1

Center for Infrastructure Center for Infrastructure Assurance and Security Assurance and Security

(CIAS)(CIAS)

Joe SanchezJoe SanchezAIA Liaison to CIASAIA Liaison to CIAS

REPORT DOCUMENTATION PAGEForm Approved

OMB No. 074-0188Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the dataneeded, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden toWashington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, PaperworkReduction Project (0704-0188), Washington, DC 20503

1. AGENCY USE ONLY (Leaveblank)

2. REPORT DATE4/24/2002

3. REPORT TYPE AND DATES COVEREDBriefing 4/24/2002

4. TITLE AND SUBTITLECenter for Infrastructure Assurance and Security (CIAS)

5. FUNDING NUMBERS

6. AUTHOR(S)Sanchez, Joe

7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NUMBER

Air Intelligence Agency

9. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING / MONITORING AGENCY REPORT NUMBER

IATAC3190 Fairview Park DriveFalls Church, VA 22042

11. SUPPLEMENTARY NOTES

12a. DISTRIBUTION / AVAILABILITY STATEMENTApproved for public release; Distribution unlimited

12b. DISTRIBUTION CODE

A

13. ABSTRACT (Maximum 200 Words)

Breifing on CIAS history, vision and focus.

14. SUBJECT TERMSIATAC Collection, infrastructure assurance, information security,intrusion detection,

15. NUMBER OF PAGES

18

16. PRICE CODE

17. SECURITY CLASSIFICATION OF REPORT

UNCLASSIFIED

18. SECURITY CLASSIFICATION OF THIS PAGE

UNCLASSIFIED

19. SECURITY CLASSIFICATION OF ABSTRACT

UNCLASSIFIED

20. LIMITATION OF ABSTRACT

UNLIMITED

NSN 7540-01-280-5500 Standard Form 298 (Rev. 2-89)Prescribed by ANSI Std. Z39-18298-102

2

uu VisionVision

uu HistoryHistory

uu ConceptConcept

uu InitiativesInitiatives

uu UpdateUpdate

uu Next StepsNext Steps

OverviewOverview

3

VisionVision

Develop the world's foremost university Develop the world's foremost university center for multidisciplinary research center for multidisciplinary research

and education in areas of infrastructure and education in areas of infrastructure assurance and securityassurance and security

4

VisionVisionWhy?...and Why San Antonio?

Why: Our nation is under siege... information/infrastructure systems are vulnerable from both foreign and domestic threats…

New research & education is paramount to assure continued growth in information security

Why San Antonio: Significant concentration of the world’s leaders in I/O security

5

Information Security HistoryInformation Security History

u In 1985 the Air Force consolidated their computersecurity missions at Kelly AFB, combining Computers,Communications, and Emanations disciplines

u Creation of the Air Force Computer EmergencyResponse Team (AFCERT) and the Air ForceInformation Warfare Center

u Charted the course for the military services andprivate sector and has made San Antonio a hubof security activity.

u National and local companies reside in S.A.supporting information/infrastructure security missions

ESC to AIAESC to AIA

6

Intrusion Detection:Traffic LoadIntrusion Detection:Traffic Load

953,750 Real-Time Alerts

17,006 Suspicious Event Reports

Validate

User-level Intrusions

60

Poor SecurityPractice

2

Denial of Service

2

Root-level Intrusions

13

False False

Positive3

1.1 Billion Suspicious Connections

Air Force Network Traffic: 6.6 Billion Events

2001

Malicious Logic

6

87 Incidentsin 2001

7

CIAS ConceptCIAS Concept

Commercial

Education

Higher Ed K-12

Government

Federal

CIAS

State & Local

8

Government EmphasisGovernment Emphasis

Government

Federal State & Local

uu Air Force &Air Force & DoDDoD

uu Telecommunications Telecommunications ProtectionProtection

uu SCADA SystemsSCADA Systems

uu Biometrics & Wireless Biometrics & Wireless VulnerabilitiesVulnerabilities

uu Intrusion DetectionIntrusion Detection

uu State and LocalState and Local

uu Infrastructure ProtectionInfrastructure Protection

uu Computer Crime w/ FBIComputer Crime w/ FBI

9

Educational InitiativesEducational Initiatives

Education

Higher Ed K-12

uu Education “Pipeline”Education “Pipeline”

uu Bachelors to Ph.D. DegreesBachelors to Ph.D. Degrees

uu Community CollegesCommunity Colleges

uu KK--12 12 (Information Technology (Information Technology & Security Academy)& Security Academy)

uu Mentor KMentor K--1212

uu R & DR & D

uu Job PlacementJob Placement

uu InternshipsInternships

10

Commercial PartnershipCommercial Partnership

Commercial uu Board of AdvisorsBoard of Advisors

uu Levels of funding supportLevels of funding support

uu Dedicated ResearchDedicated Research

uu Technology TransferTechnology Transfer

uu EntrepreneurshipEntrepreneurship

uu Small Business Small Business DevelopmentDevelopment

uu InIn--kind Expert Assistancekind Expert Assistance

11

Alliance PartnersAlliance Partners

Higher and K-12 Education

Federal Government

State and Local Government

12

Commercial Alliance PartnersCommercial Alliance Partners

Commercial (Representative)

