national cybersecurity center of excellence
play

National Cybersecurity Center of Excellence Mitigating IoT-Based - PowerPoint PPT Presentation

Oct 01, 2023 •246 likes •671 views

National Cybersecurity Center of Excellence Mitigating IoT-Based DDoS Build 1 Demonstration Presentation April 10, 2019 Challenge There will be 20.4 billion connected IoT devices by 2020 (per Gartner) As IoT devices become more common

  1. National Cybersecurity Center of Excellence Mitigating IoT-Based DDoS Build 1 Demonstration Presentation April 10, 2019

  2. Challenge • There will be 20.4 billion connected IoT devices by 2020 (per Gartner) • As IoT devices become more common in homes and businesses, security concerns are also increasing • IoT devices represent one of the largest attack surfaces – Some have minimal security, are unprotected or are difficult to secure • DDoS attacks increased by 28% in 2017 (per Akamai) • Recently IoT devices have been exploited to launch DDoS attacks (e.g. Mirai) National Cybersecurity Center of Excellence nccoe.nist.gov 2

  3. Typical Home/Small Business Network (Without MUD) National Cybersecurity Center of Excellence nccoe.nist.gov 3

  4. Attacker Manufacturer Server Internet Home/Small Business

  5. Attacker Manufacturer Server Internet Home/Small Business

  6. Attacker Manufacturer Server Internet Home/Small Business

  7. Attacker Manufacturer Server Internet Home/Small Business

  8. Attacker Manufacturer Server Internet Home/Small Business

  9. Attacker Manufacturer Server Internet Home/Small Business

  10. Attacker Manufacturer Server Internet Home/Small Business

  11. Attacker Manufacturer Server Internet Home/Small Business

  12. Attacker Manufacturer Server Internet Home/Small Business

  13. Attacker Manufacturer Server Internet Home/Small Business

  14. Typical Home/Small Business Network (With MUD) National Cybersecurity Center of Excellence nccoe.nist.gov 14

  15. Attacker Manufacturer Server Internet Home/Small Business

  16. Attacker Manufacturer Server Internet Home/Small Business

  17. Attacker Manufacturer Server Internet Home/Small Business

  18. Attacker Manufacturer Server Internet Home/Small Business

  19. Attacker Manufacturer Server Internet Home/Small Business

  20. Architecture Overview National Cybersecurity Center of Excellence nccoe.nist.gov 20

  21. Logical Architecture Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (5b) Device (2a) MUD URL traffic filters Router or Switch (1) MUD (6) IP URL in Address DHCP transaction Update Protocol Update Server Devices National Cybersecurity Center of Excellence nccoe.nist.gov 21

  22. Demonstration National Cybersecurity Center of Excellence nccoe.nist.gov 22

  23. Step 1: Connect Device Home or Small Business Network Router or Switch (1) MUD URL in DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 23

  24. Step 1: Connect Device Router or 1. No session on interface Switch Devices 2. Connect MUD enabled IoT Device Devices Router or 3. Interface state changed to up Switch National Cybersecurity Center of Excellence nccoe.nist.gov 24

  25. Step 2a/2b: Send MUD URL to MUD Manager Home or Small Business Network One Device MUD Manager (2b) MUD URL FreeRadius (2a) MUD URL Router or Switch (1) MUD URL in DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 25

  26. Step 2a/2b: Send MUD URL to MUD Manager FreeRadius 1. FreeRadius service receives and passes MUD URL National Cybersecurity Center of Excellence nccoe.nist.gov 26

  27. Step 2b: Send MUD URL to MUD Manager 2. MUD Manager receives MUD enabled IoT Device MUD information from FreeRadius Service Manager National Cybersecurity Center of Excellence nccoe.nist.gov 27

  28. Step 3/4: Get MUD and Signature File Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (2b) MUD (4b) Signature file URL FreeRadius (2a) MUD URL Router or Switch (1) MUD URL in DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 28

