Webinar: Defense Machines: Towards Autonomous Network Security Systems - Aman Singh - ICRC 2018

This talk, titled "Defense Machines: Towards Autonomous Network Security Systems," by Aman Singh of Palindrome Technologies, focuses on the evolving landscape of internet security in the age of autonomous systems, IoT, and AI.

The presentation covers the following key areas:

• Internet Landscape: Describes the internet as a "Toxic Wasteland with occasional heavily defended citadels," emphasizing the need for robust security. 
• Elements - IoT & AI: Discusses the digitization of society and automation of processes across various sectors like healthcare, agriculture, manufacturing, transportation, and government. 
• Autonomous Security: Explores the duality of technology (good vs. bad) and the concept of security equilibrium between defense and offense. It delves into offensive autonomous systems in digital, physical, and political security, including social engineering attacks, vulnerability discovery, warfare scenarios (bot vs. bot, drones vs. drones, human vs. human), surveillance, fake news, and denial-of-information attacks. 
• Defensive Autonomous Systems: Proposes a "network-first approach for connected things" and introduces the HANZO (Home Area Network Zero Operation) Controller as an autonomous network defense system that uses MUD (Manufacturer Usage Description) profiles by traffic observation. The system phases include monitoring, categorization, device profile generation, and continuous enforcement. The talk also touches on insecure things with vulnerable default states and various attacks, as well as the "good things" about IoT devices, such as limited functionality and communication endpoints. 
• Test Automation & Interventions: Highlights the creation of digital twins and the use of Generative Adversarial Networks (GAN) for test automation. It also discusses interventions including hardware and software formal methods, automated testing/fuzzing, supply chain security, vulnerability disclosures, open source/bug bounties, content forgery detection, and consumer awareness. 
• Conclusions: Emphasizes the need for better digital defense systems and test systems due to the evolution of technology towards autonomous systems and their inherent duality. It calls for participation from academia, industry, consumers, and government in addressing these challenges.