A Taxonomy and a Knowledge Portal for Cybersecurity

David Klaper

Adviser: Eduard Hovy

19.06.2014 DG.O 2014 1

Outline

• Why Cybersecurity Education for Smart Governments?

• Taxonomy:

– Technical Aspects

– Impact of Cybercrime

• Knowledge Portal

• Conclusion

19.06.2014 DG.O 2014 2

Smart Government

• Improve efficiency by offering services online

• Provide important data online

• Provide statistical information

• Provide reliable press releases

• Allow personnel remote access to network

• …

19.06.2014 DG.O 2014 3

Cyber Threats

• Disruption of service

• Misinformation

• Data Theft

• All destroy trust in smart government

• Prevention requires all involved to know risks

19.06.2014 DG.O 2014 4

Mitigation

• Effective training to prevent such threats requires understanding

• Understanding needs mental model developed by carefully structured training

• Cybersecurity field and teaching fragmented

• Most training relies on simple checklists with unrelated points.

19.06.2014 DG.O 2014 5

Cyber Defense

• Cybersecurity commercialized early

– Focus on tools not people

– Specialization and fragmentation

• Nobody knows how to instruct laymen

– In a way that makes ‘intuitive sense’ to them

• Organize overview of cybersecurity

– Taxonomy as first step to mental model

19.06.2014 DG.O 2014 6

Taxonomy

• Topics of cybersecurity

• Each concept has brief description and possibly external references

• Organized as a hierarchy of concepts

19.06.2014 DG.O 2014 7

Example Concept

• Description, Cross-links, Resources

19.06.2014 DG.O 2014 8

Taxonomy Overview

• High Level Map of concepts

• Provides quick navigation

19.06.2014 DG.O 2014 9

Technical Aspects

Impact of Cybercrime

Technical Aspects of Cybersecurity

• Focus on research

• Present various important areas of cybersecurity

• Fairly detailed, well developed

19.06.2014 DG.O 2014 10

Example Goal for Related Training Unit

Authentication and Authorization

19.06.2014 DG.O 2014 11

• Types of Authentication

• Advantages of multi-factor authentication

• Principle of least privileges

• Understand why you should never give your credentials to your co-workers

Example Goal for Related Training Unit

Intrusion Detection

19.06.2014 DG.O 2014 12

• Types of Malware: Virus vs. Trojan …

• Self-replication and Hiding

• Paths of infection: Internet, E-mail, USB

• Understand why just removing the symptoms of a virus is dangerous

Example Goal for Related Training Unit

Cryptography

19.06.2014 DG.O 2014 13

• Private-key and public-key cryptography

• SSL Certificates and their implications

• Understand what the lock in your internet browser actually means

Taxonomy as Starting Point

• Provides links for further inquiry

• Taxonomy serves as starting point for finding out what you want to know more about

• Provide abstract of linked papers to allow user judging whether the link is interesting

19.06.2014 DG.O 2014 14

Extracted Abstract

19.06.2014 DG.O 2014 15

Impact of Cybercrime

• Look at aspects beyond technology

• Cybersecurity has considerable influence on other areas, such as education or investments

• Less materials, less detailed

19.06.2014 DG.O 2014 16

Example Goal for Related Training Unit

Economic Impact

19.06.2014 DG.O 2014 17

• Estimated costs of cybercrime

• Costs of prevention

• “We estimate that the likely annual cost to the global

economy from cybercrime is more than $400 billion” (McAfee, Net Losses: Estimating the Global Cost of Cybercrime, June 2014.)

• Understand the cost of recovering from an attack that you can help prevent

Example Goal for Related Training Unit

Policy and Law

19.06.2014 DG.O 2014 18

• Cybercrime laws and their effects

• Data protection regulations (e.g. HIPAA)

• International (e.g. Council of Europe ETS 185)

• Understand why you could become a criminal if you are clueless about cybersecurity

Example Goal for Related Training Unit

Education

19.06.2014 DG.O 2014 19

• Education initiatives at different levels

• Online resources for further information

• Learn about where you can find further information and materials to train your team

Knowledge Portal

• Comment on cybercrime and cybersecurity issues of websites

• Write comments through Chrome browser plugin

• Discuss others’ comments

• Provides situational knowledge

19.06.2014 DG.O 2014 20

Short Demo

19.06.2014 DG.O 2014 21

Linking Knowledge

• Link the situational knowledge to taxonomy

• Taxonomy provides background knowledge

• Encourage users to learn more about issues

19.06.2014 DG.O 2014 26

Conclusion

• Cybersecurity for smart government

– Requires training of staff

• Taxonomy http://www.cs.cmu.edu/~dklaper/cybersecurity/website/

• Knowledge portal http://erie.lti.cs.cmu.edu

19.06.2014 DG.O 2014 27