Researchers create software to counter network attacksMarch 18th, 2008 - 4:47 pm ICT by admin
Washington, March 18 (IANS) An Indian American-led team has developed new software that can reduce the impact of cyber attacks on an organisation’s networks. Currently, network administrators rely on labour-intensive processes for tracking vulnerabilities in organisational networks - processes that not only require huge expertise but are also error prone, said software expert Sushil Jajodia, who led the team.
Jajodia, who is with the George Mason University’s Centre for Secure Information Systems (CSIS), said his team has simplified the process by identifying the possible vulnerability paths in a network, said a university release.
By their very nature, networks are interdependent and each machine’s overall susceptibility to attack depends on vulnerabilities of the other machines in the network.
Attackers can take advantage of such vulnerabilities in unexpected ways, allowing them to incrementally penetrate a network and compromise critical systems.
The software developed by Jajodia’s team at Mason - called Cauldron - allows for the transformation of raw security data into roadmaps that allow users to proactively prepare for attacks, manage vulnerability risks and be aware of the situation.
“One example of this software in use is at the Federal Aviation Administration (FAA). They recently installed Cauldron in their Cyber Security Incident Response Centre and it is helping them prioritise security problems, reveal unseen attack paths and protect large numbers of attack paths,” Jajodia said.
“While currently used by FAA and the military community, the software is applicable in almost any industry or organisation with a network and resources they want to keep protected, such as banking or education.”
Tags: attackers, critical systems, cyber attacks, cyber security, federal aviation administration, george mason university, intensive processes, large numbers, led team, military community, network administrators, new software, response centre, roadmaps, secure information systems, security data, security incident response, security problems, software expert, vulnerabilities