People-oriented cyber security

Author

Frazier, Greg

Author_Institution

Apogee Res., LLC, USA

fYear

2012

fDate

25-28 June 2012

Firstpage

1

Lastpage

1

Abstract

Summary form only given. With the introduction of DEP and ASLR, the degree of difficulty in finding network-accessible zero-day attacks has increased dramatically. Linux versions 2.6 and higher are significantly more robust to attack than was 2.4, and Windows 7 is comparably more robust than was XP. That said, we continue to see computer systems being widely compromised. The reasons for this are many, but this talk will focus on the user as the critical vulnerability and the complexity and opacity of computer systems as contributing factors. I will discuss economic drivers for security (and lack thereof), point out some foibles in current enterprise, Internet and handheld device architectures, and present some problems that should be amenable to analysis. Finally, I will propose some research directions which facilitate including the human as a critical element of the system architecture.

Keywords

Internet; Linux; computational complexity; economics; security of data; ASLR; DEP; Internet; Linux versions 2.6; computer systems complexity; computer systems critical vulnerability; computer systems opacity; economic drivers; handheld device architectures; network-accessible zero-day attacks; people-oriented cyber security; Abstracts; Computer architecture; Computer science; Computer security; Computers; Robustness; USA Councils;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks Workshops (DSN-W), 2012 IEEE/IFIP 42nd International Conference on

Conference_Location

Boston, MA

Print_ISBN

978-1-4673-2264-5

Electronic_ISBN

978-1-4673-2265-2

Type

conf

DOI

10.1109/DSNW.2012.6264681

Filename

6264681