Full Program »
IMPACT: Trusted Cyber Risk Research Data Sharing
Wednesday, 7 December 2016
13:30 - 15:00
Chair: Erin Kenneally
Title: IMPACT Program Overview
Speaker: Erin Kenneally, Cyber Security Division, DHS
The Information Marketplace for Policy and Analysis of Cyber-risk & Trust (IMPACT) program supports the global cyber risk research community by coordinating and developing real world data and information sharing capabilities (tools, models, and methodologies). In order to accelerate solutions around cyber risk issues and infrastructure security the IMPACT program enables empirical data and information sharing between and among the global cyber security research & development community in academia, industry and the government.
IMPACT offers a unique, distributed research data repository supported by a streamlined legal framework and centralized coordination of a controlled distribution of datasets. This centralized brokering and distributed provisioning between the data providers, data hosts and researchers addresses the operational, trust and administrative costs and challenges that impede sustainable and scalable data sharing. IMPACT continually adds new data that is responsive to cyber risk management (e.g., attacks and measurements) so the R&D community has timely and high value information to enhance research innovation and quality. The IMPACT model also serves as a laboratory for testing various data sharing models whether it be traditional batch transfers or newer data-as-a-service (DaaS) and visualization techniques, for example.
In this session, DHS PM Erin Kenneally will describe the IMPACT program, highlight important research challenges, and feature program performers.
Title: Mirai and the Future of IoT Malware
Speaker: Paul Royal, George Tech Information Security Center (GTISC)
In October 2016, tens of thousands of compromised IP cameras
and DVRs participated in a DDoS attack that disrupted Internet service
for millions of people. Mirai, the malware used to control those IoT
devices, has infected over half a million embedded systems. Starting
with source code released by the malware author, this presentation
examines the Mirai malware family and uses the resulting observations
to suggest trends IoT malware.
Title: USC Network Security Datasets: from DDoS to Outages
Speaker: John Heidemann, USC Information Sciences Institute
This talk will describe several classes of security-related network
data that we are collecting and curating at USC. Network packet and
flow data gives us live DDoS attacks and experimental data that shows
attacks at controlled rates, Internet census data provides a baseline
for "who is where", and outage data evaluates Internet stability,
another kind of security. All of our data is available at no cost.
About the Speakers:
Erin Kenneally is a Program Manager in the Cyber Security Division for the Homeland Security Advanced Research Projects Agency (HSARPA) at the DHS Science and Technology Directorate. Her portfolio includes trusted data sharing, privacy and Information Communication Technology (ICT) ethics, including managing the IMPACT (Information Marketplace for Policy and Analysis of Cyber-risk and Trust) Program. Prior to joining CSD, Kenneally was Founder and CEO of Elchemy, Inc., and served as Technology-Law Specialist at the International Computer Science Institute (ICSI) and the Center for Internet Data Analysis (CAIDA) and Center for Evidence-based Security Research (CESR) at the University of California, San Diego.
Erin is a licensed attorney specializing in information technology law, including privacy technology, data protection, trusted information sharing, technology policy, cybercrime, ICT ethics, and emergent IT legal risks. She holds Juris Doctorate and Masters of Forensic Sciences degrees, and is a graduate of Syracuse University and The George Washington University.
Paul Royal is an affiliate researcher at the Georgia Tech Information Security Center (GTISC). In this role, he engages in collaborative research on various aspects of the online threat landscape. Paul's latest effort at GTISC uses the IMPACT Cyber Trust program to offer large-scale malware analysis data at no cost to accredited organizations in the United States and other countries. Through IMPACT, GTISC shares data produced by the 100,000+ malware samples it processes each day to over 150 industry, government and academic organizations, who use the information for both research and operational purposes.
John Heidemann is a senior project leader at the University of
Southern California/Information Sciences Institute (USC/ISI) and a
research professor at USC in Computer Science. At ISI he leads the
ANT (Analysis of Network Traffic) Lab, studying how to observe and
analyze Internet topology and traffic to improve network reliability,
security, protocols, and critical services. He is a senior member of
ACM and fellow of IEEE.