Event
Booz Allen Colloquium: William Sanders, Univ. of Illinois, "Making Sound Cyber Security Decisions"
Friday, October 15, 2010
3:00 p.m.
Kim Engineering Building, Lecture Hall, Rm. 1110
Jess Molina
301 405 4471
jmolina2@umd.edu
http://www.ece.umd.edu/colloquium
Booz Allen Hamilton Distinguished Colloquium in Electrical and Computer Engineering
"Making Sound Cyber Security Decisions Through a Quantitative Metrics Approach"
Prof. William Sanders
Donald Biggar Willett Professor of Engineering, Electrical and Computer Engineering & Computer Science, Information Trust Institute
University of Illinois, Urbana-Champaign
Abstract:
Making sound security decisions when designing, operating, and maintaining a complex system is a challenging task. Analysts need to be able to understand and predict how different factors a ffect the overall system security. During system design, security analysts want to compare the security of multiple proposed system architectures. After a system is deployed, analysts want to determine where security enhancement should be focused by examining how the system is most likely to be successfully penetrated. And when several security enhancement options are being considered, analysts would like to evaluate the relative merits of each. In each of these scenarios, quantitative security metrics could provide insight on system security and aid security decisions. Quantitative metrics enable ranking the alternatives to determine the best option. Quantitative assessments of system security are also valuable for risk management trade-off decisions.
To provide insight on system security and aid decision-makers, we propose the ADversary VIew Security Evaluation (ADVISE) method to quantitatively evaluate the strength of a system's security. Our approach is to create an executable state-based security model of a system. The security model is initialized with information characterizing the system and the adversaries attacking the system. The model then simulates the attack behavior of the adversaries to produce a quantitative assessment of system security strength. This talk describes the system and adversary characterization data that are collected as input for the executable model. It also describes the simulation algorithms for adversary attack behavior and the computation for the probability that an attack attempt is successful. A simple case study illustrates how to analyze system security using the ADVISE method. A tool is currently under development to facilitate automatic model generation and simulation. The ADVISE method aggregates security-relevant information about a system and its adversaries to produce a quantitative security analysis useful for holistic system security decisions.
Bio:
William H. Sanders is a Donald Biggar Willett Professor of Engineering, the Director of the Information Trust Institute, and the Acting Director of the Coordinated Science Laboratory at the University of Illinois. He is a professor in the Department of Electrical and Computer Engineering and Affiliate Professor in the Department of Computer Science. He is a Fellow of the IEEE and the ACM. He is a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. In addition, he serves on the editorial board of Performance Evaluation.
Dr. Sanders's research interests include performance/dependability/security evaluation, dependable and secure computing, and reliable distributed systems. He has published more than 200 technical papers in these areas. He is currently the Director and PI of two centers at Illinois, the NSF/DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIP) Center, and the DOE/DHS TCIPG Center, aimed at making the power grid resilient to attacks and failures. He is a co-developer of three tools for assessing computer-based systems: METASAN, UltraSAN, and Möbius. Möbius and UltraSAN have been distributed widely to industry and academia; more than 500 licenses for the tools have been issued to universities, companies, and NASA for evaluating the performance, dependability, and security of a variety of systems.