  29. Step 3/4: Send MUD URL to MUD Manager MUD 1. MUD Manager receives message Manager MUD 2. Get MUD and Signature file Manager MUD 3. Verify MUD file Manager National Cybersecurity Center of Excellence nccoe.nist.gov 29

  30. Step 5a: Send Device Traffic Filters Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (2a) MUD URL Router or Switch (1) MUD URL in DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 30

  31. Step 5a: Send Device Traffic Filters MUD 1. MUD File parsed and translated to ACL (rules) Manager MUD 2. MUD Manager sends ACL Manager National Cybersecurity Center of Excellence nccoe.nist.gov 31

  32. Step 5a: Send Device Traffic Filters 3. FreeRadius receives ACL from MUD Manager FreeRadius National Cybersecurity Center of Excellence nccoe.nist.gov 32

  33. Step 5b: Send Device Traffic Filters Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (5b) Device (2a) MUD URL traffic filters Router or Switch (1) MUD URL in DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 33

  34. Step 5b: Send Device Traffic Filters FreeRadius 1. FreeRadius sends ACL to switch Router or 2. ACL received and configurations applied Switch National Cybersecurity Center of Excellence nccoe.nist.gov 34

  35. Step 6: IP Address Assigned Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (5b) Device (2a) MUD URL traffic filters Router or Switch (1) MUD (6) IP URL in Address DHCP transaction Devices National Cybersecurity Center of Excellence nccoe.nist.gov 35

  36. Step 6: IP address assigned 1. IoT Device receives IP address Devices National Cybersecurity Center of Excellence nccoe.nist.gov 36

  37. Step 6: IP address assigned Router or 1. Show access-session Switch Router or 2. Show access-lists Switch National Cybersecurity Center of Excellence nccoe.nist.gov 37

  38. Step 7: Test communication Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (5b) Device (2a) MUD URL traffic filters Router or Switch (1) MUD (6) IP URL in Address DHCP transaction Update Protocol Update Server Devices National Cybersecurity Center of Excellence nccoe.nist.gov 38

  39. Step 7: Test communication 1. Test browsing to “Update Server” Devices 2. Test browsing to unapproved server Devices National Cybersecurity Center of Excellence nccoe.nist.gov 39

  40. Next Steps Home or Small Business Network (3a) HTTPS get URL (MUD file) (4a) HTTPS get URL (Signature file) One Device MUD MUD Manager File Server (3b) MUD file (5a) Device (2b) MUD (4b) Signature file traffic filters URL FreeRadius (5b) Device (2a) MUD URL traffic filters Threat Signaling Threat Signaling Router or Server (w/ Intel Switch Provided data) (1) MUD (6) IP URL in Address DHCP transaction Update Protocol Update Server Devices National Cybersecurity Center of Excellence nccoe.nist.gov 40

  41. Questions

Recommend

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Harry Perper Chief Engineer National Cybersecurity FFRDC The MITRE Corporation 18 January, 2017 STRATEGY VISION

774 views • 9 slides
The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC Co-PI Towards Security

The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC Co-PI Towards Security

The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC Co-PI Towards Security Assured Cyberinfrastructure in Pennsylvania (SAC-PA) CI Cybersecurity Workshop June 22nd 2017 trustedci.org NSF Cybersecurity Center of Excellence

697 views • 26 slides
National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project Cloud Identity Summit June 19, 2017 PROJECT OVERVIEW Overview U.S. adoption of credit cards equipped with computer chips helps retailers achieve

364 views • 15 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National Cybersecurity Student Association Agenda Introductions Association Overview Vision Mission Objectives Benefits

498 views • 30 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent

National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent

ISACA-KENYA ANNUAL CONFERENCE 2018 National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent Ngundi HEAD OF NATIONAL KE-CIRT/CC & CYBERSECURITY CONTENT National Cybersecurity Policy Framework 1)

