Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Threat Intelligence System Helps Share Malware Data

25.05.2012
As malware threats expand into new domains and increasingly focus on industrial espionage, Georgia Tech researchers are launching a new weapon to help battle the threats: a malware intelligence system that will help corporate and government security officials share information about the attacks they are fighting.

Known as Titan, the system will be at the center of a security community that will help create safety in numbers as companies large and small add their threat data to a knowledge base that will be shared with all participants. Operated by security specialists at the Georgia Tech Research Institute (GTRI), the system builds on a threat analysis foundation – including a malware repository that analyzes and classifies an average of 100,000 pieces of malicious code each day.

“As a university, Georgia Tech is uniquely positioned to take this white hat role in between industry and government,” said Andrew Howard, a GTRI research scientist who is part of the Titan project. “We want to bring communities together to break down the walls between industry and government to provide a trusted, sharing platform.”

Members contributing information will do so anonymously so other members won’t know which specific organizations have been attacked. GTRI will independently verify information provided to Titan and carefully vet the members of the community before they are allowed to participate.

“People tend to think that if an organization gets hit, it was because they had poor security measures,” said Christopher Smoak, a GTRI research scientist who heads up the Titan project. “That’s not necessarily true, because a variety of factors contribute to intrusions. But until we get to the point that there’s no longer a stigma attached to having an infiltration, people are going to want anonymity to participate.”

In addition to receiving information about attacks and responses at other organizations, members will receive quick reports on malware samples they submit. Based on what they have learned from the malware repository and by reverse-engineering malicious code, GTRI researchers will be able to provide information on the potential harm from an attack, the likely source, the best remedy for it and the risks to the organization.

“We hope to provide information about the trends that organizations can expect to see, and help them prioritize what they should do to address the risks,” said Howard. “We have a significant system behind the scenes to facilitate the exchange of information.”

Titan will be especially valuable to smaller organizations that lack the resources to operate their own security evaluation labs, though all members will benefit from sharing information. GTRI information security researchers collaborate with the Georgia Tech Information Security Center (GTISC), which expands the depth of knowledge.

“GTRI will maintain the shared resources that companies can use to help solve their own problems,” Smoak noted. “We’ll have many organizations contributing to this community, and everyone getting information out; it will really benefit everyone.”

Companies today have two primary concerns about malicious software, Howard said. The first is for the loss of intellectual property, such as plans for a new product or bidding documents for a major project. The second is a compromise of the web infrastructure that many companies rely on to do business.

Titan will also help companies educate their computer users about such risks as spear-phishing, which uses email that appears to be from a trusted colleague or friend to trick users into taking a risky action, such a opening an infected attachment. The system will alert companies to the newest threat trends so they can warn their users, and identify the IP addresses that malicious software is communicating with.

“Spear-phishing is very difficult to defend against, because all it takes is one person clicking on something that lets malware into the network,” Smoak said. “It’s difficult to train a large workforce with varying skill sets to identify the very small nuances that indicate these emails are malicious.”

GTRI has been analyzing the malware attacking Windows-based computers for years. Now the analysts are seeing an increase in malicious code designed for Android-based devices – and for Macintosh computers, which previously hadn’t been high-priority targets.

“We see Android malware in its infancy right now,” said Smoak. “We see what it is doing and how it is working, and we can draw parallels to what we saw earlier with the Windows-based malware. We can probably expect to see the Android and Mac malware follow a similar path.”

The danger may be especially great for the users of computer systems that previously had not worried much about malware.

“For Macintosh systems, the threats are starting to get scarier,” Howard said. “When more malware authors shift their focus to this platform, a lot of people who thought they were safe by not using the Windows OS will be caught off-guard.”

Titan now includes half a dozen Fortune 500 members, along with other government and nonprofit organizations. Smoak and Howard have been getting feedback from those members as they’ve built the system, which will be formally launched in a few months.

