Skip the navigation

MIT takes aim at secure, self-healing cloud

By Brandon Butler
February 27, 2012 02:20 PM ET

Network World - What if a cloud computing infrastructure could recognize a cyberattack, eliminate it, and never stop working while all that is being done? That's what researchers at MIT, with help from the federal government, are investigating the feasibility of.

Researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) have received funding from the Defense Advanced Research Projects Agency (DARPA) to bring about a cloud infrastructure that could identify cyberattacks and heal itself from any damages.

DARPA has a number of ongoing research projects to develop more secure cloud environments.

MORE: US cyberchief says cloud computing can manage serious cyberthreats

BACKGROUND: Experts explain greatest threats to cloud security

"The freedom, fluidity and dynamic platform that cloud computing provides also makes it particularly vulnerable to cyberattacks," according to the laboratory.

As part of the "Cloud Intrusion Detection and Repair" study, MIT researchers hope to fundamentally map how cloud networks are created and operate. Based on that, a set of guidelines will be created for the cloud network to constantly assess itself to see if it is working within those guidelines and return to its normal operating procedure if it is not. The approach is different from other security measures that disable a system when a threat is detected, creating outages, the researchers said.

"Much like the human body has a monitoring system that can detect when everything is running normally, our hypothesis is that a successful attack appears as an anomaly in the normal operating activity of the system," said principal investigator Martin Rinard. "By observing the execution of a 'normal' cloud system we're going to the heart of what we want to preserve about the system, which should hopefully keep the cloud safe from attack."

The study's goal of continuing operations of the system even while under attack are a tenet of CSAIL's research. For example, other ongoing research includes studying vulnerabilities in Java applications and identifying and fixing malware in Android applications, all while the systems continue to operate.

Network World staff writer Brandon Butler covers cloud computing and social media. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

Originally published on www.networkworld.com. Click here to read the original story.
Reprinted with permission from NetworkWorld.com. Story copyright 2012 Network World, Inc. All rights reserved.
Our Commenting Policies
Consumerization of IT: Be in the know
consumer tech

Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!