 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Special Features:
DETER TESTBED WILL IMPROVE
DEFENSES AGAINST WEB ATTACKS
A three-year, $5.46 million grant from the National Science Foundation will
establish a testbed to evaluate and improve defenses against Web-spread
computer worms, viruses and denial-of-service attacks, as part of a
two-pronged $10.8 million NSF anti-cybercrime initiative.
The University of California-Berkeley and the University of Southern
California's Information Sciences Institute (ISI) will partner in the project,
called the cyber DEfense Technology Experimental Research network, or
DETER.
"With so much of the nation and the world's business now dependent on the
Internet," said ISI's Terry Benzel, a nationally recognized expert on
cybersecurity who is a DETER co-principal investigator, "we are no longer
talking about nuisance pranks and vandalism, but potential losses in the
billions of dollars. We need better tools to protect ourselves."
DETER will be a facility where such tools can be tested and perfected. The
project's architects will use sophisticated methods to create a closed,
isolated network that can credibly represent the makeup and operation of the
entire Internet, from routers and hubs to end users' computer desktops.
The DETER testbed will consist of approximately 1,000 computers with
multiple
network interface cards, located off the actual Internet. Three permanent
hardware clusters, or nodes, at UC-Berkeley and at ISI's Southern California
and Virginia facilities, will serve as the core of the system.
This isolated mini-Internet will serve as a shared laboratory where
researchers from government, industry and academia can test existing and new
security technology, using a wide variety of attack techniques.
Arena Architecture: Mini-Internet For Cybercrime Fighters To Test
Weapons
It will also serve as an educational resource where specialists can be
trained
in network security, according to B. Clifford Neuman, director of the USC
Center for Computer Systems Security, and a co-PI on the project. Both USC and
UC-Berkeley plan to use the facility in existing and projected classes.
The project will proceed in parallel with a sister project called
Evaluation
Methods for Internet Security Technology, or EMIST, budgeted at $5.34 million,
that will develop testing and evaluation methodologies to be used in the
facility. NSF is collaborating with the U.S. Department of Homeland Security
on funding both projects.
"Now, proposed defenses against viruses and worms can only be tested in a
few
limited-scale private research facilities or through computer simulations that
don't adequately represent the way the Internet works," said Professor Shankar
Sastry, chair of the UC-Berkeley department of electrical engineering and
computer sciences and principal investigator on the project. "This project
will develop traffic models and architectures that are scaled down, but still
representative enough that people can have confidence that what works here
will work on the Web."
"Much good security research from the past 10 years hasn't made its way to
commercial products," added Benzel, assistant director for special projects at
ISI. "One reason for this is lack of sufficient evidence of the benefits and
tradeoffs these new technologies bring. DETER will help bridge this gap."
In 2001, Benzel testified before Congress regarding the nation's
information
infrastructure's vulnerability to cyber attacks.
The ambitious project comes at a time when attacks on the Internet have
become
more sophisticated, frequent, and destructive. The Slammer/Sapphire worm broke
speed records in January 2003 by infecting more than 75,000 hosts around the
world within 10 minutes, causing ATM failures and network outages and
disrupting airline flight schedules.
An analysis of denial-of-service attacks by the San Diego Supercomputer
Center
(SDSC) at UC-San Diego revealed that more than 12,000 attacks against 5,000
distinct targets, ranging from high-profile e-commerce sites to small foreign
Internet service providers, had occurred in a three- week period in 2001. A
follow-up 2003 SDSC study found that in the two years since 2001, the rate of
such attacks has increased tenfold.
"These attacks clearly illustrate the need for better defense systems,"
said
Ruzena Bajcsy, director of the UC based Center for Information Technology
Research in the Interest of Society (CITRIS) and a co-PI on the DETER
project.
CITRIS researchers at UC-Davis will be partnering with Purdue University,
Pennsylvania State University and the International Computer Science Institute
in Berkeley in the parallel EMIST effort to create new testing tools.
"Science has an essential role in protecting the country's digital and
physical infrastructure," said Mari Maeda, acting division director for
Advanced Networking Infrastructure and Research at NSF. "Projects such as
these demonstrate how NSF contributes both to cutting-edge research and the
nation's security."
|