13

CIAS StatusCIAS Status

u DoDDoD Defense Bill appropriated $2.5M in AF Defense Bill appropriated $2.5M in AF Research and Development funds Research and Development funds

uu Contract is very close to being signedContract is very close to being signed

uu CIAS involved in state and federal Homeland CIAS involved in state and federal Homeland Security initiatives (Dark Screen)Security initiatives (Dark Screen)

uu Minor offered in Infrastructure Assurance while Minor offered in Infrastructure Assurance while pursuing Bachelor’s/Master’s/Ph.D. pursuing Bachelor’s/Master’s/Ph.D.

uu Strong support for the Information Technology Strong support for the Information Technology and Security Academy (ITSA)and Security Academy (ITSA)

uuPlans to host seminars later this year Plans to host seminars later this year

14

Dark ScreenDark Screen

u CM Rodriguez (TX) letter in March proposing CM Rodriguez (TX) letter in March proposing

“…“…the San Antonio region sponsor an exercise to test the the San Antonio region sponsor an exercise to test the San AntonioSan Antonio--area capabilities to prevent, detect, and area capabilities to prevent, detect, and respond to a cyber terrorist attack and itrespond to a cyber terrorist attack and it’’s ability to s ability to coordinate with local, state, and federal authorities.coordinate with local, state, and federal authorities.””

uu Core exercise planning team lead by the CIAS includes Core exercise planning team lead by the CIAS includes AIA, the City of San Antonio, AIA, the City of San Antonio, Bexar Bexar County, State of County, State of Texas, Law Enforcement, Industry, and InfrastructureTexas, Law Enforcement, Industry, and Infrastructure

uu Early stages Early stages –– plan a tabletop in the fall, plan a tabletop in the fall, ““minimini--exerciseexercise””next spring/summer, full exercise next fall next spring/summer, full exercise next fall

uu CM Rodriguez has submitted a request for $500K from CM Rodriguez has submitted a request for $500K from the FY02 Supplemental Appropriations Billthe FY02 Supplemental Appropriations Bill

uu CIAS is working the exercise into their budgetCIAS is working the exercise into their budget

15

Next StepsNext Steps

uu “Sell the Center”“Sell the Center”

uu Springboard off Designation as a Center ofSpringboard off Designation as a Center ofExcellence with the National Security AgencyExcellence with the National Security Agency

uu Finalize business partnership agreement &Finalize business partnership agreement &establish/maintain local funding supportestablish/maintain local funding support

uu Continued congressional dialogue andContinued congressional dialogue andsupportsupport

uu Establish partnerships with local universitiesEstablish partnerships with local universities

uu Assist in the establishment of the ITSAAssist in the establishment of the ITSA

uu Build a world class Center by luring the Build a world class Center by luring the best in the field best in the field

16

CIAS Points of ContactCIAS Points of Contact

Dr. Glenn DietrichDr. Glenn Dietrich Dr. Greg WhiteDr. Greg White

Executive DirectorExecutive Director Technical DirectorTechnical Director

(210) 458(210) 458--5354 5354 (210) 458(210) 458--63076307

gdietrichgdietrich@@utsautsa..eduedu gwhitegwhite@@utsautsa..eduedu

Joe SanchezJoe SanchezAIA Liaison to CIASAIA Liaison to CIAS(210) 977(210) 977--37063706joejoe..sanchezsanchez@@lacklandlackland..afaf.mil.mil

(210) 458(210) 458--43244324jsanchezjsanchez@@utsautsa..eduedu

17

DevelopVision

BuildPlan

ObtainFunding

EstablishCenter

InitialOperations

DedicatedResearch

FocusedOut Reach

ContinuedOperations

Time Line Time Line

Phase I Phase II Phase III

May ‘01May ‘01 November ‘01November ‘01 October ‘02October ‘02 October ‘03October ‘03

Activity IIIActivity IIINSA NSA

DesignationDesignation

Activity VActivity VAppropriationAppropriation

Activity IVActivity IVCongressionalCongressionalSponsorship Sponsorship

Activity IIActivity IIDetailedDetailed

Plan Plan

Activity IActivity IHigh LevelHigh Level

VisionVision

FullOperations

18

IO ServicesIO Services

Strategy &Strategy &ArchitectureArchitecture ElectronicElectronic

CommerceCommerce

CERTCERTSupportSupport

TechnologyTechnologyManagementManagement

IntrusionIntrusionDetectionDetection

WebWebSecuritySecurity

AlgorithmAlgorithmResearchResearch

EncryptionEncryptionDevelopmentDevelopment

InformationInformationSecuritySecurity

TechnologyTechnologyTestingTesting

InformationInformationAssuranceAssurance

CIASCIAS