Future Watch: Pointillist protection

Matthew Hamblen   Today’s Top Stories    or  Other Mobile and Wireless Stories  

Advance your BlackBerry(R) solution management know-how this July Enhancing Business Mobility with Convertible PCs Seven Steps to Secure and Seamless Field Mobility Managing Mobility: An IT Perspective Demonstrating the Business Value of Mobile Device Management in the Enterprise Sign up to receive Security Resource Alerts

November 22, 2004 (Computerworld) -- Carnegie Mellon University is researching some of the biggest challenges in computer security, data availability and systems reliability through a year-old interdisciplinary program known as CyLab.

Funded with federal dollars and contributions from 40 private companies, CyLab brings together graduate students and 30 professors, mostly in computer sciences, to work in teams on a wide range of research areas.

For example, in September, Pittsburgh-based Carnegie Mellon won a $6.4 million grant from the National Science Foundation for an initiative called Security Through Interaction Modeling (STIM), which studies complex interactions between people, the computers they use and attacks from the outside. STIM will explore means of improving computer defenses by incorporating the models' behaviors into the defenses themselves.

Another CyLab project takes the name of the French impressionist painter Georges Seurat, who painted vast canvasses with many tiny dabs, or "points," of paint, a process dubbed pointillism. The Seurat team at CyLab is developing methods to monitor anomalous behavior that may be induced by buffer overloads and other glitches. The Seurat technique compares a precomputed profile of how a system should be performing to the combination of all the application interactions with the operating system. "So it looks at a profile of what this system should be doing and says maybe this thing has been corrupted," explains Mike Reiter, technical director of CyLab and a professor of computer engineering and science. "It can track accesses and changes across many machines all at once or in a short time period."

The Seurat project is so named because there are many layers, points or places where one might measure what is going on in a system in order to see evidence of an attack, much the same way the 19th century painter discovered that what we see comprises many points of color and light.

The Seurat technique is a broad-brush approach to security, and indeed, the overall scope of CyLab's $10 million annual research mission is broad, says Pradeep Khosla, dean of the Carnegie Mellon College of Engineering and co-director of CyLab.

"We want a world where we can push measurable, sustainable, secure, trustworthy and available data," explains Khosla. He says CyLab will attempt to help reduce the number of bugs in software, for example.

Khosla estimates that for every dollar spent on computer hardware and software, it takes $6 to $8 in personnel costs to maintain it. For that reason, vulnerability analysis is part of the CyLab program as well as malicious code detection.

But even more basic, several projects at CyLab are devoted to creating self-healing systems that can survive malicious attacks, Khosla says. "We know attacks exist, so you can either build a system that survives the attack or find a way to stop the attack," Khosla says. "But trying to find a way to stop attacks is akin to saying, 'I'll kill all the bacteria and viruses out there.' Instead, we are going to find a way to live with worms and attacks with self-healing."

CyLab's immediate work on self-healing is a project called Self * Storage System, which researchers are about to demonstrate to the U.S. Army and will show publicly in six months or so. The idea is that there is no single point of failure in a system, especially storage, so if a piece of information is corrupted, the system can quickly determine that and automatically set itself back to its original state. The system survives the attack without actually finding a way to prevent it, Khosla explains.

Reiter says Self * Storage is also about improving management of large-scale storage systems in a process some call autonomic computing.

Cell Phone Remote Control

Another vision at CyLab is to use smart phones as ubiquitous access control devices. It is an idea that mobile phone companies have already implemented, but CyLab is working on new approaches to making that vision very scalable.

As a hypothetical example, Reiter cites the intrepid business traveler flying halfway around the world and using his cell phone as a key to open his hotel room door. The idea goes far beyond promoting a single standard and instead involves what Reiter calls a "flexible access-control network which allows new policies to be introduced into a system to permit devices to work."

The traveler would have his credentials transferred to the hotel from his phone by Bluetooth or ultrawideband technology, with a hotel room digital key transferred back to reside on the phone.

There would be no problem if the phone was stolen, because it would authenticate the user by PIN or thumbprint before revealing the key. Using its WAN capabilities, the phone would request permission from a remote server, perhaps at the traveler's place of employment, which wouldn't know the key but could authenticate the traveler based on the PIN or thumbprint. Once clearance was granted, the phone would be allowed to complete the computation of the cryptographic key to allow the traveler to get some sleep.

Reiter says CyLab is starting to demonstrate this capability and will move forward with the opening this winter of the Collaborative Innovation Center, a facility in which researchers will be able to control building functions using smart phones.

In its Coral project, CyLab is developing network defense mechanisms for virus and worm attacks. Carnegie Mellon researcher Chenxi Wang says the idea is to detect an infection early and have the network react to it in real time to mitigate damage. The secret is to quickly identify those few critical nodes, shown here in red, that most aid the spread of malicious code so that they can be "immunized or patched," Wang says. The work is supported by a National Science Foundation grant of $1.5 million and is being conducted by Carnegie Mellon and industry partners Symantec Corp. and Akamai Technologies Inc. Researchers are also looking at network vulnerabilities in a separate effort called the Suerat Project.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

Future Watch: Pointillist protection

"Mozilla's successful attempt to set a world record for downloads of a single program, Firefox 3 was dumb...." Read more... "Apple yesterday dropped the price of the 64Gb MacBook Air by a whopping $500 ($400 less for the SSD and..." Read more... Read more Mobile & Wireless posts or See all Blogs

Microsoft promises four patches next week Google gives away home-cooked Web application security scanner Storm botnet stages Fourth of July attacks More top stories...

