Badger - The Networked Security State Estimation Toolkit

Presented at Black Hat USA 2014, Aug. 7, 2014, 5:35 p.m. (25 minutes)

The recently open sourced Cyber Physical Topology Language (CPTL) has allowed cyber defenders the capability of building tools to provide metrics for estimation of a security state. This provides a metric that can be used to assess the ongoing security status of data network. Using CPTL's framework, monitoring data from any arbitrary tool can be imported through standard data gathering methods such as syslog and SNMP queries. The toolkit specifically provides a running score from a many configurable settings based on metrics gathered on applications, systems, or networks. A graphical canvas in the Badger provides an at a glance view of the state of networked security elements.


Presenters:

  • Gabe Weaver - University of Illinois at Urbana-Champaign
    I'm a Research Scientist at the Coordinated Science Laboratory at the University of Illinois at Urbana-Champaign. I am currently working to develop a Cyber-Physical Topology Language (CPTL) to communicate and analyze cyber-physical systems. During my doctoral thesis at Dartmouth College, I created eXtended Unix tools (XUTools) to process a broader class of languages in which security policies are expressed in the language-theoretic sense. XUTools is already in demand by practitioners and articles on my research have been featured in news outlets such as ComputerWorld, CIO Magazine, Communications of the ACM, and Slashdot.
  • William Rogers
    William Rogers is a young cyber security researcher based in Urbana, Illinois. His research efforts recently include providing primary coding for the initial release of Badger, an open source network attack surface measurement tool.
  • Edmond Rogers - University of Illinois
    Edmond Rogers, CISSP is a Security Engineer for the University of Illinois Information Trust Insitute. Previously, Rogers worked at a Fortune 500 Investor Owned Utility in the United States where he was responsible for the cyber security of SCADA systems that operated the bulk electric system. Rogers has also previously been responsible for critical infrastructure security in the financial and telecom industries.

Links:

Similar Presentations: