FW: cybergamut Technical Tuesday event - 22 May 2012 - Predicting Malicious Behavior

18 views
Skip to first unread message

Marvin W

unread,
May 14, 2012, 2:22:07 PM5/14/12
to ccbc-cyber-de...@googlegroups.com

FYI

 

From: Sheldon, Scott W. [mailto:SCOTT.W...@saic.com]
Sent: Monday, May 14, 2012 1:31 PM
To: Will...@live.com
Subject: cybergamut Technical Tuesday event - 22 May 2012 - Predicting Malicious Behavior

 

Marvin,

 

cybergamut Technical Tuesday is for cyber professionals to exchange ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 22 May 2012 (1600 – 1730 East Coast Time).

 

Topic: Predicting Malicious Behavior: Tools and Techniques for Ensuring Global Security

 

Network attacks are in the process of crippling organizations. Over the years, such attacks have grown in sophistication and ever increasing damage or extensive theft of sensitive or classified data/information has been the result. Although adversarial threat has increased in effectiveness including higher numbers of first-time attacks, network protection methodologies have remained essentially the same for decades. Signature detection, the primary method, depends on writing signatures of past attacks to identify the same attacks if they reoccur. Anomaly detection, used to a lesser extent, depends on establishing a norm or a network baseline against which future network behavior may be compared to flag “non-normal” network behavior. Because of the emphasis on the past, signature detection is reactive and cannot recognize new attacks not in the rules archive. The anomaly detection approach of flagging non-normal behavior does not equate to identifying malicious behavior - human behavior on a network is rife with non-normal variants of non-malicious behavior. In other words, it is extremely difficult to identify “anomaly good” from “anomaly bad”. A paradigm shift in network protection methodology is past due. This shift must result in a proactive, predictive capability so that malicious behavior may be anticipated prior to occurrence allowing time for mitigation procedures to be implemented. Most importantly, it is time to incorporate human behavior assessment as opposed to network behavior. Attackers have intent to inflict damage or engage in theft. For mitigation, prediction of intent is essential. This presentation focuses on new automated behavior assessment technology capable of realizing this much needed paradigm shift as described in the presenter’s new book: Predicting Malicious Behavior: Tools and Techniques for Ensuring Global Security.

 

Presented by: Dr. Gary Jackson of SAIC

 

Dr. Gary M. Jackson is an Assistant Vice President and Technical Lead within the Cyber and Information Solutions Business Unit at Science Applications International Corporation (SAIC). A behavioral psychologist with specialties in artificial intelligence and automated assessment, Dr. Jackson has designed and developed scores of advanced applications across both corporate and U.S. Government settings. Dr. Jackson’s career has spanned academia as assistant and associate professor (University of South Florida), director of R&D and treatment development in various clinical settings, research psychologist within the U.S. Secret Service Intelligence Division, Intelligence Officer and Chief of three advanced technology branches within the Central Intelligence Agency, vice president and director of research and development for Psychological Assessment Resources (PAR), Director of the Center for the advancement of Intelligent Systems (CAIS) for the American Institutes for Research, and until recently, the founder, president, and CEO of Psynapse Technologies in Washington, DC. Dr. Jackson has extensive R&D and field experience in counterterrorism, counterintelligence, and asymmetric warfare prediction. He was a former President of the Florida Association for Behavior Analysis (FABA). He holds B.A. and Ph.D. degrees from Southern Illinois University-Carbondale and an M.A. degree from University of Illinois. He has completed additional postdoctoral training in neurophysiology at the University of South Florida Medical School. Fusing the behavioral and computer sciences, Dr. Jackson is the inventor of the patented automated behavioral assessment (AuBA) technology, CheckMate intrusion protection system, and InMate misuse detection system for insider threat.

 

Locations: Columbia, MD, Augusta, GA, Omaha, NE, Socorro, NM, Sioux Falls, SD, and San Antonio, TX

 

Please note that some of these are different locations than the last several. Please read the information for your location to be sure you know where to go.

