This Thursday, seven research institutions will compete against each other. Unlike other typical hacker challenges, their automations will compete on their behalf. The winning team will take home $2,000,000.00. The automated programs will crack, patch, and defend applications / networks. I will be there with my teammates as our program cracks and hacks. You should come on by and cheer us on. The live feed may be found @ https://www.cybergrandchallenge.com/
3 years in the making
It has been an exciting three years. So exciting that I have been writing blog posts about it during the progression of the team and competition. After Friday, I am allowed to publish this series.
The Team and Competition
It has been an interesting competition with my global peers. While others are savants with regards to patching; my education, experience, and skill set lends itself naturally to software program cracking at big data scale and defending cloud networks with no human intervention in a minor capacity. We plan to prove the world Skynet is nearly upon us. However, when we all came together, we had a negative outlook we had to turn around: the techniques and automation required is subtle enough that it is not clear if the programs will be able to attack and defend at scale.
The series will cover the following red team at scale subject matters and philosophies
Red Teaming Intro
• CAPEC
• Risk glasses and bias
• Possibilities and space
• Irrational and rational behaviors
• Strategies
• Mitigation and / or acceptance
• Conflict avoidance
• Continuity
• Game theory and interactions
• PTES and NIST 800-115
• To adapt or not?
Scope
• Purpose, scope, hypothesis, and excellence criteria
• Design
• Execution
• Monitoring and real-time analysis
• Post
• Documentation
• Feedback loop
Legal Ethics and Layer 8
• Business cases
• Accountability
• Budget estimation
The way to at scale red teaming
• System thinking
• Highly scalable systems’ and architecture designs pros / cons
• CAP theorem
• Orchestration and Workflows
• Purple simulations
• Reflections
• Measuring intelligence
Mandatory Answers
• End results in what context and time?
• The big picture value-add?
• Which methods apply to achieve excellence?
• How do we build capacity to deliver?
• Which fundamentals need to be in place?
• How much and which resources (human capital, compute, political) are desired vs. needed?
• Total Cost of Ownership?
• Best value? Or script kiddy?
Measuring is Hard
• Beware
• What is an effect?
• Analytics
• Intentional behaviors
• Systems
• Risk and the Unknown
• Noise and deliberate behaviors
• SIRA Book of Common Knowledge
• Key performance indicators
◦ General theories of performance
• Analytics
◦ Motivations and emulations
◦ When is a challenge not a challenge?
◦ Plans and concepts
◦ Sensors and Effectors
◦ Risk
• Pragmatic Dogma
◦ Classical problem solving
◦ Different red team and cracking pedagogies
Compute
• Ingredients
• Experimentation
• Hypothesis generation
• Scientific method and experimentation
• Search and Optimization
• Blind vs. Knowledge optimizations
• System vs. Negotiation optimizations
• Emulations at small scale
• Emulations at large scale
Results
• Fidelity
• Mining
• Analysis
• 6V
• Architecture and Storage
• Real-time or close enough?
• Common Information Modeling
• Historical forms
• Current forms
• DARPA Cyber Grand Challenge forms
• Genetic development forms
• Advanced forms
I think therefore I am
• Scenarios
• Is it really a risk? Residual risk? Vulnerability or foothold?
• Possibilities and plausibilities
• Modeling complex systems
• Capability modeling
• Strategies
• Network, physical, and socio-economic models
Algorithms
• Challengers
• Simulators
• Motivators
• Emulations
• Context enrichment and optimization
• Response
• Mining
• Behavioral mining
• Dealing with complexity
The Cyber Grand future
• Future work
• Where do we go?
• Techniques and computational methodologies to be fleshed out
• Applications
Please subscribe to this blog so you may be kept up to date as the posts roll out.