TOPICS OF DISCUSSION:
    ================================================================================================


    if focus is on cybersecurity in networks:

•         could data minimization be a way to collapse privacy and performance concerns with security concerns!
  • Jen's experience: companies prefer to have everything, performance is less of an issue than security
  • 
    
  • example of where this is interesting is in streaming algorithms
  • sketches: working with compact data structures out of interest in efficiency
  • 
    

if the project was developed differently: 

•     if what was secured was not the cyber but certain values
  • if privacy and freedom of expression were one of them
  • what would cybersecurity look like?
  • how would we guide cybersecurity research then?
  • 
    

distinction between characterization vs design people

• network characterization people
  • grounded in reality
  • data drive
  • 
    
• design people
• design secure protocols
• 
  
• very different in approach!
• 
  

Drawing parallels between the clean slate approach and game changing technologies

• clean slate: backward compatibility as an excuse against intellectual creativity, an anti-intellectual project
• 
  
• response: but they are so out of touch, the proposals are ungrounded
• 
  
• clean slate needs to start with something: what assumptions are you not willing to relax?
• following a discussion at the WhiteHouse: industry people and some others said, security of internet is so bad, and you have spent so much money and work on cybersecurity, why don't you just give us a new internet?
• the question is what is the trade off for making the internet more secure?
• there are cost/incentive barriers
• deployment issues: incremental: people look to see if others implemented something or not
• the government can play a positive role: set examples or through procurement
• but this is all dirty slate!
• 
  
• we need to start with certain assumptions that we are not willing to relax. you can't have all the goodies and none of the badies.
• what values are we going to bring with us to the clean slate?
• test assumption 1: all devices come with a self-certifying identity registered with a global authority
• if you don't want that, what happens to your solution space: which solutions fall off the table?
• 
  
• 
  
• What kind of attacks do we want, what do we want to do with attacks, what kind of attackers do we want?
  • honeypots: how long do you want attackers to be there? 
  • 
    
  • 
    

Privacy Red team?

• We don't have methodology at all, even if we wanted to do better
• how do you even go about doing a good job?
• have a privacy red team attack our solutions
• 
  
• but then you run into all the problems of collaborations
• FIA-NDN was successful because it had one person with a clear vision
• we are not good at designing by committe
• culturally difficult, collaboration is a difficult thing
• how do we go about it?
• 
  

• 
  
  • 
    

PEOPLE TO INVITE:
        ================================================================================================


chat with:
    Christopher Yoo


Fred Schneider

• cannot on 12-14
• can on the week of the 16th
• 
  

Jen Rexford:

•     cannot on the 12th
  • 14, 18, 20 are ok dates
  • 19th is a faculty meeting which Nick will have to go to, too
  • 
    

    Measurement Oriented Security:

•     Vern Saxson

•     Stefan Savage - UCSD

• Other people doing measurements: (could this be seen as positive/afformative cybersecurity research, is it also 
  • Phillipa Gil -> understanding censorship products
  • Becker Polverini -> greate firewall of china before and after olympics

• Jedidiah Crandall
• 
  
• Roger Dingledine
• 
  
• 
  

How about the UPenn people: what exactly are they working on (cybersecurity and differential privacy)

• Aaron Roth would be a name there
• 
  
• Lalitha Sankar

Vyas Sekar - CMU - middle boxes

Sharon Goldberg


David Clark

Alex Halderman

Stephanie Forest - UNM, computer security, bioengineered stuff and awareness of internet governance issues

Avi Rubin - Hopkins, firewalls

Rebecca Wright - discrete math, Rutgers

Joan Feigenbaum

Mutu also atRutgers



Notes of Meeting with Jen Rexford (amazing meeting)

Niksun Company -> Walter Willinger (also teaching a course this year on cybersecurity)



Notes from Walter Willinger Slides:

    Terminology:

        Dwell Time:
            The objective is to reduce dwell time and to identify damage done. It is about being able to account for the damage. 


        The attacker model:

            The life-cycle of the attacker is often described through the "intrusion kill chain":

•             reconnaissance -> weaponization -> delivery -> exploitation -> installation -> comman and control -> actions on objectives
  • This contrasts with the attacker models used in encryption: passive/active attacker defined based on information/observations as well as attacks, but typically not discussed in an elaborate life-cycle like the attacker in the "intrusion kill chain". 

            Sings of APT activities:

•                 increase in elevated log-ons
  • funding widespread backdoor trojans
  • unexpected information flows
  • focused spear-fishin campaigns against a company's employees
  • 
    
• One of the main problems that proponents say using machine learning for cybersecurity is to decrease what we don't know (!)
  • objective: reduce median dwell time
  • how: collect all the data necessary to check for the wide range of different signs of APT activities
  • bottom line: the more data, the better we can identify and stop APT!
    • more arguments: without the complete traffic (after the fact) intrusion reconstruction, network forensics, and/or real time attack deteaction are in general impossible to perform 

            Do we assume a strategic attacker: the gaming technologies propose using behavioral analysis to identify malicious/abnormal behavior, deception to attract attackers, and obfuscation to make their lives harder. What are the assumptions about the attacker's skill set: could they not employ adversarial algorithms, obfuscation, and deception themselves? 





Where do attacks come from?

According to Walter:

• - distill domain expert's understanding of different attack scenarios and try to describe attack specific "behaviors" as "interesting communication pattersn"
• - select queries/DSD algorithms that look for occurrences of such "interesting" patterns
• - Use combination of continuous queries (e.g., monitoring for changing trends/patterns) and one-time or ad-hoc queries
  • (e.g., examining particular behavior or patterns)
  • 
    
  • 
    

The role of visualization:

•     According to Walter:
  • Challenge: How to visualize in our target setting and in real-time the effect of a chosen mitigation strategy (rule-of-action) in response to a detected attack (e.g., co-lateral damage).
  • 
    
• ### seda: this raises questions about how visualization becomes central to understanding/capturing attacks and mitigation methods. What are the limitations of visualization as a method of cybersecurity and population management?
• 
  
•