Adaptive Cyber Security

Status, Problems, Solutions

Bilişim

Zirvesi'12

Savunmada

Bilişim
,
Ulusal

Bilgi

Güvenliği

Konferansı

Adaptive Cyber Security

Prof. Dr. Dr. h. c. Sahin Albayrak


Outline

Adaptive Cyber Security

2

Motivation

Status &
Problems

Solutions & Recommendations

Motivation

Adaptive Cyber Security

3

Information

and

Communication

Technologies

(ICT)

are

pervading

into

our

daily

lives
.

ICT

investment

is

essential

in

order

to

have

and

sustain

wealthy

society

and

an

efficient

economy
.

ICT

is

considered

to

be

the

key

enabler

to

enhance

the

quality

of

life

for

everyone
.

As

the

result,

citizens,

government

institutes,

industries

and

interdependent

critical

infrastructures

co
-
exists

both

in

cyber

world

and

physical

world
.

Cyber

world

is

the

backdoor

of

our

society

and

nation

that

has

insufficient

security

on

it
.

Current Status

Adaptive Cyber Security

4

Growing

role

and

importance

of

new

technologies,

information

and

knowledge

in

our

society
.

Need for new technologies

Need for information

Need for knowledge

Current Status

Adaptive Cyber Security

5

3D
Technologies

New Tablets

&

Applications

New
Smartphones

&

Applications

Embedded
Operating
Systems

Current Status

Adaptive Cyber Security

6

Semantic
Technologies

Network
Infrastructures

Cloud
Computing

Current Status

Adaptive Cyber Security

7

VDSL2

LTE

Smart Network
Devices

Current Status

Adaptive Cyber Security

8

Information


K
nowledge

•
Knowledge management

•
Semantic information delivery

•
Preservation and distribution of knowledge

Search Engine



Knowledge Engine

•
Description of Interest

•
Information Classification

•
Information Aggregation

Problems

Adaptive Cyber Security

9

Information

and

knowledge

became

the

most

important

asset

of

the

nations

with

insufficient

protection
.


Private information of citizens

Uncontrolled information in social media

Intellectual properties of industries

Confidential Information of military and government

Problems

Adaptive Cyber Security

10

Increased

number

of

attacks

are

targeting

information

and

knowledge
:

Stealing the information

Denying security components to protect the information

Denying rightful access to information

Problems

Adaptive Cyber Security

11

Attacks

become

more

complex
.

The

asymmetry

between

attack

and

defense

prevents

the

agile

development

of

new

security

solutions
.

Zero
-
day attacks (
DDoS
,
Stuxnet
, Flame,

…)

Attacks that use Interdependencies between Critical
Information Infrastructures

Complex Attacks: Multi
-
lateral,
-
purpose and
–
facet

Attacks due to extreme programming and malicious
developers

Problems

Adaptive Cyber Security

12

Increasing

number

of

malicious

applications

targeting

users

directly

through

smartphones

and

tablets

Malwares are getting more complex, effective and difficult to detect
(
cryptovirology
, polymorphic and metamorphic malwares).

Mobility and multiple communication interfaces on smartphones
makes them more vulnerable and dangerous.

New spread channels through application market places, dynamics of
which have not yet being well understood.

Growing use of social media will contribute to personal cyber threats.

Smartphone Applications

Adaptive Cyber Security

13

Solution

Adaptive Cyber Security

14

Cyber security is complex problem which requires:

-

User Acceptance and Involvement and Orientation,

-

Adaptive and Intelligent Technology on


-

Services, processes and application level,


-

Network level,


-

Terminal level.

-

Multi
-
faceted Approach (sociological, political, legal issues)

Cyber Security solution roadmap:

-

Consider all possible sources (smartphones, tablets, …)

-

Maintain situation awareness at all the time


-

Continuous vulnerability and risk assessment,


-

Continuous and adaptive mitigation.

-

Create an security understanding and culture in the society

-

Collaborate internationally

Adaptive
Cyber

Security Life Cycle

Asses
Vulnerabilities

Asses Risks
and Develop
Strategies

Test

Strategies

Mitigate

Educate

Adaptive Cyber Security

15

Network Security

Simulation

CII
Protection

Decision

Cockpit

Quantitative IT
Risk

Management

Terminal Security
:
Androlyzer
,

Network Security
:
Automated

Attack

Modeling,

Service/
Process

Security
:
Anomaly

Detection

and

Early
Warning

Network Security Simulation

Vendor

Specific


Management Tools

Recommendations

Adaptive Cyber Security

16

National

Information

Security

Center

Security testing and certification of infrastructures through
automatic annual screening

Security and privacy services for citizen, industry and
government divisions

Establishing nationwide information security culture

Recommendations

Adaptive Cyber Security

17

National

Early

Warning

System

Early detection of malicious software, services and activities

Timely warning of citizen, industry and government
institutes

Collaborated mitigation and risk management

Fon

Fax

+49 (0) 30 / 314
–

74

+49 (0) 30 / 314
–

74 003

DAI
-
Labor

Technische Universität Berlin

Fakultät IV
–


Elektrontechnik & Informatik

Sekretariat TEL 14

Ernst Reuter Platz 7, 10587 Berlin

www.dai
-
labor.de

www.connected
-
living.com

www.jiac.de

www.nessi2.de

www.androlyzer.com

www.smart
-
government.eu

www.askspree.de

www.pia
-
services.de





Fon

Fax

+49 (0) 30 / 314
–

74

+49 (0) 30 / 314
–

74 003

DAI
-
Labor

Technische Universität Berlin

Fakultät IV
–


Elektrontechnik & Informatik

Adaptive Cyber Security

18

Prof. Dr. Dr. h. c. Sahin Albayrak

Chief Executive Director of DAI
-
Labor

Head of Chai
r Agent Technology (AOT)

Chairman of Connected Living




sahin.albayrak@dai
-
labor.de


Contact

001

Future in touch.

Recommendations

Adaptive Cyber Security

19

International
Innovation Centers

•
Establishment and
initiation of novel
international
innovation centers by

•
Research institutes

•
Companies

•
Government

Objective

•
Establishment of
innovation and R&D
culture through
international
collaboration