Situational awareness and data sharing the U.S. government intends to use analysis to win network security

有了更多实时信息共享的大型分析项目,网络防御便可从“疫苗”发展成“免疫系统”,进而达到类似自动化安全的效果。
政府想要更好地保护其信息系统并支持私营产业的网络安全,各部门和机构就得大幅改善信息收集、分析和共享的方式,让现任和前任政府官员都警惕的新兴威胁无所遁形。
内容交付和云服务提供商阿卡迈公司召集的政府IT大会上,美国官员强调了就网络威胁信息收集大网的重要性,呼吁制定新标准和协议,自动化公共和私营产业自动化信息共享。
美国国土安全部(DHS)网络安全与通信办公室代理助理部长丹尼·托勒说:“参与者越多,共享进程越好。”

煤炭行业周报:雄安新区成立带动区域需求,利好焦煤标的

DHS最近刚卸任网络安全副部长帮办职务的菲利斯·施内克,观察到计算中人的因素,以及计算机本身的局限,都导致了安全挑战的产生。
“计算就是人和机器的互动。我们都是人,即便经过培训也挡不住点击链接的诱惑。”
网络态势感知
安全公司提供一系列产品介入到人们点击恶意链接所致破坏的缓解过程中。施内克设想了一个更大型的全球化威胁数据池,可供计算机即时自动化获取数据,免于沦为恶意黑客的猎物,同时也是一个由“大分析”能力驱动的系统,可让这海量数据有实用意义。
实时,我们希望计算机能有这种类型的支持。你想看到计算机都收到了什么东西,什么是计算机应该做的,什么是不应该做的。计算机不智能,它们只是快而已。

她看到的,是让普通联网计算活动,走DHS发展“爱因斯坦”威胁检测与响应系统的相同道路。按她的说法,“爱因斯坦”项目已经从“疫苗系统走向了免疫系统”,可以更好地保护政府和私营产业计算机。
“只要像阿卡迈这种视野广阔的公司能共享知识,这就有可能在我们整个互联网上发生。“
“如果能让互联网自己识别出坏东西并进行攻击,我们就可以结束无脑执行指令的场景,开启光速警告网络中相关节点的畅想。”
改善入侵预防
在DHS,“爱因斯坦”团队一直在改进该项目的第3元素——建立在监视数据流和检测入侵基础上的入侵预防。托勒描述了DHS通过监视不断长大的数据构建分析能力,扩展“爱因斯坦”威胁预防机制的一个先行项目。
“目前为止,预防基于特征码,只是封锁已知威胁。但随着分析能力的增加,已知的东西会增长,爱因斯坦III也将转型到非特征码预防上来。”
政府扩张网络问题协同的工作不会终止于国家边界上。克里斯托弗·朋特,国务院网络问题协调员,称其部门旨在推进美国外交使团的网络规范,帮助发展中国家建立他们在该领域的基础设施。无论会议主题为何,网络安全问题都会摆到台面上讨论。
“这是我们几乎每个双边会议都会谈及的一个问题。无论是不是网络,这些问题总会浮现。”

和汪星人一起工作是什么感觉?

