Creating Defenses for the Next Generation of Cyberattacks

Next Generation of Cyberattacks

Capable of wreaking unimaginable havoc on our current computer systems, the next generation of cyber attacks will be stealthier, more sophisticated and incredibly difficult to combat. Bearing this, the U.S. Department of Defense has offered a team of computer scientists from the University of Utah and University of California, Irvine, a $3 million grant. The funds will be directed towards the development of new software and techniques capable of detecting and combating emerging vulnerabilities that are nearly untraceable with our current technology.

In full recognition of our digital age, the U.S. military not only focuses on the current state of national security, but also has its sights set on the horizon and what's coming next. It has considered so-called “algorithmic attacks” as the next major threat to cyber-security and has taken measures to equip the nation against this new kind of hazard. These algorithmic attacks are a growing concept of system infiltration that is quickly being perfected by hackers and hacking organizations. Such attacks target the set of rules or patterns that a computer follows when solving a problem. They have been sophisticated to the point that nation states rely on recruited skilled hackers to thwart such attacks.

The team of computer scientists is working on the creation of an analyzer - software that is capable of performing an audit of computer programs in order to identify algorithmic vulnerabilities in the code. By conducting a mathematical simulation of the software, the analyzer will be able predict what would happen in the event of an attack.

“Right now, the doors to the house are unlocked, so there's no point in getting a ladder and scaling up to an unlocked window on the roof,” says Matt Might, co-leader of the team and associative professor at the University of Utah. “But once all the doors get locked on the ground level, attackers are going to start buying ladders, that's what the next generation of vulnerabilities is all about.”

Conventionally, hackers exploit the mistakes that programmers make when creating a program. These are recognized as software vulnerabilities. For instance, if a hacker wished to gain access to a computer or withdraw information from it, they could issue a specifically crafted programming input which the software may run without validating, this would result in a successful vulnerability exploit.

But algorithmic attacks have no reliance on these sort of normal vulnerabilities. They are are uniquely malicious because they take advantage of how time and space are utilized in a computer algorithm. Such attacks are able to discretely monitor an algorithm, how it runs, or the amount of energy that a computer is processing and use this information gather data is being processed by the computer.

Most cyber attackers, however, don't and simply are not capable of conducting algorithmic attacks due to their intense complexity, extreme costs, and the massive time consumption of such attacks, so the the current use of algorithmic attacks is minimal. But the expanding occurrences and proof-of-concepts have drawn significant attention to these growing exploitation techniques that could, if left unprepared for, prove very chaotic in the near future.

Image: Flicker's Creative Commons

Recommended Posts | Software & Method Engineering

Purpose Of The MSIC

The Purpose Of The MSIC (Maritime Security Identification Card)

The basic idea behind the MSIC is simple. They're issued to people who have undergone a background check for the purposes of entering any Maritime Security Zone, or MSZ. Don't thinking they're access cards, however. They are simply identification to prove that the holder is cleared to enter a MSZ ...
SaaS is a Sound Investment for Business Applications

5 Reasons SaaS is a Sound Investment for Business Applications

SaaS is the next logical phase for most businesses. Rather than installing and maintaining software on company terminal, a business purchases applications over the Internet as a service for employees. Business owners and management are concerned about expenses and turning a profit for shareholders ...
Linux 6

Anounced Latest Version of Linux 6

Red Hat, the world's leading provider of open source solutions, on Tuesday announced the beta release of Red Hat Enterprise Linux 6.6, the latest version of its Red Hat Enterprise Linux 6 (RHEL) platform. RHEL 6.6 Beta is the latest iteration of the RHEL 6 platform which first introduced ...
Software Engineering

Software Engineering: Developmental Problems and Prevention of Failure

Software development methodology also called a software process is a division of work into a few phases for better planning and management of the whole software system. The methodologies include a set of pre-defined tasks and artifacts that are developed by a team that is assigned to the process ...