O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×

If You Don't Like the Game, Hack the Playbook... (Zatko)

Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Próximos SlideShares
Anatomy of an Attack
Anatomy of an Attack
Carregando em…3
×

Confira estes a seguir

1 de 10 Anúncio

Mais Conteúdo rRelacionado

Semelhante a If You Don't Like the Game, Hack the Playbook... (Zatko) (20)

Mais de Michael Scovetta (20)

Anúncio

Mais recentes (20)

If You Don't Like the Game, Hack the Playbook... (Zatko)

  1. 1. Peiter “Mudge” Zatko Program Manager, Information Innovation Office If you don't like the game, hack the playbook... DARPA Cyber Colloquium Arlington, VA November 7, 2011 Approved for Public Release, Distribution Unlimited.
  2. 2. The Problem: Not Convergent x Unified Threat 10,000,000 Management 8,000,000 Lines of Code Security software 6,000,000 4,000,000 x Network Flight 2,000,000 Recorder Milky Way Malware: DEC Seal Stalker x Snort 125 lines of code* x x x 0 1985 1990 1995 2000 2005 2010 * Public sources of malware averaged over 9,000 samples (collection of exploits, worms, botnets, viruses, DoS tools) Approved for Public Release. Distribution Unlimited.
  3. 3. Maker spaces and boutique security firms • Small groups of motivated and like minded researchers have repeatedly shown significant talent and capabilities. • Commodity high end computing, personal prototyping and fabrication capabilities, and open software tools remove barrier to entry. • The new “home brew computer club”… • This relationship needs to be mutually beneficial. DARPA intends to cultivate relations and become a resource. Number of US Maker Spaces 120 100 80 60 40 NYC Resistor – Brooklyn, NY 20 Source: Make Magazine 0 1985 1990 1995 2000 2005 2010 Approved for Public Release. Distribution Unlimited.
  4. 4. The New Cyber Braintrust Assembly, Helsinki, Finland May 8, 2004 Approved for Public Release. Distribution Unlimited.
  5. 5. Cyber Fast Track DARPA-PA-11-52 Approved for Public Release, Distribution Unlimited.
  6. 6. Patient Zero Dino Dai Zovi Hank Leininger Fyodor Bruce Potter Approved for Public Release. Distribution Unlimited.
  7. 7. Cyber Fast Track Themes • Crowd • Many eyes on many efforts • Fast and cheap • Faster than adversary lifecycle (transition while still relevant) • Low price point • Diverse • Numerous approaches • Numerous efforts The key to a good strategy is to have multiple options. Approved for Public Release. Distribution Unlimited.
  8. 8. Current Cyber Fast Track Efforts Performer Effort Period of Performance Rogue Networks Methods of Detecting Malicious Web Server Traffic 3 Months Immunity Federal Combining Expert Knowledge and Symbolic Analysis 7 Months Services, LLC for Detection of Exploitable Bugs Evaluation of Near Field Communication in Mobile Charlie Miller 7 Months Smartphones Secure Ideas, LLC MobiSec Live Environment Mobile Testing Framework 3 Months Korelogic, Inc. Hand Held Testing 2 Months Assured Information MoRE: Measurement of Dynamic Code 4 Months Security, Inc. TinyLANE - Mobile Hardware Endpoint Security for Peak Security, Inc. 9 Months Individuals A Language to Control and Automate Cyber Raphael Mudge 7 Months Capabilities Approved for Public Release, Distribution Unlimited.
  9. 9. Cyber Fast Track So Far… In its first 2 months: • 31 submissions - 19 non-traditional performers • 8 awards - 7 non-traditional performers • Average time from submission to award is 7 days • Average period of performance: 5 months www.cft.usma.edu Approved for Public Release, Distribution Unlimited.
  10. 10. Cyber Fast Track PA #: DARPA-PA-11-52 CyberFastTrack@DARPA.MIL DARPA CFT Town Hall meetings URL: http://www.cft.usma.edu Contact: CyberFastTrack@darpa.mil Approved for Public Release. Distribution Unlimited.

×