How GCHQ Classifies Computer Security - Computerphile

Computerphile · Intermediate ·👁️ Computer Vision ·11y ago

Key Takeaways

GCHQ's approach to classifying computer security involves scoring computer systems based on expert opinions, with a focus on identifying the most difficult step in a system and rating its difficulty, as investigated by Professor Uwe Aickelin and his team, using techniques such as data mining and system assessment.

Full Transcript

some of the work that we do is uh related to security uh to computer security in particular um there is a government agency called gchq in the UK which stands for government Communications Headquarters so there are sort of super Authority in the UK that looks after all things to do with security including computer security and they've come to us a little while ago with a really interesting question uh basically they said um we're looking at a lot of computer systems and uh is there any way we can measure how secure they really are and uh how do we understand what our experts are saying data mining is all about crunching large volumes of data but then you come to these points where suddenly there's all sorts of data there but it relies in human expertise and it's not so clear anymore what exactly you're looking for and here it's it's a classic example so you get your experts to look at a computer system and this is actually some real data this is the unclassified version I don't have to shoot you when you have to go you're okay this is an example where actually lots of experts from gchq have been asked to assess the security of a system the details I can't reveal but there was a particular system that was set up there was different ways of attacking the system and the experts were basically asked okay tell me this particular type of attack on a scale of 1 to 10 do you think it's easy or difficult and this is the answers we got and each dot is a particular expert the colors just relates to what part of GCU they're working in there might be in slightly different subgroups and again these some of the experts they said oh yeah this is a really easy attack to do they gave it rank number one but some of the experts actually said oh it's kind of in the middle and some experts said no no this is really difficult this is number 10 and this is typical for when you're asking experts I mean these are highly qualified people and the same is through in medicine and this is kind of where our work started with all of this and why gchq came to us we we worked a lot with doctors doctors ass as patients and why do you have to ask a second and a third opinion it's because they don't always give you the same answer do they so the same here you ask your different experts and they can give you very very different answers it it doesn't become a data mining problem anymore now because well what what are you going to do with this because take the average but the average is probably completely wrong because what's really happening here is one of two things one either this expert who is sort of a bit of an outlier he's untrained and he actually just needs a bit of training or maybe he just become aware of a zero day attack somebody nobody else knows yet and he really knows his stuff whereas these people here that might work on this day to-day and they're probably right in a general sense but maybe they've missed this latest attack so if you go for the average you probably end up with the completely wrong answer because either it's trivial or there's something that's just happened recently and we need to find out but you can't just take the average when we work with gchq that's kind of what it looks like it's a big donut actually so they're basically saying look lots of government agencies are coming to us and they say we want we we want our our system to be assessed by your experts how secur is it should we spend more in security and um well okay so how many experts should we ask is there any does it does it matter whether we ask internal or external experts does it matter whether we ask Experts of different teams what do we do when we get five opinions do we just take the average so through our studies and through our collection of data we were able to come up with a number of findings which were quite interesting one of the things that we looked at for example was whether experts which are internal to the organization and experts which are external to the organizations give different answers maybe they had different training maybe they have different use of experience and one of the things we found was that actually the internal and the external experts as a whole they give more or less the same answers so that was good because there was some concern on gchq's part that they need to be very careful that who they select but turns out no it's a mixture is good another thing that we looked at was different groups of experts do they give different answers it turns out that some groups they're obviously very narrowly technically focused and they will always give you more or less the same answer whereas other groups that seem to be broader and they give you a wider variety of answers so while it's maybe good idea to ask five experts it's not a good idea to ask five experts from some group because it doesn't matter you're just wasting your time you're getting five times the same answer so you might want to ask either five people from these other groups or five people from different groups so what's an example of that is it just that perhaps they're specifically studying networks yeah so somebody might some of these groups might be really really focused on firewalls so they know everything about firewalls so when when you ask them about firewalls all of them are going to say the same thing but there other groups well they' studied more broader things also it can it can just be to do with the Dynamics of the group maybe there's a very strong leader in some groups so everybody will give you the opinion of the leader whereas in other groups is a bit more freeth thinking what we really after is computer security and understanding how secure is the system ideally what we want is a measure of security and to to obtain such a measure this is a computer computer science issue we get data we get data by asking experts there's also data by not asking experts we have data about the system I mean look for example uh this is of what the system looks like here's a network this is how many hops there are there's a firewall here there's an encryption machine there there's a Content Checker here you got all this information as well so you've got all this information and you got the expert opinions now how do you put it all together to give you a number or something that tells you okay actually this is how secure we are or we should spend more money on this or we don't need to is it possible to do that I have a bicycle lock and uh it's rated you know as to how Securities I'm guessing that's based on how thick it is how heavy duty the metal is but things change in the computer the problem is with this a system might be thisse secure today and then tomorrow something happens and a patch a new patch comes out or an update comes out and things change so what you're actually going to get there something more Dynamic here so you have to ask a question again and again but at least at this moment in time when you ask your five experts you're going to get a consistent answer or at least you know how to get a consistent answer out of their opinions one of the things that we found found about this which is very interesting and here's a publication where you can read much more about this because these computer systems are very complicated things many hops many stages many different ways of attacking them this is where humans we have a problem we can't have all the information in our head all the time so one of the things that we be interested in is how do experts actually form their opinion of this and it turns out that what experts really do is they look at the whole system and they identify which one of the many steps is the most difficult step they call it the most ult hop and once they've identified the most difficult hop they then think very hard okay how difficult is this most difficult hop for example the encryption machine might be the most difficult of breaking the encryption how difficult is that and they give that the rating between 1 and 10 and their final rating for the whole overall system is 95% of the rating they gave to this most difficult hop which just shows you how we as humans you know do our data mining really simple so that's that's basically so that we may as well we may as well use that same technique is that what that's right there basically one way you can do it I mean if you if you're happy with a 95% answer which you might be happy on most systems then actually it's sufficient to ask your experts which one is the most difficult part and how difficult is this part one thing that this image has that our last image of the flower didn't have is sharp changes in intensity so this C has a sharp step down into the background and that is not something that jpeg handles very well at all but statistics on on its own it's not enough and that's why computer programming is really good because it's more flexible than statistics

Original Description

The UK's Government Communications Headquarters deal in classified material, but how to decide if a computer is secure? - GCHQ asked Professor Uwe Aickelin and his team to investigate a means of scoring computer systems. More Information (academic paper): http://bit.ly/computerphileuwegchq The Problem with JPEG: https://youtu.be/yBX8GFqt6GA XOR and the Half Adder: https://youtu.be/VPw9vPN-3ac Face Recognition: COMING SOON Nuggets of Data Gold: https://youtu.be/Zel2NCKej50 http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computer Science at the University of Nottingham: http://bit.ly/nottscomputer Computerphile is a sister project to Brady Haran's Numberphile. More at http://www.bradyharan.com
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Computerphile · Computerphile · 0 of 60

← Previous Next →
1 Follow the Cookie Trail - Computerphile
Follow the Cookie Trail - Computerphile
Computerphile
2 EXTRA BITS - Follow the Cookie Trail - Computerphile
EXTRA BITS - Follow the Cookie Trail - Computerphile
Computerphile
3 Musical Floppy Drives - Computerphile
Musical Floppy Drives - Computerphile
Computerphile
4 The Hair Algorithm - Computerphile
The Hair Algorithm - Computerphile
Computerphile
5 Getting Sorted & Big O Notation - Computerphile
Getting Sorted & Big O Notation - Computerphile
Computerphile
6 Quick Sort - Computerphile
Quick Sort - Computerphile
Computerphile
7 Hyper History and Cyber War - Computerphile
Hyper History and Cyber War - Computerphile
Computerphile
8 Entropy in Compression - Computerphile
Entropy in Compression - Computerphile
Computerphile
9 Original Elite on the BBC B - Computerphile
Original Elite on the BBC B - Computerphile
Computerphile
10 IP Addresses and the Internet - Computerphile
IP Addresses and the Internet - Computerphile
Computerphile
11 A Career in Video Games - Computerphile
A Career in Video Games - Computerphile
Computerphile
12 Error Detection and Flipping the Bits - Computerphile
Error Detection and Flipping the Bits - Computerphile
Computerphile
13 Programming BASIC and Sorting - Computerphile
Programming BASIC and Sorting - Computerphile
Computerphile
14 Birthplace of the World Wide Web - Computerphile
Birthplace of the World Wide Web - Computerphile
Computerphile
15 Punch Card Programming - Computerphile
Punch Card Programming - Computerphile
Computerphile
16 Programming Paradigms - Computerphile
Programming Paradigms - Computerphile
Computerphile
17 CERN Computing Centre (and mouse farm) - Computerphile
CERN Computing Centre (and mouse farm) - Computerphile
Computerphile
18 Error Correction - Computerphile
Error Correction - Computerphile
Computerphile
19 Home-Made Code - Computerphile
Home-Made Code - Computerphile
Computerphile
20 Security of Data on Disk - Computerphile
Security of Data on Disk - Computerphile
Computerphile
21 Gesture Controls - Computerphile
Gesture Controls - Computerphile
Computerphile
22 How Intelligent is Artificial Intelligence? - Computerphile
How Intelligent is Artificial Intelligence? - Computerphile
Computerphile
23 Encryption and Security Agencies - Computerphile
Encryption and Security Agencies - Computerphile
Computerphile
24 Virtual Machines Power the Cloud - Computerphile
Virtual Machines Power the Cloud - Computerphile
Computerphile
25 Hacking Websites with SQL Injection - Computerphile
Hacking Websites with SQL Injection - Computerphile
Computerphile
26 How Huffman Trees Work - Computerphile
How Huffman Trees Work - Computerphile
Computerphile
27 Cracking Websites with Cross Site Scripting - Computerphile
Cracking Websites with Cross Site Scripting - Computerphile
Computerphile
28 Cloud Computing (Cloudy with a Chance of Pizza) - Computerphile
Cloud Computing (Cloudy with a Chance of Pizza) - Computerphile
Computerphile
29 Texting Cabbage with a Recorder - Computerphile
Texting Cabbage with a Recorder - Computerphile
Computerphile
30 Hashing Algorithms and Security - Computerphile
Hashing Algorithms and Security - Computerphile
Computerphile
31 How YouTube Works - Computerphile
How YouTube Works - Computerphile
Computerphile
32 How NOT to Store Passwords! - Computerphile
How NOT to Store Passwords! - Computerphile
Computerphile
33 A New Golden Age of Video Games - Computerphile
A New Golden Age of Video Games - Computerphile
Computerphile
34 A Universe of Triangles - Computerphile
A Universe of Triangles - Computerphile
Computerphile
35 Cross Site Request Forgery - Computerphile
Cross Site Request Forgery - Computerphile
Computerphile
36 The True Power of the Matrix (Transformations in Graphics) - Computerphile
The True Power of the Matrix (Transformations in Graphics) - Computerphile
Computerphile
37 The Great 202 Jailbreak - Computerphile
The Great 202 Jailbreak - Computerphile
Computerphile
38 EXTRA BITS - Printing and Typesetting History - Computerphile
EXTRA BITS - Printing and Typesetting History - Computerphile
Computerphile
39 Triangles to Pixels - Computerphile
Triangles to Pixels - Computerphile
Computerphile
40 The Problem with Time & Timezones - Computerphile
The Problem with Time & Timezones - Computerphile
Computerphile
41 The Visibility Problem - Computerphile
The Visibility Problem - Computerphile
Computerphile
42 Lights and Shadows in Graphics - Computerphile
Lights and Shadows in Graphics - Computerphile
Computerphile
43 The Penguin Barcode - Computerphile
The Penguin Barcode - Computerphile
Computerphile
44 Typesetters in the '80s - Computerphile
Typesetters in the '80s - Computerphile
Computerphile
45 The Font Magicians - Computerphile
The Font Magicians - Computerphile
Computerphile
46 The Little Mac with the Big Bite - Computerphile
The Little Mac with the Big Bite - Computerphile
Computerphile
47 EXTRA BITS - More on the Original Mac at 30 - Computerphile
EXTRA BITS - More on the Original Mac at 30 - Computerphile
Computerphile
48 XP to Ubuntu with an 8yr old Hacktop - Computerphile
XP to Ubuntu with an 8yr old Hacktop - Computerphile
Computerphile
49 EXTRA BITS - Hacktop Real-Time Boot Comparison - Computerphile
EXTRA BITS - Hacktop Real-Time Boot Comparison - Computerphile
Computerphile
50 EXTRA BITS - Making a Bootable USB in Linux - Computerphile
EXTRA BITS - Making a Bootable USB in Linux - Computerphile
Computerphile
51 EXTRA BITS - Installing Ubuntu Permanently - Computerphile
EXTRA BITS - Installing Ubuntu Permanently - Computerphile
Computerphile
52 The Dawn of Desktop Publishing - Computerphile
The Dawn of Desktop Publishing - Computerphile
Computerphile
53 What is Bootstrapping? - Computerphile
What is Bootstrapping? - Computerphile
Computerphile
54 Reverse Polish Notation and The Stack - Computerphile
Reverse Polish Notation and The Stack - Computerphile
Computerphile
55 Home-Made Z80 Retro Computer - Computerphile
Home-Made Z80 Retro Computer - Computerphile
Computerphile
56 Should Everybody Learn to Code? - Computerphile
Should Everybody Learn to Code? - Computerphile
Computerphile
57 Programming in PostScript - Computerphile
Programming in PostScript - Computerphile
Computerphile
58 Heartbleed, Running the Code - Computerphile
Heartbleed, Running the Code - Computerphile
Computerphile
59 YouTube's Secret Algorithm - Computerphile
YouTube's Secret Algorithm - Computerphile
Computerphile
60 YouTube Search & Discovery - Computerphile
YouTube Search & Discovery - Computerphile
Computerphile

