Computerworld - The Air Force Research Laboratory this week awarded Santa Clara, Calif.-based Network Associates Inc. a $1.8 million contract to support research that may have widespread implications for the future of government and private-sector cybersecurity.
The contract is part of the Software Protection Initiative (SPI), a government program focusing on cutting-edge technologies to protect critical software that supports national and defense capabilities. However, the research being planned for the program could clearly benefit the private sector as well, experts said.
The focus of one research project is to produce a secure development repository with the overall goal of developing information assurance techniques and malicious-code scanning capabilities for software production systems, said Pete Dinsmore, director of research operations at Network Associates Laboratories. These techniques and capabilities will enhance software development security and cut down on software vulnerabilities, he said.
A second project will focus on protecting software from reverse-engineering -- which can be a critical part of the malicious hacker's tool box. Using reverse-engineering techniques, tools such as disassemblers and decompilers can extract and exploit information about the design and operation of software. Researchers from the Air Force and Network Associates plan to study the feasibility of constructing new defenses against reverse-engineering and embedding those defenses in critical software.
"This is cutting-edge," said Dinsmore. "In one case, we're doing research to understand software obfuscation and deobfuscation tools to understand the state of the art in how well a hacker can take apart the software you've created," he said.
"We're also focusing on advancing the state of the art in developing software by developing a secure [change management] repository that can ensure that the code that comes out of the repository only goes to the people it's supposed to go to, and only the code that was supposed to go into [the application] was actually integrated."
Alan Paller, director of research at the SANS Institute in Bethesda, Md., said government funding of this type of research could have a significant spillover effect for the entire software and Internet industry. "Government funding of advanced research on code analysis tools could lead to valuable resources for everyone," he said.
Paller said many advanced hackers no longer study software code. Rather, they rely on automated tools that isolate places in the object code where buffer overflows and similar problems are possible. "Developers should use those same tools first and have access to the most sophisticated tools available to the hackers," said Paller.
Charles Kolodgy, an analyst at IDC in Framingham, Mass., said that while the focus on reverse-engineering is unique, it can be adouble-edged sword.
"Many vendor vulnerabilities are discovered by people who take the code apart to look at it," he said.
Read more about Security in Computerworld's Security Topic Center.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!