“We are looking for additional industry partners to help us use the tool and help refine the system,” said Howard. “We believe that members of this community will come together to help each other strengthen defenses.”

A determined hacker will probably succeed in compromising most corporate computer networks, but the researchers believe Titan can help companies make that as difficult as possible.

“You may not be able to completely prevent an attack, but you can have a higher wall and stronger defense,” Howard said. “Hackers tend to go after the low-hanging fruit, so they will attack the companies that are the easiest to attack. We believe that our community can help all the members strengthen their defenses.”

Research News & Publications Office
Georgia Institute of Technology
75 Fifth Street, N.W., Suite 314
Atlanta, Georgia 30308 USA
Media Relations Contacts: John Toon (404-894-6986)(jtoon@gatech.edu) or Abby Robinson (404-385-3364)(abby@innovate.gatech.edu) or Kirk Englehardt (404-894-6015)(kirk.englehardt@comm.gatech.edu).

Writer: John Toon

John Toon | Newswise Science News
Further information:
http://www.gatech.edu

Further reports about: Android-SDK GTRI Intelligence Macintosh Malware Titan Arum computer network

More articles from Information Technology:

nachricht Five developments for improved data exploitation
19.04.2017 | Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI

nachricht Smart Manual Workstations Deliver More Flexible Production
04.04.2017 | Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Deep inside Galaxy M87

The nearby, giant radio galaxy M87 hosts a supermassive black hole (BH) and is well-known for its bright jet dominating the spectrum over ten orders of magnitude in frequency. Due to its proximity, jet prominence, and the large black hole mass, M87 is the best laboratory for investigating the formation, acceleration, and collimation of relativistic jets. A research team led by Silke Britzen from the Max Planck Institute for Radio Astronomy in Bonn, Germany, has found strong indication for turbulent processes connecting the accretion disk and the jet of that galaxy providing insights into the longstanding problem of the origin of astrophysical jets.

Supermassive black holes form some of the most enigmatic phenomena in astrophysics. Their enormous energy output is supposed to be generated by the...

Im Focus: A Quantum Low Pass for Photons

Physicists in Garching observe novel quantum effect that limits the number of emitted photons.

The probability to find a certain number of photons inside a laser pulse usually corresponds to a classical distribution of independent events, the so-called...

Im Focus: Microprocessors based on a layer of just three atoms

Microprocessors based on atomically thin materials hold the promise of the evolution of traditional processors as well as new applications in the field of flexible electronics. Now, a TU Wien research team led by Thomas Müller has made a breakthrough in this field as part of an ongoing research project.

Two-dimensional materials, or 2D materials for short, are extremely versatile, although – or often more precisely because – they are made up of just one or a...

Im Focus: Quantum-physical Model System

Computer-assisted methods aid Heidelberg physicists in reproducing experiment with ultracold atoms

Two researchers at Heidelberg University have developed a model system that enables a better understanding of the processes in a quantum-physical experiment...

Im Focus: Glacier bacteria’s contribution to carbon cycling

Glaciers might seem rather inhospitable environments. However, they are home to a diverse and vibrant microbial community. It’s becoming increasingly clear that they play a bigger role in the carbon cycle than previously thought.

A new study, now published in the journal Nature Geoscience, shows how microbial communities in melting glaciers contribute to the Earth’s carbon cycle, a...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Expert meeting “Health Business Connect” will connect international medical technology companies

20.04.2017 | Event News

Wenn der Computer das Gehirn austrickst

18.04.2017 | Event News

7th International Conference on Crystalline Silicon Photovoltaics in Freiburg on April 3-5, 2017

03.04.2017 | Event News

 
Latest News

New quantum liquid crystals may play role in future of computers

21.04.2017 | Physics and Astronomy

A promising target for kidney fibrosis

21.04.2017 | Health and Medicine

Light rays from a supernova bent by the curvature of space-time around a galaxy

21.04.2017 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>