Microsoft trumpets security additions in upcoming IE8 Apple cuts price of high-end SSD MacBook Air by $500 Ultrathin showdown: Apple MacBook Air vs. Lenovo ThinkPad X300 vs. Toshiba Portege R500

This old laptop: Revitalizing an aging notebook on the cheap All it takes is a couple hours and about $125 to breathe new life into an old laptop. Here's how. Bill Gates moves on Is Microsoft's Golden Age over? What are Gates' most memorable quotes? Find out in Computerworld's complete coverage of the end of the Bill Gates era at Microsoft. Five things you should never tell your boss There are some things your CIO definitely doesn't want to hear. Also don't miss the flipside, Five things you should always tell your boss. Hands-On: Firefox 3 fixes what's broke and keeps what's right With its latest version, Mozilla's browser continues to raise the bar for what Web browsers should be. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class2006 Computerworld Horizon Awards2006 Premier 100 IT Leaders2006 Salary Survey2007 Best Places to Work in IT2007 IT Forecast2007 Premier 100 IT Leaders40 Years of ComputerworldASPs, Take TwoBest Places to Work in IT 2003Best Places to Work in IT 2004Best Places to Work in IT 2005Best Places to Work in IT 2006Business Intelligence Home RunsBusiness Intelligence: Smarter BIBusiness Intelligence: The Future of BICRM Goes VerticalCRM: Sober CRMCareer Planning Guide 2005Careers: IT Profession 2010Computerworld Horizon Awards 2005Data Management: Mining for GemsData Management: Taming Data ChaosDevelopment: Hard-Workin' Web SitesDevelopment: New Tools New ChoicesDevelopment: The New World of Application DevelopmentDevelopment: The Web Services TsunamiDevelopment: Web Services HurdlesDisaster Recovery: Preparing for the WorstE-commerce Grows UpE-mail/Groupware: Big DecisionsFaces of Mobile ITForecast 2006Global MobileHardware: Multiple Cores, Multiple ChallengesHardware: On-Demand Un-HypedHardware: The Shape of Things to ComeHorizon Awards: 10 Cool Cutting Edge TechnologiesIT Management: Guide to Managing VendorsIT Management: Navigating Global ITIT Management: Recovery AheadIT Management: The Future of ITIT Management: The Resourceful Project ManagerInnovative Technology Awards 2004Management: Reinventing ITMicrosoft in TransitionMobile/Wireless Leaders and LaggardsMobile/Wireless: The Untethered WorkerMobile/Wireless: Tiny Gadgets, Huge CostsNetwork Management: Taking ControlNetworking: Turbulence Ahead!Networking: VoIP Goes MainstreamOperating Systems: In the Slow LaneOperating Systems: Linux Goes GlobalOperating Systems: Should You Nix Unix?Outsourcing: Offshore Buyer's GuideOutsourcing: Outsourcing DangersPremier 100 IT Leaders 2004 Best in ClassPremier 100 IT Leaders 2005 Best in ClassROI: Do the Math!Salary Survey 2003Salary Survey 2004Salary Survey 2005Security Action PlanSecurity: Compliance HeadachesSecurity: Proactive SecuritySecurity: Risk and RewardSecurity: Tips From Security ProsSouped-up SecurityStorage: Battling ComplexityStorage: Cheap & Secure Data StoresStorage: Stretching Your Storage DollarsStorage: The Lean Storage MachineStorage: The New Rules of StorageStorage: The Ultimate Backup GuideSupply Chain: Missing LinksSupply Chain: RFID Reality CheckThe Business of SecurityWeb 2.0 SecurityWireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone Data Center Management Zone Enterprise-Class Security Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone Business Intelligence and Analytics Zone See your link here

The Untethered Worker (Source: Computerworld) Today's roaming employees expect to be able to work in a conference room, airport, customer site or coffee shop. This report - covering wireless LANs, mobile applications and cellular networks - tells you how to get the job done, avoid chaos and maintain security! Download this executive briefing  Virtualization Everywhere Download this white paper, free, compliments of Citrix. (Source: Citrix) Adoption of virtualization is concentrated among large enterprises, while adoption by mid-sized companies has been much slower. For these companies, the cost and complexity of server virtualization solutions has been a barrier. In this paper, we'll discuss how Citrix XenServer" provides simple, economical server virtualization for any size company. Download now! Download this white paper  Long Tail Supplier Collaboration - What's In It For You? Long Tail Supplier Collaboration - What's In It For You? Download this webcast, free, compliments of Sterling Commerce Go to the webcast  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Deploying Virtualized NetWare on Linux Whitepaper Toward More Flexible, Next-Generation Collaboration Solutions Driving Business Success Through Workgroup Choice and Flexibility View more whitepapers

• Future Watch: Pointillist protection

• Microsoft promises four patches next week
• Google gives away home-cooked Web application security scanner
• Storm botnet stages Fourth of July attacks
• More top stories 

Computerworld Executive Briefing: Automating Network Management IThis briefing looks at the basics of network management, which tend to get lost in the dizzying array of products and processes. It also examines new tools that are on the way to help IT executives deal with management in the new era of automation. Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP.