SPRING 2017
George Mason University Department of Computer Science
Reconnaissance, weapon-ization, and payloads are not terms often associated with computer programs. They are the vocabulary of conflict and military engagements. But it is appropriate when considering how to counter the actions of state-sponsored cybersecurity attacks, rogue cyber terrorists, and organized crime. The growing sophistication of cyber attacks and the ease of hackers to plumb the depths of seemingly secure systems, is a threat to national security, financial institutions, commerce, and infrastructure
Mason CS researchers, Angelos Stavrou, Dan Fleck, and Constantinos Kolias are fighting back against one of the most common cyber attacks, the distributed denial-of-service, DDOS attack. This happens when a bad actor attempts to disrupt a server to either slow it down or render it useless by overloading the server with bogus requests.
The team’s solution is to shuffle the servers and through their MOTAG tool, identify and segregate the attackers. “Legitimate users are minimally affected,” says Angelos Stavrou, the project’s PI, “and the bad actors don’t realize what is happening either. We don’t block them from the server as that would show our hand.” Part of the project is to then determine a way to trace the attackers on the segregated server.
The project, called SR2, which stands for Shuffle, Redirect, Replicate, is meant to work on cloud-based systems where there is large server capacity.
Think Amazon web services. Amazon is also a partner in the project and the team will be testing the tool in the Amazon cloud. Stavrou says, “The cloud has an elasticity of resources and can expand and contract making this type of counter attack affordable and easy.”
The main funder of this project is DARPA, the agency awarded the team, which also includes researchers from Columbia University, Penn State, and BAE Systems, a four million-dollar grant. The project is now in its second eighteen-month period. The agency is interested in defenses for its federal cloud services.
This type of research has broad government and private benefit. Stavrou explained the idea and initial research for this tool came from one of his students, Quan Jia, who has since graduated from Mason. They were able to turn it into a working research project. Having transition partners to support these ideas is essential. The federal government helps with the costs associated with the time intensive research. Partners such as Amazon, however, are key because they help develop these tools into viable commercial applications. The project can move from an academic or government specific solution to a wider audience. This could be a tool that Amazon offers to its customers, an affordable solution to a growing problem.