California Scientists Wage Joint War on Internet Plagues

Sep 21, 2004
No Viruses

Computer scientists at the University of California, San Diego and the International Computer Science Institute, affiliated with UC Berkeley, have joined forces to launch a full-scale assault on viruses, worms and other plagues afflicting the Internet. With $6.2 million in funding over five years from the National Science Foundation (NSF) through its new Cyber Trust program, the scientists will develop technologies to detect, analyze and defend against large-scale Internet attacks.

The Center for Internet Epidemiology and Defenses (CIED) will be co-located in San Diego and Berkeley, CA. It will tackle what has been called a grand challenge problem for computer security researchers: defending against epidemic-style attacks. "The very openness and efficiency that drove the Internet's success also make it an ideal breeding ground for infectious network agents," said Stefan Savage, the center's Project Director and a professor in the Computer Science and Engineering department of UCSD's Jacobs School of Engineering. "Infection is spread via contact and the Internet allows a host infected in one place to rapidly contact any other system on the planet. A new worm can become a massive outbreak in minutes -- or even seconds. In fact, the speed of some Internet pathogens is so great that only fully automated defenses can even hope to keep up. Building such defenses is our ultimate goal."

According to fellow principal investigator Vern Paxson of ICSI, at the core of any effective defense will be a better understanding of the fundamental capabilities, characteristics and limitations of epidemic attacks. "It is easy to build a defense against one particular known virus or worm; this is what we do now," said the senior researcher, who will lead CIED activities at ICSI's Center for Internet Research (ICIR), "But to stop whole classes of these pathogens requires far more insight into what it means to be an epidemic and how infectious behavior stands apart from legitimate use."

CIED is one of two Cyber Trust Centers created today in the inaugural round of funding from the $30 million program created last December by the NSF. They were chosen from among 25 full proposals submitted by leading U.S. research institutions. The second is the Security Through Interaction Modeling (STIM) Center, based at Carnegie Mellon University. STIM will focus on deeper understanding of the Internet's 'ecology' in order to build better security defenses. "The Cyber Trust program promotes research into more dependable, accountable and secure computer and network systems," said Carl Landwehr, NSF program director for Cyber Trust. "These activities are looking not only for new ways to cope with imperfections in today's systems, but also for the knowledge and techniques to build better systems in the future."

In addition to the NSF's funding, CIED will also receive support from Microsoft, Intel and Hewlett-Packard, as well as from UCSD's Center for Networked Systems, a recently-created $10 million research center funded by AT&T, Alcatel, Hewlett-Packard and QUALCOMM. Co-principal investigators on the project include ICSI researcher Nicholas Weaver, and professors Geoffrey M. Voelker and George Varghese from UCSD's Computer Science and Engineering department. The center will also fund research activities at the San Diego Supercomputer Center (SDSC) and the Cooperative Association for Internet Data Analysis (CAIDA), and will collaborate with the California Institute for Telecommunications and Information Technology [Cal-(IT)2].

CIED's research efforts revolve around measuring and analyzing live Internet epidemics and then using the insights gained to develop ever more robust defense mechanisms. To gain visibility into pathogens propagating across the global Internet, CIED members say a top priority for the center's first year will be the construction of large-scale monitoring instruments - 'network telescopes' and 'network honeyfarms' - to provide early warning of incipient outbreaks, to measure the dynamics of epidemics as they spread, and to collect forensic data about the modes and methods of attackers.

To provide statistically meaningful data on short time-scales, CIED plans to push this distributed monitoring effort to unprecedented scales by monitoring attacks across millions of potential Internet systems at once. From this data, center researchers plan to craft practical solutions to counteract new outbreaks on the Internet before they reach pandemic levels. Among these initial defenses, the center will develop algorithms for automatically deriving signatures of new worms and viruses, as well as mechanisms to detect and suppress infectious communication behaviors. Researchers will also address real-world legal issues -- including privacy, insurance exposure to large-scale Internet outbreaks, and the treatment of forensic evidence -- that arise from CIED's plan for distributed data collection, filtering, analysis, suppression and prototype defense mechanisms.

In addition to its core research mission, CIED will initiate significant efforts in education and workforce development and will coordinate with ongoing outreach activities on both campuses. The center's researchers will incorporate their results into undergraduate and graduate courses and curricula, and will present their research annually at a center-organized outreach workshop.

Source: University of California - San Diego

Explore further: Microsoft beefs up security protection in Windows 10

add to favorites email to friend print save as pdf

Related Stories

Recommended for you

Microsoft beefs up security protection in Windows 10

11 hours ago

What Microsoft users in business care deeply about—-a system architecture that supports efforts to get their work done efficiently; a work-centric menu to quickly access projects rather than weather readings ...

US official: Auto safety agency under review

Oct 24, 2014

Transportation officials are reviewing the "safety culture" of the U.S. agency that oversees auto recalls, a senior Obama administration official said Friday. The National Highway Traffic Safety Administration has been criticized ...

Out-of-patience investors sell off Amazon

Oct 24, 2014

Amazon has long acted like an ideal customer on its own website: a freewheeling big spender with no worries about balancing a checkbook. Investors confident in founder and CEO Jeff Bezos' invest-and-expand ...

Ebola.com domain sold for big payout

Oct 24, 2014

The owners of the website Ebola.com have scored a big payday with the outbreak of the epidemic, selling the domain for more than $200,000 in cash and stock.

Hacker gets prison for cyberattack stealing $9.4M

Oct 24, 2014

An Estonian man who pleaded guilty to orchestrating a 2008 cyberattack on a credit card processing company that enabled hackers to steal $9.4 million has been sentenced to 11 years in prison by a federal judge in Atlanta.

Magic Leap moves beyond older lines of VR

Oct 24, 2014

Two messages from Magic Leap: Most of us know that a world with dragons and unicorns, elves and fairies is just a better world. The other message: Technology can be mindboggingly awesome. When the two ...

User comments : 0