官员们认识到,数据收集和共享需要一个平衡,隐私和人权组织需要确保消费者的个人信息不会以安全之名被过度侵害。公有和私营产业间还有文化壁垒,有些公司不愿意与官方共享数据,害怕招致法律责任,或者出于无奈;政府对和外界实体共享的信息也十分吝啬。但是,在网络犯罪的世界,信息共享就没这么多障碍。
我们的对手在信息共享上没有任何问题甚至他们会以我们永远无法想象的速度开工。而我们还需要文明的生活方式进行保护。所以,对我们而言,合作是必须的。如果我们要实现信息的汇总和共享的话。
微信扫一扫关注该公众号
With more large-scale real-time information sharing project analysis, network defense can be developed from the vaccine into the immune system, and thus achieve the effect of similar security automation.
The government wants to better protect the information system and network security support of private industry, departments and agencies have greatly improved information collection, analysis and sharing of the way, let the emerging threat of current and former government officials are wary of undetected.
云计算,终端只要一个浏览器软件,限制一个进程,当然安全些,可是网络应用和带宽尚需较长时日才能替代掉大量传统的桌面应用软件。
Content delivery and cloud service providers Akamai called government IT conference, U.S. officials stressed the importance of network threat information collection network, calling for new standards and protocols, automation of public and private industrial automation information sharing.
Danny Toale, assistant director of the Department of Homeland Security (DHS) network security and communications office, said: the more participants, the better the sharing process.
DHS recently stepped down as Deputy Vice Minister of security duties Phyllis Schneck, observed in the calculation of human factors, as well as the limitations of the computer itself, have led to security challenges.
Computing is the interaction of man and machine. We are all people, even after training can not stop the temptation to click on the link.
Network situation awareness
Security companies to provide a range of products into the process of people click on the destruction caused by malicious links. Shineike envisioned a larger global threat data pool, for instant automatic data acquisition computer, from becoming a malicious hacker prey, is also driven by a big analysis ability of the system, can let the data have practical significance.
Real time, we hope the computer can have this type of support. You want to see what the computer has received, what the computer should do and what should not be done. Computers are not smart, they are just quick.
She saw, is to allow ordinary networking activities, take the DHS development Einstein threat detection and response system the same way. According to her, the Einstein project has gone from the vaccine system to the immune system, can better protect the government and private sector computers.
As long as a company with a wide field of vision like Akama can share knowledge, it is possible that it will happen on our entire internet.
If you can make the Internet to identify their own bad things and attack, we can end the scene without instructions to execute the instructions to open the speed of the network warning related nodes in the imagination.
Improved intrusion prevention
In DHS, the Einstein team has been working to improve the third element of the project – an intrusion prevention based on monitoring data streams and detecting intrusions. Toale describes DHS’s ability to build an analytical capability by monitoring growing data, extending a Einstein threat prevention mechanism as a leading project.
So far, prevention is based on feature codes, which only block known threats. However, with the increase in the ability to analyze, known things will grow, Einstein III will also be transformed into non feature code prevention.
The work of the government’s expansion of the network will not end on the national border. Christopher Ponte, a network coordinator for the State Department, said the Department aims to promote the network of U.S. diplomatic missions and help developing countries build their infrastructure in the field. Regardless of the theme of the meeting, network security issues will be discussed on the table.
This is a question that we will talk about in almost every bilateral meeting. Whether or not the network, these problems will emerge.
网络安全公益短片中间人攻击防范

领投鸟受邀出席3.15上海金融信息安全论坛

Officials recognize that data collection and sharing requires a balance between privacy and human rights organizations need to ensure that the consumer’s personal information will not be excessive in the name of security. Public and private industry and cultural barriers, some companies are reluctant to share data with the official, afraid to incur liability, or government and external entities as it cannot be helped; for information sharing is also very stingy. However, in the world of cyber crime, there are not so many barriers to information sharing.
Our opponents have no problems in information sharing and they will start at a speed we can never imagine. And we need a civilized way of life. So, for us, cooperation is a must. If we want to gather and share information.
WeChat sweep attention to the public number

互联网安全联盟从技术上拯救了中国海量的白痴用户,白痴用户需要傻瓜化的安全解决方案,但是要让这些白痴用户获得真正的安全保障,需要将他们从类似保姆似的安全保障中解放出来,让他们通过良好的教育聪明起来。

猜您喜欢

辽宁对外经贸学院开展网络安全宣传周 强化师生网络安全意识
我要我的专用方案,信息安全——价值、目标、战略与流程
LBS地理位置信息泄露造成损失
美多地集会呼吁特朗普公开纳税记录20人已被捕
SCHNAPSBRENNEN XKYEBM
安全教育工作急不来忽视不得