 

We’ll host the live presentation for this Technical Tuesday event at 1600 (4 pm) East Coast Time, at the SAIC facility at 6841 Benjamin Franklin Drive, Columbia, MD 21046. In this location, no RSVP is necessary. Simply show up a few minutes before 4 pm and enjoy the presentation.

 

We’ve established cybergamut nodes in Augusta, GA, Omaha, NE, Socorro, NM, Sioux Falls, SD, and San Antonio, TX for this presentation.

 

If you’re in Augusta, GA, and would like to attend, SAIC will host a cybergamut node at 3633 Wheeler Road, Suite 360, Augusta, GA 30909. The office is located at the intersection of Wheeler Road and Augusta West Parkway.

 

If you’re near Omaha/Bellevue, NE, and would like to attend, Convergent Technologies, Inc. will host a cybergamut node on the Bellevue University Campus. Bellevue University is located at 1000 Galvin Road South, Bellevue, NE, 68005. The cybergamut event will be in the Administrative Services Building Multipurpose Room. For directions or other questions, contact Diane Bruce at dmb...@cti-usa.net or 402-339-9396.

 

If you’re in Socorro, NM, New Mexico Tech (NMT) / Institute for Complex Additive Systems Analysis (ICASA) will host a node at the Skeen Library, room 212 on the NMT campus. Socorro is about an hour south of Albuquerque, NM at exit 150 off I-25. For directions or other questions, contact Michael Smith at msm...@icasa.nmt.edu or 575 835-5231.

 

If you’re near Sioux Falls, SD, and would like to attend, Chenega Logistics will be hosting a cybergamut node in their office at 114 S Main, Suite 200, Sioux Falls, SD 57104. They’re located on Main Avenue between 9th & 10th Street in downtown Sioux Falls.

 

If you’re in San Antonio, TX, and would like to attend this Technical Tuesday event, please contact RJ Caschera at (210) 674-5667 ext 28 or at casc...@saic.com to make arrangements. The host facility, which is near Lackland AFB, has stringent access controls, so please contact RJ by COB Monday 21 May for the exact address, what time to show up, and to arrange access to the conference room.

 

If you’re interested in hosting a cybergamut node, please let me know.

 

Other Information

 

We’ll have certification letters available for PMI PMP PDU’s and CISSP CPE’s as well as other technical credits as appropriate.

 

Additionally, Each location will be giving away a copy of Dr. Jackson’s book. If you’re in Columbia, MD, we’ll do that as the raffle prize. Plan to show up on time with your cybergamut challenge coin to be entered in the raffle. For those who haven’t received theirs yet, we’ll be distributing the coins during this event.

 

 

 

 

Scott Sheldon, PMP, GCIH

Chief Suit and Founder, cybergamut

CybergamutLogo_pantone_final

 

 

Frequently Asked Questions (FAQ):

 

Q1. Is there a fee to join cybergamut or to attend Technical Tuesday events?

A1. There is no fee. cybergamut membership is free; as are the Technical Tuesday events.

 

Q2. How do I join cybergamut and is it okay to forward these personalized mass distribution e-mails to people I think will be interested?

A2. You can follow cybergamut on LinkedIn and Facebook, and you can send me an e-mail (scott.w...@saic.com) to be added to my e-mail distribution list. It is absolutely okay to forward these e-mails to others who might want to be notified. Over 1800 people currently receive these e-mails.

 

Q3. What is cybergamut?

A3. cybergamut is a community of practice for cyber professionals across industry, academia, and government. We offer professional development opportunities like Technical Tuesday events as well as hosting formal training classes on a periodic basis. The LinkedIn discussion page has a rich offering of cyber topics in a blog-like setting, and you can always entertain yourself by trying to solve 42.93.F8.6E.

 

Q4. How can I learn more about cybergamut?

A4. Go to our web site at www.cybergamut.com where you can find out more about the topics in this e-mail, as well as more of the FAQ, the organization’s history, previous events, and upcoming events.

image001.jpg
Reply all
Reply to author
Forward
0 new messages