Professor, Department of Computer Science, George Mason University CEO, SCIT Labs, Inc Co-Director, International Cyber Center, Fairfax, VA Biography: Dr. Arun Sood is Professor of Computer Science in the Department of Computer Science, and Co-Director of the International Cyber Center at George Mason University, Fairfax, VA. He and his team of faculty and students have developed a new approach to server security, called Self Cleansing Intrusion Tolerance (SCIT). We convert static servers into dynamic servers and reduce the exposure of the servers, while maintaining uninterrupted service. This research has been supported by US Army, NIST through the Critical Infrastructure Program, SUN, Lockheed Martin, Commonwealth of Virgina CTRF (in partnership with Northrop Grumman). He is founder of SCIT Labs, Inc – a university spin-off with the objective to commercialize SCIT technology, based on three issued patents, 3 pending patents, and other IP. Recently SCIT Labs entered Global Security Challenge (GSC) sponsored Securities Technologies for Tomorrow Challenge. GSC is associated with London Business School. SCIT Labs was the winner of the challenge. Dr. Sood has held academic positions at Wayne State University, Detroit, MI, Louisiana State University, Baton Rouge, and IIT, Delhi. His research has been supported by the Office of Naval Research, NIMA (now NGA), National Science Foundation, U.S. Army Belvoir RD&E Center, U. S. Army TACOM, U.S. Department of Transportation, and private industry. He was awarded grants by NATO to organize and direct advance study institutes in relational database machine architecture and active perception and robot vision. His research interests are in security architectures, image and multimedia computing, signal processing, parallel and distributed processing, performance modeling and evaluation, simulation and modeling, and optimization. Dr. Sood received the B.Tech degree from the Indian Institute of Technology (IIT), Delhi, in 1966, and the M.S. and Ph.D. degrees in Electrical Engineering from Carnegie Mellon University, Pittsburgh, PA, in 1967 and 1971, respectively. His research has resulted in more than 160 publications, and his resume including publications list is available at http://cs.gmu.edu/~asood. Contact Information: E-mail: asood {at} gmu {dot} edu Abstract: Intrusion Tolerance to Mitigate Attacks that Persist The variety and complexity of cyber attacks is increasing.. and so are the numbers of successful intrusions to mission and business systems. From recent breach reports, it has become clear that intruders were in the system for long periods. Not only did the IDS/IPS fail to prevent the intrusion, these systems were not able to detect the presence of the intruder. Thus, the current cyber defenses cannot protect against customized malware and other zero day attacks and once an attack is successful it can persist for many weeks. Any strategy that will mitigate the effects of the attack would be useful, and if the breach duration is reduced it would lead to reduced losses. In a series of papers we have introduced a new approach to this problem – Self Cleansing Intrusion Tolerance (SCIT). Our basic premise is to reduce the exposure time of the servers to the internet. SCIT servers mitigate intrusions by making the exploitation of vulnerabilities more difficult by limiting the effective exposure time of the server to the internet. We have achieved sub-minute exposure time for servers without service interruption. SCIT supplements existing security approaches, thus augmenting the value of existing investments. SCIT servers provide (1) threat independence, and (2) mission resilience, while (3) automatically recovering from a successful intrusion. In this presentation, we will introduce the underlying principles behind SCIT, and show how our approaches reduces the risk of malicious data ex-filtration. |
 | |
|
|