The increasing sophistication and incessant morphing of cyber-attacks lend importance to the concept of intrusion tolerance: a system must fend off, or at least limit, the damage caused by unknown and/or undetected attacks.
“The problem is that no matter how much investment is made in intrusion prevention and detection, intruders will still manage to break through and trespass on computer servers,” says Sood. “By looking at this problem from a different angle, we developed a way to contain the losses that may occur because of an intrusion.”
Sood, who is the director of the Laboratory of Interdisciplinary Computer Science at Mason, along with Yin Huang, senior research scientist in the Center for Secure Information Systems at Mason, created the Self Cleansing Intrusion Tolerance (SCIT) technology to provide an additional layer of defense to security architecture with firewalls and intrusion prevention and detection systems. While typical approaches to computer security are reactive and require prior knowledge of all attack modalities and software vulnerabilities, intrusion tolerance is a proactive approach to security.
In the SCIT approach, a server that has been online is assumed to have been compromised. SCIT servers are focused on limiting the losses that can occur because of an external intrusion, and achieve this goal by limiting the exposure time of the server to the Internet. Exposure time is defined as the duration of time that a server is continuously connected to the Internet. Through the use of virtualization technology, duplicate servers are created and an online server is periodically cleansed and restored to a known clean state, regardless of whether an intrusion has been detected. These regular cleansings take place in sub-minute intervals.
“This approach of regular cleansings, when coupled with existing intrusion prevention and detection systems, leads to increased overall security,” says Sood. “We know that intrusion detection systems can detect sudden increases in data throughput from a server, so to avoid detection, hackers steal data at low rates. SCIT interrupts the flow of data regularly and automatically, and the data ex-filtration process is interrupted every cleansing cycle. Thus, SCIT, in partnership with intrusion detection systems, limits the volume of data that can be stolen.”
By reducing exposure time, SCIT provides an additional level of protection while efforts are ongoing to find and fix vulnerabilities and correct configuration errors.
SCIT was funded by the Center for Innovative Technology (in partnership with Northrop Grumman), Lockheed Martin, National Institute of Standards and Technology through the Critical Infrastructure Protection Program, Sun Microsystems and the U.S. Army’s Telemedicine and Technology Research Center. Four patents are pending on the SCIT technology.
About The Volgenau School of Information Technology and Engineering
Since its founding, The Volgenau School of Information Technology and Engineering has enjoyed more than 20 years of significant accomplishments, including being the first in the nation to establish a PhD program in information technology and becoming a nationally recognized leader in several important research areas. The school’s award-winning faculty, along with its relationship with the Washington, D.C., metro area technology industry, is fundamental to its success. Through partnerships with a wide range of companies and individuals, the Volgenau School is always working to identify next-generation technology and how it can meet the needs of industry and better serve the community, the region and the nation.
About George Mason University
George Mason University, located in the heart of Northern Virginia’s technology corridor near Washington, D.C., is an innovative, entrepreneurial institution with national distinction in a range of academic fields. With strong undergraduate and graduate degree programs in engineering, information technology, biotechnology and health care, Mason prepares its students to succeed in the work force and meet the needs of the region and the world. Mason professors conduct groundbreaking research in areas such as cancer, climate change, information technology and the biosciences, and Mason’s Center for the Arts brings world-renowned artists, musicians and actors to its stage. Its School of Law is recognized by U.S. News & World Report as one of the top 40 law schools in the United States.
Jennifer Edgerly | EurekAlert!
Researchers build transistor-like gate for quantum information processing -- with qudits
17.07.2019 | Purdue University
New DFG Research Group "Metrology for THz Communications"
17.07.2019 | Technische Universität Braunschweig
Adjusting the thermal conductivity of materials is one of the challenges nanoscience is currently facing. Together with colleagues from the Netherlands and Spain, researchers from the University of Basel have shown that the atomic vibrations that determine heat generation in nanowires can be controlled through the arrangement of atoms alone. The scientists will publish the results shortly in the journal Nano Letters.
In the electronics and computer industry, components are becoming ever smaller and more powerful. However, there are problems with the heat generation. It is...
Scientists have visualised the electronic structure in a microelectronic device for the first time, opening up opportunities for finely-tuned high performance electronic devices.
Physicists from the University of Warwick and the University of Washington have developed a technique to measure the energy and momentum of electrons in...
Scientists at the University Würzburg and University Hospital of Würzburg found that megakaryocytes act as “bouncers” and thus modulate bone marrow niche properties and cell migration dynamics. The study was published in July in the Journal “Haematologica”.
Hematopoiesis is the process of forming blood cells, which occurs predominantly in the bone marrow. The bone marrow produces all types of blood cells: red...
For some phenomena in quantum many-body physics several competing theories exist. But which of them describes a quantum phenomenon best? A team of researchers from the Technical University of Munich (TUM) and Harvard University in the United States has now successfully deployed artificial neural networks for image analysis of quantum systems.
Is that a dog or a cat? Such a classification is a prime example of machine learning: artificial neural networks can be trained to analyze images by looking...
An international research group led by scientists from the University of Bayreuth has produced a previously unknown material: Rhenium nitride pernitride. Thanks to combining properties that were previously considered incompatible, it looks set to become highly attractive for technological applications. Indeed, it is a super-hard metallic conductor that can withstand extremely high pressures like a diamond. A process now developed in Bayreuth opens up the possibility of producing rhenium nitride pernitride and other technologically interesting materials in sufficiently large quantity for their properties characterisation. The new findings are presented in "Nature Communications".
The possibility of finding a compound that was metallically conductive, super-hard, and ultra-incompressible was long considered unlikely in science. It was...
24.06.2019 | Event News
29.04.2019 | Event News
17.04.2019 | Event News
19.07.2019 | Physics and Astronomy
19.07.2019 | Physics and Astronomy
19.07.2019 | Earth Sciences