Read up on the latest ideas and technologies from companies that sell hardware, software and services. Newsletter Subscription
Forget about patches. Researchers at the Florida Institute of Technology are looking for ways to fight hackers by modelling their methods, or “exploits”. The research could eventually lead to new types of security tools capable of stopping attacks that hackers haven’t even invented yet.
The effort is being led by James Whittaker, an associate professor and director of the school’s Centre for Software Engineering Research. Whittaker, a security author and member of Microsoft’s Trustworthy Computing Academic Advisory Board, says hackers have always had the upper hand — and always will — because they can dedicate all of their time to the task of breaking through security systems. “Microsoft, Sun, Cisco — they all have products to ship. They have a day job,” Whittaker says. “Security is only one of the things that they’re thinking of. These hackers, the only thing they do is sit around trying to break stuff.”
To counteract the hackers’ apparent advantage, Whittaker and his team are attempting to create detailed models of both the intent and the semantics of every possible hacker attack. The group has also created a computer language to describe these models. Ideally, Whittaker proposes, this information could be made public, giving software developers in both government and private industry a test bed for creating highly secure software. Security product makers — firewall manufacturers and the like — meanwhile, could build the models into their products as a means of identifying and defending against as-yet unknown assaults.
The group is currently modelling standard types of attacks, but Whittaker says the team will branch out and begin to include behavioural scientists who could help model the psychology of hackers to further refine the models. The US government seems to believe the work will pay off. Florida Tech recently received a $US70,000 grant from the Air Force Research Laboratory to continue the research, and Whittaker says the group has already received more than a million dollars in aid for the project.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Data-center security tools to not overlook 10 October, 2008 11:37:00
With the rise of security suites, it's time to consider some emerging security tools and rethink othersProtecting a corporate data center is like trying to keep an elephant safe from a swarm of flies. Despite your best efforts, bites happen. As the staples of security -- such as firewalls, antivirus software, spam and spyware filters -- come together in suites of products that allow for sophisticated management, there are other security tools either emerging or worth a rethink. - +
IBM, Secret Service, others study identity/cybercrime issues 09 October, 2008 10:09:00
Center for Applied Identity Management Research organization teams experts in criminal justice, financial crime, biometrics, cybercrime and cyberdefense, data protection, homeland security and national defense.IBM, LexisNexis and the Secret Service are among a group of corporations, government agencies and academic institutions that has formed to study and help solve identity management challenges around cybercrime, terrorism and narcotics trafficking. - +
Strange account management at Amazon 09 October, 2008 09:51:00
A careless login led to the discovery of some strange ccount management practices at one of the Internet's largest retailers.Via the RISKS mailing list comes an interesting tale of poor online account management at a major online retailer. According to Graham Bennett, accounts with Amazon display an odd behaviour that doesn't seem to have attracted much attention in the past. - +
Cambridge lab sets quantum key world record 09 October, 2008 07:51:00
Researchers can now shift encryption keys around at speeds of 1Mbps.The hugely promising security technology of Quantum Key Distribution (QKD) has moved an important step closer to commercialization with the announcement by UK-based researchers that they can now shift encryption keys around at speeds of 1Mbps. - +
Palin hacking charge flawed, lawyers say 09 October, 2008 07:28:00
Case considered a misdemeanor offence not a felony.David Kernell is facing five years in prison for allegedly hacking into Alaska Governor Sarah Palin's Yahoo e-mail account, but lawyers watching the case say that the felony charge against him is a bit of a stretch.
F-Secure achieves excellent results in Internet security suite comparison 10 October, 2008 14:37:00
Lock It Up With Maxtor BlackArmour, Hardware Encrypted Storage Provides Government Grade Security For Consumers 10 October, 2008 09:04:00
Pitney Bowes MapInfo Launches New Version of AnySite 10 October, 2008 05:58:00
IOGEAR Gears Up in Australia 09 October, 2008 20:18:00
Internet Service Providers offer new unlimited Online Backup from F-Secure 09 October, 2008 19:42:00
|
||
|
||
|
|
||
|
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
Web 2.0 applications are all the rage, offering us tremendous value when it comes to collaboration and communication. They also open us up to new kinds of attacks however, and can cause problems in keeping systems and data secure. Read on to learn about the new attack methods and how you can defend yourself and your business.
Subscribe to CIO
