GENESIS: Integrated end-to-end decision support for computer network defence (proof of concept) – Design and architecture document

PDF

Authors
  1. McKenzie, C.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Trend Micro, Ottawa Ont (CAN)
Abstract
The purpose of project GENESIS (inteGrated ENd to End deciSIon Support) was to determine the feasibility of integrating industry Commercial Off The Shelf (COTS) software with DRDC pioneered attack analysis tools used to determine what actions should be taken in a network to optimally protect it from attack. In large networked environments, not all computer vulnerabilities and bugs can be patched fast enough, nor is access control information easy to correlate with known computer vulnerabilities to determine if an attacker could reach a specific computer at all. Trend Micro Deep Security was selected as the project COTS because of its ability to: - Scan a computer and determine what vulnerabilities existed which could be exploited by an attacker; - Enforce access control policy through a Firewall; and - Protect or “virtually patch” known vulnerabilities using Deep Packet Inspection technology. A prototype was built to explore the idea of combining DRDC attack analysis tools and Deep Security into a representative network environment and security system which would collect environment vulnerability and access control information, determine all the relevant attack vectors, rank each of these in order of the cost it would take to solve, and finally implement the optimal actions to best protect the network computers from an attacker. The subject network environment is a virtualized eight computer topology separated into three zones, divided by firewall policy. This document co

Il y a un résumé en français ici.

Report Number
DRDC-OTTAWA-CR-2011-009 — Contractor Report
Date of publication
01 May 2001
Number of Pages
88
DSTKIM No
CA036135
CANDIS No
535703
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: