Title: Boyd’s OODA and General Predator/Prey Theory
Speaker: Tim Keanini
The first talk we attended at B-Sides Las Vegas, was Tim Keanini’s, CTO at Ncircle Network Security Inc, presentation on how we can use metaphors like John Boyd‘s OODA attack/defense and General Predator/Prey theory to better understand how hackers work. Keanini used nature as a metaphor for attack/defense.
Keanini used nature as a metaphor for attack/defense. On the internet, the victim of an attack generally cannot attack back so the natural analogue are prey species that make it as expensive as possible to be attacked. Predators can use foraging which is expensive for the predator and therefore the predator must do an economical calculation to hedge the energy spent attacking against the energy gained by eating the prey. In the old days, this described the internet. Attackers foraged for servers to attack. The other approach is ambush and that is a better description of today. The server has the attack and waits for the victim. The speaker also touched on the idea of “nuke and pave.” This is where it is less expensive to simply toss the computer, format the harddrive, etc than pay a security professional to sort out a hacked box.
This talk was interesting and quite worth attending. It was a general security philosophy talk as opposed to a nuts and bolts how-to talk and it is good to toss one of those in here and there to break up the thickness of the “here is how you hack something” talks. Another metaphor in IT is that of virus-driven evolution. That is, most if not all the species on this planet owe their evolution to viruses providing the impetus for improvement. And of course we implicitly acknowledge this metaphor in the IT space by calling it “a computer virus.” See Schuyler Towne’s B-Sides physical security talk for more of that sort of thinking (though in the physical security space).