August
2002
Info-Tech Industry Targets Diverse Threats
Fears of network vulnerability fuel market for improved
security systems
by Elizabeth Book
Compliments
of National Defense Magazine
Emerging
technologies in the communications and electronics sector
should be exploited to fight the war on terrorism, said
U.S. officials.
We
need to use all instruments of national power, said
Air Force Gen. Richard B. Myers, chairman of the Joint Chiefs
of Staff. At a conference of the Armed Forces Communications
and Electronics Association, Myers explained that as the
United States means of acquiring information increases,
so does its intelligence.
We
hear from some law enforcement official in London, who has
seen something, or someone makes an arrest in Morocco. Pretty
soon you start to piece this together and connect the dots,
and you can take action against financial networks, against
the leadership, or take actions to disrupt the weapons flow,
he said. Myers explained that it is currently an arduous
process to put it all together, but with new
capabilities and technologies, we can make the cycle
go much faster, he said.
If
you think its true that this is the most important
thing those of us in uniform have ever done
then
we also have got to expect to make some sacrifices, and work harder to thwart another attack, he said.
Shoring
up technology in the areas of fiber optics, computer programs,
biometrics and network-centric warfare improvements, companies
are working to market new products to the Defense Department
and U.S. allies.
News
reports about al Qaedas attempts to launch cyber-attacks
are likely to spur business opportunities for the network-security
industry. Opterna, a Quakertown, Pa.-based company that
manufactures fiber optic network equipment, has developed
a new technology that can prevent an intrusion based on
the hackers attempt to log onto the network from the
fiber optic line, before the intruder even reaches the network.
Opternas Fiber Sentinel system uses artificial intelligence
and optical digital signature recognition to monitor fiber
connections, and can detect and deal with intrusions, said
Michael Cohen, vice president of Global Marketing for Opterna.
We
have seen a tremendous upsurge in interest among government
and military customers for a system that can eliminate their
fiber optic network vulnerabilities, said Bret Matz,
Opternas president.
After
detecting the intrusion, Fiber Sentinel denies access to
the intruder, simultaneously re-routes legitimate traffic
to a backup fiber path and then notifies the network operator
of the intrusion. The system, which has no known competitor,
provides continuous, real-time monitoring of the network
connections without any disruption of the data stream, said
Cohen. Fiber Sentinel identifies such intrusions as Trojan
Horses, worms, denial-of-service attacks and other hacking
attempts, he said. The system shuts down the hackers
path in milliseconds.
The
company recently completed a proof-of-concept study for
the Fiber Sentinel system, and has had favorable reviews
from the military users, Cohen said. Our target markets
are embassies, financial services communities, air traffic
controllers, the Defense Department, Border Patrol and the
White House Communication Agency. Other potential
customers are companies concerned about industrial espionage,
he said.
Denial-of-Service Attacks
Denial-of-service
attacks on computer networks can result in a complete network
shutdown, which can cost companies a lot of money and time. In the national defense business, youve got
people in the battlefield, said Ted Julian, chief
strategist and co-founder of Arbor Networks, a two-year-old
small business based in Lexington, Mass.
A
few minutes of them having no information is completely
unacceptable. Its literally a life or death scenario, he said.
Arbor
Networks is commercializing a program whose underlying technology
was developed at the University of Michigan, with funding
from the Defense Advanced Research Projects Agency. The
companys flagship product, Peakflow, helps detect,
trace and filter denial of service attacks. Usually, once
a denial-of-service attack occurs, network operators need
to be on hand to get the system back up.
Denial-of-service
attacks are not difficult to detect. If theres
one thing nice about a denial of service attack, its
that its not subtle, its like a freight train
crashing through your network, said Julian.
Peakflow
proactively monitors for distributed threats within the
network, and responds with focused, rapid resolution of
attacks. Network engineers can direct the program to shut
down attack traffic, without blocking legitimate traffic,
said David Olverson, an Arbor Networks senior product engineer.
Given
the dynamic nature of denial-of-service attacks, we sought
an anomaly-based solution that would enable us to proactively
detect and respond to both known and previously unseen threats,
said Girish Pathak, vice president and chief technology
officer for a Canadian communications company called Telus.
Telus chose Peakflow for its scalable, non-intrusive
architecture, he said.
Julian
explained that its easy to launch a denial of service
attack.
There
are thousands of sites on the net that have point and click
tools to teach you how to launch a denial of service attack.
The level of sophistication required to launch these is
minimal, he said. Peakflow filters information
closer to the source. It automates detection, tracing and
filtering so that it goes from taking a day or so to a minute
or two.
Anti-virus
systems are usually signature-based, Julian said. Programs
usually look for signatures to defend against attacks. Peakflow
uses algorithms to flag when things arent normal and
to tell you exactly how theyre not normal, he
said.
One
other technology that is gaining attention in the security
business is biometrics.
Biometrics
technologies are based on the notion that measurable physical
characteristics or personal behavior traits can be used
to recognize the identity or verify the claimed identity
of an individual. Examples include speaker verification,
iris scans, fingerprints, hand geometry and facial recognition.
In
2000, the Defense Department designated the Army as the
executive agent for developing and implementing biometrics
technology. The Biometrics Management Office currently is
testing technologies for potential adoption.
Firms
such as Biodentity, based in Ottawa, Canada, are in the
process of developing facial-recognition software. It recently
secured a $7 million deal with Germany to install a face-recognition
security system. The Defense Department Biometrics Management
Office has yet to purchase any systems, but is evaluating
new technologies at the Biometrics Fusion Center, based
in Bridgeport, W. Va.
The
BMO is directed by Congress to lead, consolidate and coordinate
the development, adoption and institutionalization of biometric
technologies throughout DOD, said Linda Dean, director
of the Armys C4 Enabling Technologies Directorate.
Network-Centric Warfare
Protecting
information is a top priority for military agencies and
units in the field, officials said. We are beginning
to connect data in ways we couldnt do before, said Air Force Maj. Gen. Charlie Croom, vice director for
C4I systems on the Joint Staff.
The
soldier fighting in the mud is a sensor, and there is information
that he sees that others need to know, Croom said. With
network-centric warfare, we think like a street gang, swarm
like a soccer team, and communicate like a Wal-Mart.
We
are enabling our war fighter through actionable information,
tying together logistics, intelligence and C4ISR, said Army
Maj. Gen. Steve Boutelle, director of information operations,
networks and space at Army headquarters. We need to
marry up ground-based terrestrial infrastructure with air-breathers,
to only give the warfighter information that is actionable, he said.
Security
remains a problem, even when dealing with allies, said Rick
Rosenberg, program executive for the Navy-Marine Corps Intranet. We dont yet have the technology to fully connect
an ally and still protect our secrets. We fight wars with
our allies; obviously, wed like to see them on our
networks. But there is some information on our networks
that we dont want them to see. So we do it through
a family of guarding solutions, he said.
|