Resilient Systems for Mission Assurance
Dave Keppler - MITRE
Oct 01, 2008Size: 437.5MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractThe ability for information services to continue operating despite attacks is a core enabler of mission assurance goals. Existing security techniques lack this concept of resilience and are inadequate for protecting critical services and data against targeted attacks by sophisticated adversaries. Widely implemented signature and anomaly-based detection techniques fail to keep pace with the advancement of attacker sophistication.
Our objective is to develop and prototype resilience techniques that make applications impervious to the damaging effects of attacks without relying on identifying and filtering specific attacks. We employ effects-based countermeasures to impart resilience to applications, creating an environment inhospitable to attack goals, and countering previously unknown attacks on service utility, in particular, code injection and data subversion.
About the SpeakerDavid Keppler is a Senior Information Security Scientist in the Information Assurance division at The MITRE Corporation. At MITRE, David has participated in several research projects in information security, including projects on assured information sharing, active worm defense, and attribute-based access control. He currently leads a MITRE Sponsored Research project that is investigating techniques to nullify vulnerabilities in software applications via diversification and obfuscation. Prior to joining MITRE, David worked for the Air Force Research Laboratory. He received a B.S. and M.Eng. degree in Computer Science from Cornell University.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.