Posts

Showing posts from July, 2012

MORPHINATOR & cyber maneuver as a defensive tactic

In June I read an outstanding paper from MAJ Scott Applegate, US Army, entitled The Principle of Maneuver in Cyber Operations, written as part of his work at George Mason University.
Then yesterday, I spotted a headline indicating that US Army has awarded a contract to Raytheon to develop technology for Morphing Network Assets to Restrict Adversarial Reconnaissance, or MORPHINATOR.
Aside from what might be the greatest acronym of all time (take that, APT) MORPHINATOR represents a defensive tactic well worthy of consideration in the private sector as well. While the Raytheon article is basically just a press release, I strongly advocate your reading MAJ Applegate's paper at earliest convenience. I will restate the principles for you here in the understanding that these are, for me, the highlights of this excellent research, as you might consider them for private sector use, and are to be entirely attributed to MAJ Applegate.
First, understand that the United States Military describ…

toolsmith: Collective Intelligence Framework

Image
Prerequisites Linux for server, stable on Debian Lenny and Squeeze, and Ubuntu v10 Perl for client (stable), Python client currently unstable
Introduction
As is often the case when plumbing the depths of my feed reader or the Dragon News Bytes mailing list I found toolsmith gold. Kyle Maxwell’s Introduction to the Collective IntelligenceFramework(CIF) lit up on my radar screen. CIF parses data from sources such as ZeuS and SpyEye Tracker, Malware Domains, Spamhaus, Shadowserver, Dragon Research Group, and others. The disparate data is then normalized into repository that allows chronological threat intelligence gathering.   Kyle’s article is an excellent starting point that you should definitely read, but I wanted to hear more from Wes Young, the CIF developer, who kindly filled me in with some background and a look forward. Wes is a Principal Security Engineer for REN-ISAC whose mission is to aid and promote cyber security operational protection and response within the higher educatio…