Category: "Cyber Security"

About the cyber-security category

  By Hagai Bar-El   , 58 words
Categories: Cyber Security

The Cybersecurity category is devoted to articles discussing the protection of critical infrastructure, and other homeland-security related topics. The term “Cybersecurity” is often abused, in my opinion, and is sometimes stretched to cover everything that normally falls into the wide domain of network security. When categorizing the essays in this blog I stick to the narrower definition above.

Pages: 1 2

  2020-11-15

Addressing the shortcoming of machine-learning for security

  By Hagai Bar-El   , 2765 words
Categories: Analysis, IT Security, Security Engineering, Security, Cyber Security

In a previous post I wrote about cases in which machine-learning adds little to the reliability of security tools, because it often does not react well to novel threats. In this post I will share a thought about overcoming the limitation of machine-learning, by properly augmenting it with other methods. The challenge we tackle is not that of finding additional methods of detection, as we assume such are already known and deployed in other systems. The challenge we tackle is of how to combine traditional detection methods with those based on machine-learning, in a way that yields the best overall results. As promising as machine-learning (and artificial intelligence) is, it is less effective when deployed in silo (not in combination with existing technologies), and hence the significance of properly marrying the two.

I propose to augment the data used in machine-learning with tags that come from other, i.e., traditional, classification algorithms. More importantly, I suggest distinguishing between the machine-learning-based assessment component and the decision component, and using the tagging in both components, independently.

Read more »

  2020-03-05

Useful threat modelling

  By Hagai Bar-El   , 1633 words
Categories: Security Engineering, Cyber Security, Management

Do you know what all security documents have in common? — they all were at some time called “threat model"… A joke indeed, and not the funniest one, but here to make a point. There is no one approach to threat modelling, and not even a single definition of what a threat model really is. So what is it? It is most often considered to be a document that introduces the security needs of a system, using any one of dozens of possible approaches. Whatever the modelling approach is, the threat model really has just one strong requirement: it needs to be useful for whatever purpose it is made to serve. Let us try to describe what we often try to get from a threat model, and how to achieve it.

Read more »

  2017-10-13

For and against security checklists, frameworks, and guidelines

  By Hagai Bar-El   , 636 words
Categories: Security Engineering, Security, Cyber Security, Counter-media

We have seen many of those by now. Starting with old ones like FIPS 140, and concluding with more recent additions as the NIST CSF (Cyber Security Framework). The question is: are whose worth my time? What are they good for? Do we need to adhere to them? In a nutshell, I think they have their value, and need to be consulted, but not worshiped.

Read more »

  2015-08-05

Unsafe IoT safes

  By Hagai Bar-El   , 154 words
Categories: Security Engineering, Cyber Security

I have been saying that one of the challenges with securing IoT is that IoT device makers don’t have the necessary security background, and the security industry does not do enough to make cyber-security more accessible to manufacturers. We should therefore not be surprised that 150 years of experience in making robust safes and transferring money securely, did not help Brinks once they introduced a USB slot into one of their new models.

Read more »

  2015-07-29

CyberDay lecture on IoT security challenges

  By Hagai Bar-El   , 41 words
Categories: Personal News, Cyber Security

Today I attended CyberDay 2015, where I delivered a lecture titled “Challenges in Securing IoT”.

Read more »

  2015-07-22

Why secure e-voting is so hard to get

  By Hagai Bar-El   , 1708 words
Categories: Security Engineering, Security Policies, Cyber Security

A few days ago I gave a lecture about innovation and one topic that came up was the security of e-voting. It is widely accepted by the security community that e-voting cannot be made secure enough, and yet existing literature on the topic seems to lack high level discussion on the basis for this assumption.

Following is my opinion on why reliable fully digital e-voting cannot be accomplished given its threat and security models.

Read more »

  2014-04-09

OpenSSL "Heartbleed" bug: what's at risk on the server and what is not

  By Hagai Bar-El   , 1223 words
Categories: IT Security, Cyber Security, Counter-media

A few days ago, a critical bug was found in the common OpenSSL library. OpenSSL is the library that implements the common SSL and TLS security protocols. These protocols facilitate the encrypted tunnel feature that secure services – over the web and otherwise – utilize to encrypt the traffic between the client (user) and the server.

The discovery of such a security bug is a big deal. Not only that OpenSSL is very common, but the bug that was found is one that can be readily exploited remotely without any privilege on the attacker’s side. Also, the outcome of the attack that is made possible is devastating. Exploiting the bug allows an attacker to obtain internal information, in the form of memory contents, from the attacked server or client. This memory space that the attacker can obtain a copy of can contain just about everything. Almost.

There are many essays and posts about the “everything” that could be lost, so I will take the optimistic side and dedicate this post to the “almost". As opposed to with other serious attacks, at least the leak is not complete and can be quantified, and the attack is not persistent.

Read more »

1 2


Form is loading...

  XML Feeds

Search

License

All contents are licensed under the Creative Commons Attribution license.