364 views • 21 slides
Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by

Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by

Pauliina Harrivaara Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by regional development non-profit agency Prizztech Ltd. The form of the organization is a network comprising of around 100 SM SMEs

324 views • 14 slides
NCL: Facilitating Cybersecurity Experimentation as a Community Liang Zhenkai National

NCL: Facilitating Cybersecurity Experimentation as a Community Liang Zhenkai National

NCL: Facilitating Cybersecurity Experimentation as a Community Liang Zhenkai National Cybersecurity R&D Lab (NCL) National Cybersecurity R&D Lab National Cybersecurity R&D Lab (NCL) Shared national infrastructure of

382 views • 17 slides
SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is

SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is

SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is nonprofit community healthcare organization that was established in November 1999. Recently, St. Hope implemented the Patient Centered Medical Home

534 views • 8 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

957 views • 47 slides
Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY

Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY

UNCLASSIFIED Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE) March 2011 UNCLASSIFIED UNCLASSIFIED 60 Day Cyber Review Building Capacity for a Digital Nation Promote

526 views • 14 slides
Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda

Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda

Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda 1. Welcome and Introductions 2. Case Study Presentation: Strong Towns 3. Center of Development Excellence Update 4. Center of Development

337 views • 16 slides
NATIONAL INTREPID CENTER SmithGroup | Turner Construction | National Naval Medical Center OF

NATIONAL INTREPID CENTER SmithGroup | Turner Construction | National Naval Medical Center OF

NATIONAL INTREPID CENTER SmithGroup | Turner Construction | National Naval Medical Center OF EXCELLENCE Traumatic Brain Injury Diagnostic and Research Facility National Naval Medical Center, Bethesda, MD NATIONAL INTREPID CENTER SmithGroup

443 views • 23 slides
Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security

Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security

http://www.rit.edu/cybersecurity Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security Rochester Institute of Technology Center Mission Research Interdisciplinary Real-world Human-centered

838 views • 57 slides
INTEGRATED CORRIDOR MANAGEMENT IN MARYLAND National Operation Center of Excellence (NOCoE)

INTEGRATED CORRIDOR MANAGEMENT IN MARYLAND National Operation Center of Excellence (NOCoE)

INTEGRATED CORRIDOR MANAGEMENT IN MARYLAND National Operation Center of Excellence (NOCoE) Webinar October 16, 2018 Subrat Mahapatra Deputy Director/ TSMO Program Manager MDOT SHA Office of CHART & ITS Development ABOUT MARYLAND AMERICA

250 views • 23 slides
National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security

National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security

Federal Information Systems Security Educators March 19, 2014 National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity Education & Awareness Branch (CE&A) T HE CYBER THREAT

315 views • 13 slides
Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National Cybersecurity Center of Excellence Safety/Evacuation Evacuation Emergencies What Will Happen During an Evacuation Event? A building-wide alarm will

259 views • 12 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital Government Phil l Bertoli lini Co-Director, Center for Digital Government Agenda Cybersecurity Issues & Trends Cybersecurity

720 views • 57 slides
Upcoming Guide on Being Strategic about Cybersecurity BDT Efforts to Assist Member States

Upcoming Guide on Being Strategic about Cybersecurity BDT Efforts to Assist Member States

Upcoming Guide on Being Strategic about Cybersecurity BDT Efforts to Assist Member States in Producing a National Cybersecurity Strategy 1 National Cybersecurity Strategies Developing a Reference Guide to help Member States produce a

399 views • 14 slides
Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for

Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for

Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for Trustworthy Cyberinfrastructure The NSF Cybersecurity Center of Excellence CTSCs mission is to provide the NSF community a coherent understanding of

518 views • 40 slides
Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic

Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic

Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic Computing The University of Arizona nsfcac.arizona.edu email: hariri@ece.arizona.edu (520) 977-7954 Cybersecurity Challenges We are rapidly

585 views • 12 slides

More recommend