius väg 12. Abstract This thesis examines the current design of the system of case resolution mechanisms used by the European Commission (the Commission) where an infringement of Articles 101 and 102 TFEU is suspected and advances some proposals regarding this design. Infringements of Articles 101 and 102 TFEU cause considerable damage to the EU economy and ultimately, to consumers. Despite intensified enforcement of Articles 101 and 102 TFEU and ever-growing fines imposed for such infringements, the Commission continues to discover new infringements, which indicates a widespread non-compliance with EU competition rules. This raises the question of whether the enforcement currently carried out by the Commission is suitable for achieving compliance with Articles 101 and 102 TFEU. The thesis is divided into four main parts: First, the objectives pursued by the system of case resolution mechanisms used by the Commission are identified.
    [Show full text]
  • The Fourth Paradigm
    ABOUT THE FOURTH PARADIGM This book presents the first broad look at the rapidly emerging field of data- THE FOUR intensive science, with the goal of influencing the worldwide scientific and com- puting research communities and inspiring the next generation of scientists. Increasingly, scientific breakthroughs will be powered by advanced computing capabilities that help researchers manipulate and explore massive datasets. The speed at which any given scientific discipline advances will depend on how well its researchers collaborate with one another, and with technologists, in areas of eScience such as databases, workflow management, visualization, and cloud- computing technologies. This collection of essays expands on the vision of pio- T neering computer scientist Jim Gray for a new, fourth paradigm of discovery based H PARADIGM on data-intensive science and offers insights into how it can be fully realized. “The impact of Jim Gray’s thinking is continuing to get people to think in a new way about how data and software are redefining what it means to do science.” —Bill GaTES “I often tell people working in eScience that they aren’t in this field because they are visionaries or super-intelligent—it’s because they care about science The and they are alive now. It is about technology changing the world, and science taking advantage of it, to do more and do better.” —RhyS FRANCIS, AUSTRALIAN eRESEARCH INFRASTRUCTURE COUNCIL F OURTH “One of the greatest challenges for 21st-century science is how we respond to this new era of data-intensive
    [Show full text]
  • CIO Guide to Application Modernization
    CIO Guide to Application Modernization May 2020 2 What You Need To Know The global pandemic has put unexpected pressures on businesses of all sorts — in ways no one was projecting at the beginning of the year. As a result, CIOs face a series of urgent challenges: • How can they raise system visibility and system control over operations that are more dispersed and changing than ever? • How can they cut costs, yet create a more agile and responsive IT system? • How can they do more with older data, even as they understand better the data from a market that is changing every week? • How can they help people work faster, with a minimum of change management, or set the stage for growth, while preserving capital? In many cases the answer is a step-by-step deployment of cloud computing technology, tailored to meet the most pressing needs first. Working with a comprehensive cloud provider, it is possible to create cloud systems that respect and preserve core assets, while enabling rapid modernization, in particular for the cost-aware agility and resilience of modern application architecture. Why You Should Keep Reading This guide offers a series of approaches to application modernization, from identifying needs and developing an action-oriented roadmap, to methods of identifying and effecting meaningful change in the most critical parts of your IT operations. We have also included at the end a list of key solutions that Google Cloud and our technology partners have to give your organization fast results. 3 Introduction Even before the current crisis, IT organizations saw pressure to be more agile and innovative.
    [Show full text]
  • OECD‘S Directorate for Science Technology and Industry
    THE ECONOMIC AND SOCIAL ROLE OF INTERNET INTERMEDIARIES APRIL 2010 2 FOREWORD FOREWORD This report is Part I of the larger project on Internet intermediaries. It develops a common definition and understanding of what Internet intermediaries are, of their economic function and economic models, of recent market developments, and discusses the economic and social uses that these actors satisfy. The overall goal of the horizontal report of the Committee for Information, Computer and Communications Policy (ICCP) is to obtain a comprehensive view of Internet intermediaries, their economic and social function, development and prospects, benefits and costs, and responsibilities. It corresponds to the item on 'Forging Partnerships for Advancing Policy Objectives for the Internet Economy' in the Committee‘s work programme. This report was prepared by Ms. Karine Perset of the OECD‘s Directorate for Science Technology and Industry. It was declassified by the ICCP Committee at its 59th Session in March 2010. It was originally issued under the code DSTI/ICCP(2009)9/FINAL. Issued under the responsibility of the Secretary-General of the OECD. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the OECD member countries. ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT The OECD is a unique forum where the governments of 30 democracies work together to address the economic, social and environmental challenges of globalisation. The OECD is also at the forefront of efforts to understand and to help governments respond to new developments and concerns, such as corporate governance, the information economy and the challenges of an ageing population.
