System concept. Great effort, but is it just delaying the inevitable? (via North Carolina State)
While cyber-attacks are nothing new, the type, method of deployment and frequency on which they occur are. The attacks are usually in the form of viruses, worms or Trojan horses that can (and have) cause significant damage to the IT infrastructures of institutions such as corporations, federal and governmental complexes as well as militaries from all over the globe. Combating or instituting methods to prevent these attacks have proven difficult, however a team of researchers from North Carolina State University have developed a new algorithm that can detect cyber-attacks, and once found is capable of isolating the threat on D-NCSs (Distributed Network Control Systems). Essentially the new algorithm detects the treat in a section of the D-NCS network and then isolates the threat in the compartment that has been infected allowing the rest of the network to function normally. Unlike a typical network where a central hub controls the entire system, D-NCSs are compartmentalized with control spread out through the entire network, which makes the algorithm effective.
The team developed the specialized software to run through four phases in detecting and controlling cyber-threats with the first being the Detection Phase in which the threat is found in any given node of the network. The second phase is known as the Mitigation Phase where the infected node becomes segregated from the network and control of the system is given to the nodes neighbors allowing the rest of the network to function normally. The third step, called the Identification Phase, both identifies and isolates the threat to that particular node under attack. This is perhaps the most important phase out of the four as the threat is analyzed in real time, which helps in securing the rest of the network from becoming infected. The last phase is known as the Update Phase, which is self-explanitory, updates the systems identifying process ion preventing further attacks of the same nature.
The newly developed algorithm couldn’t come at a better time as China has once again started its cyber-attacks against certain US companies after a brief lull in operations according to a report from cyber-security company Mandiant. The report states that a Chinese military cyber unit (known as APT1) recently began to attack over 100 companies in an effort to steal trade secrets essential just days after talks on cyber-security between the two nations were concluded a month ago (April 2013). Of course, China denies any and all involvement in the recent attacks and accuses the US of conducting their own operations against their nation. According to Mandiant’s report, the reason the attacks can be traced back to APT1 is that the same software and equipment signatures used in previous attacks have been used again against those certain companies, as they have relatively no defense against them. Perhaps those companies can take advantage of North Carolina State’s new algorithm if they employ a D-NCS network, which could help curb future attacks against them.
C
See more news at: