Markowsky Research Overview 05/20/21 Research Overview Dr. George Markowsky Department of Computer Science Missouri University of Science & Technology 1 Research Overview • Two main areas • CS Theory & Mathematics • Algorithms • Combinatorics • Foundations of Computing • Quantum Computing • Cyber Society Lab – The Impact of Computing on Society • Voting – a series of talks in 2019 and 2020, worked with Missouri County Clerks • Modeling – Covid-19 • Cybersecurity – many topics, each worthy of a talk 2 High-level Cybersecurity 1 Markowsky Research Overview 05/20/21 Cybersecurity A High-Level Perspective Dr. George Markowsky Missouri University of Science & Technology 3 https://www.statista.com/statistics/615450/cybersecurity-spending-in-the-us/ 4 High-level Cybersecurity 2 Markowsky Research Overview 05/20/21 5 The loss is 7.5 times what we spend on cybersecurity! 6 High-level Cybersecurity 3 Markowsky Research Overview 05/20/21 7 8 High-level Cybersecurity 4 Markowsky Research Overview 05/20/21 9 What is Going On Here? • We spend ever more money for cybersecurity • Our losses continue to mount and grow annually • There is no end in sight • What can we do? 10 High-level Cybersecurity 5 Markowsky Research Overview 05/20/21 Return to First Principles 1. Know Your Enemy a. Who Is Attacking You and Why? 2. Know Yourself a. What are Your Vulnerabilities? b. The Internet of Things 3. Making the Abstract Concrete 11 Know Your Enemy 12 High-level Cybersecurity 6 Markowsky Research Overview 05/20/21 Multi-Level Cyber Struggle INSIDER THREATS! The levels are not independent! 13 Watch for Insiders and Trickery 14 High-level Cybersecurity 7 Markowsky Research Overview 05/20/21 15 Cyberwar • I would argue that we are currently engaged is a rather active cyberwar – I have a talk available on the concept of cyberwar • Do you think that criminal gangs can operate in Russia and China without the government knowing all about them? 16 High-level Cybersecurity 8 Markowsky Research Overview 05/20/21 17 Know Yourself 18 High-level Cybersecurity 9 Markowsky Research Overview 05/20/21 Most Common Causes of Data Breach • Weak and Stolen Credentials, a.k.a. Passwords • Back Doors, Application Vulnerabilities • Malware • Social Engineering • Too Many Permissions • Insider Threats • Improper Configuration and User Error 19 The Main Problem • Your own people! • Security is a bother • Security is too abstract • Complacency • Hopelessness • Do you think that the annual "cybersecurity training" at S&T is sufficient? • This is not to say, that there not technological problems – will return to this later 20 High-level Cybersecurity 10 Markowsky Research Overview 05/20/21 Making the Abstract Concrete 21 Cybersecurity is Too Abstract • Most people do not have a good intuitive grasp of cybersecurity • I believe that it is helpful to offer people physical models, so they better understand the issues • As we know, people respond emotionally to the concept of a "wall" and believe that walls offer security • It is actually quite instructive to look at some famous examples of walls and see what the benefits and drawbacks are 22 High-level Cybersecurity 11 Markowsky Research Overview 05/20/21 How Would You Attack This Wall? https://commons.wikimedia.org/wiki/File:GreatWall_2004_Summer_1A.jpg 23 https://en.wikipedia.org/wiki/Maginot_Line#/media/File:Maginot_Line_ln-en.svg 24 High-level Cybersecurity 12 Markowsky Research Overview 05/20/21 Castles • Castles provide another metaphor for security • Unfortunately, people think that they understand castles, but many people have the most simplistic ideas of castles • Castles were the logical product of hundreds of years experience in defense and incorporated a large number of useful defensive concepts that can be adapted to cybersecurity • I have a number of papers written on the subject of the cybercastle and how one can build better cyberdefenses based on historical ideas of security 25 26 High-level Cybersecurity 13 Markowsky Research Overview 05/20/21 RIVER Inner Wall Outer Wall Town Wall Outer Ward Inner Start with an Ward overall plan Moat Drawbridge Gate Fortified Town Gate Gate Unfortified Town 27 Clever Use of Topography Srebrenik Fortress in Srebrenik, Bosnia, inaccessibility of location with only a narrow bridge traversing deep canyon provides excellent protection. https://commons.wikimedia.org/wiki/File:Let_vrtulnikem11_-_hrad_Srebrenik_(13.-18._stol.)_jeste_lepe.jpg 28 High-level Cybersecurity 14 Markowsky Research Overview 05/20/21 Notice the Inner Walls Are Taller! Beaumaris Castle with curtain walls between the lower outer towers and higher inner curtain walls between the higher inner towers. https://commons.wikimedia.org/wiki/File:Beaumaris_aerial.jpg 29 Defending the Entrance 30 High-level Cybersecurity 15 Markowsky Research Overview 05/20/21 Castle Quiz – How Many of the Following Terms Can You Define? • arrow loop • embrasure • outer ward • bailey • flanking tower • palisade • barbican • footbridge • parapet walk • • bartizan foundation • pinnacle • batter • garderobe • battlement • great hall • portcullis • brattice • hoarding • postern • chapel • inner curtain • postern gate • chemise • inner ward • putlog hole • corbel • keep • rampart • corner tower • lists • stockade • covered parapet walk • machicolation • truss • crenelation • merlon • turret • • curtain wall moat • wall walk • drawbridge • outer curtain See also http://www.castlesontheweb.com/glossary.html 31 Lessons From The Cyber-Castle • Have a good plan for entire "city" and not just for the castle – secure network topology • Defense must be active • Concentric defenses • Inner defenses should support outer defenses • Plan good foundations • Have removable bridges, pathways • Use guile and deceit where possible • Direct your attackers where you want them to go • Know your attackers 32 High-level Cybersecurity 16 Markowsky Research Overview 05/20/21 Common Sense Defenses • Lock your doors (gates)! Bar your windows! • How many doors or windows does your cybercastle have? • More importantly, what constitutes a door or a window in a cybercastle? • How can you lock or bar it, if you don't know what it is? 33 High-level Cybersecurity 17.