Grant Will Provide New Equipment for Security Research

Posted: April 20, 2009 at 1:00 am, Last Updated: November 30, -0001 at 12:00 am

By Jennifer Edgerly

Anyone who uses the Internet regularly is aware of the risk that their computer may become infected with a virus, spyware or other types of malware.

According to IT security provider F-Secure, there was as much malware produced in 2007 as in the previous 20 years altogether. One recent example is the Conficker worm, which “woke up” earlier this month and to date has infected between three million and 12 million computers.

Malware is defined as malicious computer software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet.

“This is a significant problem that we are facing, not only as organizations but also as individuals,” says Sushil Jajodia, director of Mason’s Center for Secure Information Systems (CSIS).

“These attacks are not just happening on Department of Defense (DoD) machines. It’s possible to have a keystroke logger installed on your desktop computer without your knowledge that can steal passwords and confidential information. For organizations like the DoD, the threat is ex-filtration of information.”

Luckily, the ability to understand and prevent these sorts of malicious attacks could be just around the corner. Researchers in CSIS are currently working on a new method to combat malware and recently received some assistance from the federal government.

Led by Jajodia, CSIS researchers Angelos Stavrou, Anup Ghosh and Duminda Wijesekera applied for and were awarded a Defense University Research Instrumentation Program (DURIP) grant in the amount of $150,000.

CSIS researchers will use the DURIP funding to establish a significant laboratory for testing and evaluating attacks. The funding will be added to a second DURIP grant in the amount of $250,000 awarded to Ghosh, Stavrou and Jajodia for their work on large-scale testing of self-healing enterprise computing systems.

The DURIP funding will provide a sizeable network capacity, real-time measurement devices and many workstations and servers to emulate the effects of attacks and malware on a production network.

Administered through the Air Force Office of Scientific Research, the Army Research Office and the Office of Naval Research, the DURIP award is for the acquisition of major equipment to augment current or develop new research capabilities supporting research in the technical areas of interest to the DoD.

Stavrou explains that researchers will collect and analyze malware from the Internet, then, using virtualization, replicate the attacks on a much larger scale, attacking thousands of machines simultaneously and over a long period of time.

“In particular, we will focus on targeted and multistage attacks similar to the kind perpetrated against DoD systems,” says Stavrou.

This novel research direction requires infrastructure capable of analyzing activities and traffic like the one generated by large-scale enterprises and organizations while providing secure access to the Internet.

Write to at