Cooperative Red Teaming of a Prototype Survivable Service-Oriented System

An increasing number of military systems are being developed using service orientation. Some of the features that make service orientation appealing, like loose coupling, dynamism and composition-oriented system construction, make securing service-based systems more complicated. We have been develop...

Full description

Saved in:
Bibliographic Details
Main Authors: Pal, Partha, Atighetchi, Michael, Gronosky, Andrew, Loyall, Joseph, Payne, Charles, Sinclair, Asher, Froberg, Brandon, Grant, Robert
Format: Report
Language:English
Subjects:
ADAPTIVE RESPONSE
ADAPTIVE SECURITY
ADAPTIVE SYSTEMS
COMPUTER APPLICATIONS
Computer Programming and Software
COMPUTER SECURITY
Computer Systems Management and Standards
CONTAINMENT(GENERAL)
CRUMPLE ZONES
CYBER ATTACKS
CYBER DEFENSE
PENETRATION TESTING
PROTOTYPES
RED TEAM EVALUATION
RESILIENCE
SERVICE ORIENTED ARCHITECTURE
SURVIVABILITY
SURVIVABLE APPLICATIONS
TEST BEDS
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:An increasing number of military systems are being developed using service orientation. Some of the features that make service orientation appealing, like loose coupling, dynamism and composition-oriented system construction, make securing service-based systems more complicated. We have been developing technologies for Advanced Protected Services (APS) to improve the resilience and survival of services under cyber attack. These technologies introduce a layer to absorb, contain, and adapt to cyber attacks before attacks reach critical services. This paper describes an evaluation of these advanced protection technologies using cooperative red teaming. In cooperative red teaming, an independent red team launches attacks on a protected enclave in order to evaluate the efficacy and efficiency of the protection technologies, but the red team is provided full knowledge of the system under test and its protections, and is given escalating levels of access to the system. The red team also operates within agreed upon rules of engagement designed to focus their effort on useful evaluation results. Apart from presenting the evaluation results, we also discuss cooperative red teaming as an effective means of evaluating cyber security. Presented at the Military Communications Conference (MILCOM), Orlando, FL, October 29-November 1, 2012. Prepared in cooperation with Adventium Labs, Minneapolis, MN, and in collaboration with Air Force Research Laboratory, Rome, NY.