2017 Technology Exchange

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Creating Near Real-Time and End-to-End Cyber Situational Awareness of University Networks

Time 10/17/17 11:20AM-12:10PM

Room Seacliff A

Session Abstract

Defending networks against cyber-attacks requires gaining real-time end-to-end visibility into the network topology and end-nodes characteristics. This presentation will show application of scalable analytics and significant innovations that achieves this real-time end-to-end visibility, thus improving the security posture of complex university networks inexpensively and effectively in three areas:
1. Creating network situational awareness in a virtual Network Operation Center (vNOC). This involves reverse engineering, mapping and visualizing network, including identifying network segmentations and boundary nodes; displaying temporal changes to the network over time by greying out network nodes that are down due to failures; applying visual and animated artifacts on the end-nodes to display running services; and automatic alerting on critical networks resource failures.
2. Creating end-to-end cyber situational awareness of network in a virtual Security Operation Center (vSOC). This involves displaying vulnerabilities across network, using visual and animated artifacts, on 3D network map, including node/tunnel misconfigurations errors; product vulnerabilities; threat intelligence feeds, and end-node situational data covering compliance/policy violations.
3. Deploying vNOC and vSOC inexpensively onto Intel's Next Unit of Computing (NUC) tiny form factor hardware.
This work is a result of ongoing collaboration between Louisiana State University (LSU), University of Maryland Baltimore County (UMBC) and Cyberspace Analytics Corp. Cyberspace Analytics used configurations and firewall data to map the LSU network to show relationships between internal and external nodes. We will present some lessons learned and discuss where we see this effort going in supporting future cybersecurity initiatives.

Ethan Bateman, LSU
Dr. Deepinder Sidhu, UMBC & Cyberspace Analytics
Aaron Boteler, Cyberspace Analytics

Speakers

Speaker Deepinder Sidhu Cyberspace Analytics Corporation

Presentation Media

Primary track Information Security

Secondary tracks Advanced Networking

gold Sponsors

bronze Sponsors