CYBER SECURITY PARTNERSHIPS
Dec 17, 2012 (Albuquerque Journal - McClatchy-Tribune Information Services via COMTEX) --
When a rogue nation took over computer controls at multinational coffee company "Schmucks Bucks" this summer to shut it down, computer engineering students counterattacked at Sandia National Laboratories.
Student teams hacked in to turn the brewer back on, in effect, providing fresh cups of coffee all around.
While fun and educational, the training exercise at Sandia's Cyber Engineering Research Institute offered a hands-on simulation for real-world scenarios, albeit for enemy attacks on national infrastructure and industries, said Kevin Nauer, a computer forensics expert at the institute's Research Engineering Cyber Operation and Intelligence Lab.
Sandia's newly created cyber institute, established in 2011, regularly conducts such exercises to encourage computer professionals to work in teams to resolve cyber threats. It's part of the institute's mission to build partnerships with academia and industry to train cyber security specialists and develop new ways to protect online networks.
"We want to get people together in synthetic task environments to develop a foundation of skills where everyone is operating off the same sheet of music," Nauer said. "We bring people into a 'live' environment that pits them against one another in weeklong games. We throw attacks at teams for them to figure out how to respond."
Sharing cyber expertise
The institute allows Sandia to share national laboratory expertise in cyber defense with universities and industry, said Director Rob Leland. That's critical, given the increasing number and sophistication of cyber threats and the range of potential enemies, including adverse nations, terrorist networks, organized crime and individual hackers.
"Our overall goal is to get all three sectors cooperating together," Leland said. "Through outreach, we want to bring our capabilities to bear on problems and issues at the community level."
That reflects a newfound openness at Sandia. "Sandia's responsibility for the cyber security aspects of
program, providing computer security for weapons, goes back decades," said Senior Manager Ben Cook. "But now there's a more general, national need for these capabilities ...We want to connect more effectively (with communities) to create a twoway interchange of people and ideas."
The institute is divided into two divisions. The Cyber Engineering Research Lab, which employs about 100 Sandia specialists at a 25,000-square-foot facility at the Sandia Science and Technology Park in Albuquerque is one. And a Cyber Technology Research Lab in Livermore, Calif., that provides closer communication with industry and academia in the Silicon Valley, is the other.
Improving cyber defenses
Apart from training, the institute conducts extensive research to improve cyber defense capabilities. That includes assessing human strengths and vulnerabilities when working in cyber security, said Chris Forsythe, a psychologist and cognitive science specialist.
"We focus on the human dimension of problems," Forsythe said. "We can put a lot of technical solutions in place, but at the end of the day, there's a human in the loop. We have to arrive at solutions that take into account their issues and problems and how they learn and solve things."
Sandia's cognitive systems group, for example, uses electroencephalography (EEG) sensors to monitor subjects' brain activity in memory and other performance tests in a lab at the institute. That helps to better understand how people learn, which could show ways to improve decision-making and human performance in detecting and resolving problems in cyber security and other areas, Forsythe said.
Other research focuses on data analytics, taking massive amounts of information and extracting things to detect potential problems.
"We need to detect anomalies in network traffic, which means analyzing huge sets of data to determine what's happening at the host and network levels," Cook said. "We want to make computer systems inherently more secure by eliminating vulnerabilities that emerge because of the complexity of systems."
UNM, N.M. Tech involved
Sandia specialists are collaborating on research projects with the University of New Mexico and the New Mexico Institute of Mining and Technology in Socorro.
UNM computer science professor Jared Saia is helping the institute develop technology that could allow private and public entities to share information from data centers without compromising individual privacy or proprietary resources. That could shore up efforts to detect suspicious activities on networks.
In addition, investigative queries often require only certain blocks of data, so UNM and Sandia are developing ways for collaborators to send targeted sets of information, Saia said.
At New Mexico Tech, researchers have worked with Sandia on ways to conduct digital forensics with huge mounds of data.
"We're talking terabytesize data sets," said Lorie Liebrock, former chair of computer science and now dean of graduate studies. "A lot of digital software doesn't work well because it can't process data sets that big."
Both universities have benefitted from training and workshops, which Sandia offers to college and high school students, and to cyber security professionals, to train new generations to work in cyber defense and to strengthen the skills of those already working.
"The institute enables more collaboration with people outside of Sandia," Saia said. "I've been able to attend very good workshops there without the typical rigmarole to get onto the (military) base. It makes it easier for people from all over the U.S. to come and work on these problems together." Boosting defenses
Cyber attacks rise worldwide 6
A lucrative niche
N.M. firms poised to expand 7
___ (c)2012 the Albuquerque Journal (Albuquerque, N.M.) Visit the Albuquerque
Journal (Albuquerque, N.M.) at www.abqjournal.com Distributed by MCT Information
[ Back To TMCnet.com's Homepage ]