Network Deception as a Threat Intelligence Platform
Vincent Urias - Sandia
Feb 01, 2017Size: 242.1MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractThe threat landscape is changing significantly; complexity and rate of attacks is ever increasing, and the network defender does not have enough resources (people, technology, intelligence, and context) to make informed decisions. The need for network defenders to develop and create proactive threat intelligence is on the rise. Network deception may provide analysts the ability to collect raw intelligence about threat actors as they reveal their Tools, Tactics, and Procedures (TTP). This increased understanding of the latest cyber-attacks would enable cyber defenders to better support and defend the network, thereby increasing the cost to the adversary by making it more difficult to successfully attack an enterprise. This talk will discuss our deception framework, we have created a live, unpredictable, and adaptable Deception Environment leveraging virtualization/cloud technology, software defined networking, introspection and analytics. The environment not only provides the means to identify and contain the threat, but also facilitates the ability to study, understand, and develop protections against sophisticated adversaries. By leveraging actionable data, in real-time or after a sustained engagement, the Deception Environment may be easily modified to interact with and change the perception of the adversary on-the-fly. This ability to change what and where the attacker is on the network, as well as change and modify the content of the adversary on exfiltration and infiltration, is the defining novelty of our Deception Environment.
About the SpeakerVincent was raised by his grandparents, both originally from Guatemala who immigrated to the U.S. in the 1960’s. As a family, they moved from Manhattan to Albuquerque, New Mexico when Vincent was six years old. Dedicated to their grandchild and his upbringing, they taught him to take responsibility for his own life, to give back to his community and to his country. A curious boy who broke things while taking them apart to see how they worked, he was also entrepreneurial starting a candy selling business in elementary school. He saved his money and bought things that his grandparents could not afford, like a soldering kit.
Vincent grew up in neighborhood labeled the “War Zone” made up of hard working but largely impoverished immigrants with its share of violence and gang problems as well as remarkable diversity. Vincent stayed out of trouble becoming involved in extracurricular activities and one of those, the Upward Bound Program gave him the opportunity to spend a high school summer at the University of New Mexico taking classes in math, literature, science and electives. Vincent took advantage of many opportunities this program would offer.
His entrepreneurial spirit got him taking community college classes while still in high school and in his sophomore year, he was accepted for an internship at Sandia National Laboratories in its computer support unit. With the support of mentors, he was soon one of the go-to techs fixing computers and getting networks running again. A CyberCorps Scholarship for Service allowed him to stay at Sandia after graduation. He continued to excel and taking associated undergraduate and graduate level internships while earning his bachelor’s and master’s degree in computer science from New Mexico Tech.
Today, Vincent Urias is a computer engineer, and Principal Member of Technical Staff in Sandia’s Cyber Analysis Research Development Department continuing to make major contributions to Sandia’s cyber defense programs, especially in the simulation of complex networks, in developing innovative cyber security methods, and in designing exercise scenarios that test the limits of current network security. This work is helping Sandia’s customers anticipate current and emerging security threats and make critical decisions about their investments.
Vincent and his team use technologies to conduct cyber defense exercises in partnership with the U.S. Department of Defense, and to support national security in collaboration with colleagues at other U.S. Department of Energy national laboratories, Department of Defense national laboratories, and the U.S. military.
Vincent gives back to the community in a variety of ways, providing guidance and inspiration to college interns in the lab’s Center for Cyber Defenders, he supports building computer labs for local organizations and is also helping to create an Urban Wildlife Refuge in Albuquerque’s South Valley among other things. Vincent is currently pursuing his Ph.D. in computer science, at New Mexico Tech. He was honored by GMiS with a HENAAC Luminary Award in October of 2016.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.