Blog: White House Sets Cybersecurity R&D Priorities

White House Sets Cybersecurity R&D Priorities
InformationWeek (12/07/11) Elizabeth Montalbano

The White House has published a cybersecurity research and development (R&D) roadmap developed by the U.S. Office of Science and Technology Policy. The roadmap, a product of a seven-year effort by both public- and private-sector experts, lists four areas of R&D concentration. The first priority is inducing change by applying game-changing themes toward the comprehension of the underlying reasons for current cybersecurity vulnerabilities, and devising ways to address them by disrupting the status quo. The next research priority focuses on the development of scientific foundations for cybersecurity, including laws, hypothesis testing, repeatable experimental designs, standardized data collection techniques, metrics, and common terminology. The third area of concentration entails facilitating the most comprehensive research impact by ensuring interagency collaboration, coordination, and integration of cybersecurity improvement operations. The final priority is to accelerate the time it takes to practically apply the cybersecurity research. "Given the magnitude and pervasiveness of cyberspace threats to our economy and national security, it is imperative that we fundamentally alter the dynamics in cybersecurity through the development of novel solutions and technologies," says U.S. chief technology officer Aneesh Chopra and White House cybersecurity coordinator Howard Schmidt.

View Full Article

Blog: Cyber-Security System Mimics Human Immune Response

Cyber-Security System Mimics Human Immune Response
Discovery News (04/21/11) Eric Niiler

The U.S. Department of Homeland Security's Bruce McConnell recently released a white paper that describes a healthy ecosystem of computers that work together to fight cyberthreats. McConnell says the first step to developing the ecosystem is creating a computer system that can automatically recognize and react to threats. However, a major obstacle to such a system is developing computers that can authenticate interactions, says Science Applications International Corp.'s Ross Hartman. He says researchers currently are studying new models of nature-inspired defenses as a way to protect computers from new threats. Hartman says that McConnell's paper, "Enabling Distributed Security in Cyberspace: Building a Healthy and Resilient Cyber Ecosystem with Automated Collective Action," is a positive response to rising threats and will lead to new innovations from cybersecurity experts.

View Full Article

Blog: The Cyberweapon That Could Take Down the Internet

The Cyberweapon That Could Take Down the Internet
New Scientist (02/11/11) Jacob Aron

University of Minnesota researchers have developed a cyberweapon that turns the structure of the Internet against itself, but ultimately could be used to make the Internet more secure. Minnesota's Max Schuchard and colleagues built on the ZMW attack, which disrupts the connection between two routers by interfering with the Border Gateway Protocol (BGP) to make it seem as if links are offline, spreading the disruption through the entire Internet. The method uses a large botnet to develop a map of the connections between computers, identify a common link, and launch a ZMW attack that can bring down the entire system. As the system routes traffic around the disrupted link, the attack would launch again, disrupting a different connection. Eventually, every router in the world would be receiving more updates than it could handle. "Once this attack got launched, it wouldn't be solved by technical means, but by network operators actually talking to each other," Schuchard says. However, the researchers predict that this type of attack would never be launched by malicious hackers because mapping the network is such a technically complex job, and the botnet needed would be so large that it is more likely to be rented out for a profit. Although simulations show that current BGP defenses cannot protect against this attack, a solution could be to send BGP updates via a different network.

View Full Article - May Require Free Registration

Blog: DARPA Goal for Cybersecurity: Change the Game

DARPA Goal for Cybersecurity: Change the Game
DVIDS (12/20/10) Cheryl Pellerin

The U.S. Defense Advanced Research Projects Agency (DARPA) has developed programs that deal with cybersecurity threats by surprising the attackers. The agency created the Clean-slate Design of Resilient, Adaptive, Secure Hosts (CRASH) and Programming Computation on Encrypted Data (PROCEED) programs to enhance the agency's cybersecurity research, says DARPA's Kaigham Gabriel. CRASH aims to develop new computer systems that resist cyberattacks the same way organisms fight bacteria and viruses. Gabriel says the researchers are developing computer hardware that give systems a kind of genetic diversity that would make them more resistant to cyberinfections by learning from attacks and repairing themselves. He notes that over the last two decades, the lines of code in security software has increased from approximately 10,000 to about 10 million lines, but the number of lines of code in malware has remained constant at about 125 lines. This analysis and others "led us to understand that many of the things we're doing are useful, but they're not convergent with the problem," Gabriel says. The PROCEED program is working to improve the efficiency of working on encrypted data that has not been decrypted. "If we were able to do relevant sorts of operations without ever having to decrypt, that would be a tremendous gain because ... whenever you decrypt into the open, you create vulnerability," he says.

View Full Article

Blog: JASON: Science of Cyber Security Needs More Work

JASON: Science of Cyber Security Needs More Work
Secrecy News (12/14/10) Steven Aftergood

The JASON independent scientific advisory panel has produced a report on cybersecurity for the U.S. Department of Defense (DoD) that says a fundamental understanding of the science of cybersecurity is needed to improve the country's security approaches. The advisory says the science of cybersecurity "seems underdeveloped in reporting experimental results, and consequently in the ability to use them." The report notes that the science of cybersecurity is unique in that the background for events is almost completely created by humans and is digital, and there are good actors as well as adversaries who are purposeful and intelligent. The JASON report also addresses the importance of definitions, the need for a standard vocabulary to discuss the subject, and the need to devise experimental protocols for developing a reproducible experimental science of cybersecurity. "At the most abstract level, studying the immune system suggests that cybersecurity solutions will need to be adaptive, incorporating learning algorithms and flexible memory mechanisms," the report says. It also says the DoD should support a network of cybersecurity research centers in universities and elsewhere.

View Full Article