This video discusses GCHQ's approach to classifying computer security, which involves scoring computer systems based on expert opinions, and highlights the challenges and limitations of this approach, including the potential for inconsistent or biased opinions, and the need for repeated assessment due to the dynamic nature of computer security.

Key Takeaways
  1. Identify the most difficult step in a system
  2. Rate the difficulty of the most difficult step between 1 and 10
  3. Calculate the final rating for the whole system as 95% of the rating given to the most difficult step
  4. Consider the potential for inconsistent or biased opinions
  5. Repeat the assessment process regularly to account for changes in the system or its environment
💡 Expert opinions can be inconsistent or biased, and repeated assessment is necessary due to the dynamic nature of computer security, highlighting the need for a systematic and structured approach to system assessment.

Related Reads

📰
Cost Analysis of 33 AI Image Models
Learn how to analyze costs of AI image models and optimize your budget for computer vision projects
Reddit r/artificial
📰
Testing Face Embedding Nearest Neighbor Search with OpenCV SFace
Learn to test face embedding nearest neighbor search using OpenCV SFace for efficient face recognition
Dev.to · Nariaki Wada
📰
Your $2,000 Graphics Card Has a Connector With a Documented History of Melting, and Nobody…
High-end graphics cards like RTX 5090 and RX 9070 XT have power connectors with a history of melting due to overheating, posing a significant risk to hardware and safety
Medium · AI
📰
From Image Frames to Motion Intelligence: A Guide to Building Real-Time Anomaly Detection
Learn to build a real-time anomaly detection system for security footage using Python, overcoming common challenges in image frame analysis
Medium · Python
Up next
SAM 2 Segment Anything - Image and Video Segmentation #computervision #objectsegmentation #sam #meta
Abonia Sojasingarayar
Watch →