    [Show full text]
  • Exploiting Cloud Management Services As an Information Leakage Channel
    I Heard It through the Firewall: Exploiting Cloud Management Services as an Information Leakage Channel Hyunwook Baek∗ Eric Eide [email protected] [email protected] University of Utah University of Utah Salt Lake City, UT, USA Salt Lake City, UT, USA Robert Ricci Jacobus Van der Merwe [email protected] [email protected] University of Utah University of Utah Salt Lake City, UT, USA Salt Lake City, UT, USA ABSTRACT Though there has been much study of information leakage chan- nels exploiting shared hardware resources (memory, cache, and disk) in cloud environments, there has been less study of the ex- ploitability of shared software resources. In this paper, we analyze the exploitability of cloud networking services (which are shared among cloud tenants) and introduce a practical method for build- ing information leakage channels by monitoring workloads on the cloud networking services through the virtual firewall. We also demonstrate the practicality of this attack by implementing two different covert channels in OpenStack as well as a new classof side channels that can eavesdrop on infrastructure-level events. By utilizing a Long Short-Term Memory (LSTM) neural network model, our side channel attack could detect infrastructure level VM creation/termination events with 93.3% accuracy. CCS CONCEPTS • Security and privacy → Distributed systems security; Fire- walls; • Computer systems organization → Cloud computing; • Networks → Cloud computing; Figure 1: Resource sharing of two requests KEYWORDS cloud management, cloud security, side channel, OpenStack 1 INTRODUCTION However, shared resources also cause interference among cloud tenants and can even be exploited as information leakage channels Resource sharing is a fundamental part of cloud computing.
    [Show full text]
  • Who Is Ivan Pepelnjak (@Ioshints)
    Virtual Firewalls Ivan Pepelnjak ([email protected]) NIL Data Communications Who is Ivan Pepelnjak (@ioshints) • Networking engineer since 1985 • Focus: real-life deployment of advanced technologies • Chief Technology Advisor @ NIL Data Communications • Consultant, blogger (blog.ioshints.info), book and webinar author • Teaching “Scalable Web Application Design” at University of Ljubljana Current interests: • Large-scale data centers and network virtualization • Networking solutions for cloud computing • Scalable application design • Core IP routing/MPLS, IPv6, VPN 2 © ipSpace.net / NIL Data Communications 2013 Virtual Firewalls Virtualization Webinars on ipSpace.net Coming in 2013 Coming in 2013 vSphere 5 Update Overlay Virtual Networking Coming in 2013 Virtual Firewalls OpenFlow and SDN Use Cases VXLAN Deep Dive OpenFlow VMware Networking Cloud Computing Networking Introduction to Virtualized Networking Availability Other options • Live sessions • Customized webinars • Recordings of individual webinars • ExpertExpress • Yearly subscription • On-site workshops 3 InterMore© ipSpace.net- DCinformation /FCoE NIL Data Communications has @ very2013 http://www.ipSpace.net/Webinars limitedVirtual use Firewalls and requires no bridging Firewalls Used To Be Easy Packet filters Application-level firewalls (WAF) Firewalls Stateful Load firewalls balancers? 4 © ipSpace.net / NIL Data Communications 2013 Virtual Firewalls Routed or Bridged? Routed (inter-subnet) Transparent (bridged) • Packet filtering and IP routing • Packet filtering and bridging
    [Show full text]