MIT Cybersecurity System Can Keep Servers Functioning Even During Attack
The latest in cyber security
more>>
You are here: Home / Gadgets & Gear / Computers / MIT Cybersecurity System Can Keep Servers Functioning Even During Attack

MIT Cybersecurity System Can Keep Servers Functioning Even During Attack

Published on Monday, April 12th, 2010 at 6:00 am

One of the major problems with current cybersecurity measures is that while systems can detect the erratic behavior that heralds an incoming attack, there often isn’t a whole lot those systems can do once the attack is underway short of pulling the servers offline, resulting in lost revenues and credibility for Web sites and a loss of key services for users. A new MIT system aims to change that by keeping servers and applications running even as it contains an incoming cyberattack.

The system works by observing programs as they normally run and memorizing those ranges of behavior. During an attack, the system simply locks the programs within those behavioural ranges; that is, if a program usually stores data at either location X or location Y, those are the only two places it will be allowed to store data once the security system detects that an attack is underway.

If a malicious program tries to trick the program into storing info at location Z, the security system won’t let the program deviate from its usual behavior. But it does keep the program up and running even as the attack unfolds.

The tactic is something like a strike/counter-strike battle plan, and as such there are casualties. For instance, once a program is limited to locations X and Y it may begin to store data there that doesn’t belong, which in turn could cause a server crash. But the security system learns as it goes, narrowing the space that the malicious program has to maneuver while figuring out what countermeasures are most effective. So a site that has dozens of servers will lose a few during the opening salvo of the attack, but in doing so the security system learns the enemy’s M.O. and engineers a fix for the remaining servers, sometimes in a matter of seconds.

Funded by DARPA, the MIT initiative has twice hired outside security firms to attack the system. Both times a few programs went down within the system, but overall it performed above and beyond the benchmarks set by DARPA and MIT. In the second test, it kept nine of every 10 programs running for the duration of the attack. Viewed through the complex fog of cyberwar, a 90% success rate is nothing to scoff at.

[MIT News]

Popular Science has been a leading source of science, technology and gadget news since 1872. With up-to-the minute latest space news, insightful commentary on the new innovations and concept cars ...if it's new or future technology you'll find it at popsci.com.au.

This entry was posted on Monday, April 12th, 2010 at 6:00 am and is filed under Computers, Features, Technology. You can follow any responses to this entry through the RSS 2.0 feed.

Related Articles

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

A WW Media Online Publication.
All rights reserved. Reproduction in whole or in part without permission is prohibited.
Address: Suite 102, 19a Boundary Street, RUSHCUTTERS BAY NSW 2011 Australia
V: +61 2 9332 1493 - F: +61 2 9332 1521


SEO & Web Design managed by IIWorks