Back to Table of contents

Primeur weekly 2019-04-29

Quantum computing

Leading universities partner with IBM to accelerate joint research and drive educational opportunities in quantum computing ...

Canada's Strategic Innovation Fund invests CAN$7,2 million in ISARA ...

Extremely accurate measurements of atom states for quantum computing ...

Building a Printing Press for New Quantum Materials ...

New robust device may scale up quantum tech, according to researchers ...

Nanocomponent is a quantum leap for Danish physicists ...

Munich quantum distillery for light ...

Focus on Europe

PRACE issues Annual Report 2018 in a new style ...

Middleware

Sylabs announces general availability of SingularityPRO 3.1 ...

Hardware

Calcul Québec inaugurates a cutting-edge supercomputer to boost research performance ...

Xilinx to acquire Solarflare ...

New Supermicro scale-up in-memory computing platforms now shipping in volume ...

Largest, fastest array of microscopic 'traffic cops' for optical communications ...

Applications

Scientists create first billion-atom biomolecular simulation ...

UC San Diego's HPWREN Workshop attracts first responders, scientists and educators ...

Illinois researchers sweeten "honeypot" to catch, blacklist hackers ...

Four Ph.D. students selected as Blue Waters Graduate Fellows ...

ALCF Data Science Programme seeks proposals for data and learning projects ...

A new PIC simulation tool brings advanced scalability to ultra-high-intensity physics simulations ...

Upgraded science trailer teaches students about supercomputing ...

OLCF scientist talks early Summit results at APS Meeting ...

The Cloud

Archanan announces beta launch of the Archanan Development Cloud, a Cloud-based developer platform for building and testing code at scale ...

Inspur and Nutanix partner for Inspur HCI all-in-one system inMerge1000 ...

Illinois researchers sweeten "honeypot" to catch, blacklist hackers


Phuong M. Cao, Coordinated Science Laboratory student
23 Apr 2019 Urbana-Champaign - "The supreme art of war is to subdue the enemy without fighting", according to Sun Tzu. This quote inspired Coordinated Science Laboratory (CSL) student Phuong M. Cao and a team from the National Center for Supercomputing Applications (NCSA) to conduct research to understand how programmes were being attacked. A paper about that research was accepted by the prestigious USENIX Symposium on Networked Systems Design and Implementation (NSDI).

In order to protect a system from an attack, the defender must know what it's protecting against. By planting "honeypots", the researchers were able to attract hackers by setting up phony machines on a large IP space to mimic more than 65,000 servers. Using this method, the group was able to draw in 405 million attack attempts to the honeypot and learn from them.

"Their strategy brought in a lot of the bad guys and after a quick analysis many had their router blacklisted by the NCSA security team", stated Phuong M. Cao's advisor Ravi Iyer, CSL and Electrical and Computer Engineering (ECE) professor and George and Ann Fisher Distinguished Professor of Engineering. "The clever thing was the students took this information and decided to use the attacks being generated to discover how our system can withstand these attacks."

The information collected about the attack techniques has already been integrated into security systems at NCSA. Justin Azoff and Alex Withers, both NCSA staff, are working closely with Phuong M. Cao and others to continuously audit and update the technology against ongoing attacks. This partnership shows how practical cybersecurity operations can support research and vice-versa.

"Many people overlook the potential impact of a brute force attack", stated Phuong M. Cao, an ECE graduate student. "Well known data breaches, Citrix for example, are the direct result of an unsecured server being exposed by this type of attack."

In the case of the Citrix data breach, attackers were able to hack one or more weak passwords within the system that resulted in terabytes of data being exposed. Previously, hackers would use a dictionary and try different words repeatedly until an account was breached; now, Phuong M. Cao said, 6.5 billion passwords are publicly available and used in this brute-force attack styles.

Ravi Iyer believes finding a solution to such a common and costly problem was one of the reasons Phuong M. Cao's paper, written with Subho S. Banerjee, a computer sciences graduate student, Yuming Wu, a fellow ECE student, and Zbigniew Kalbarczyk, an ECE research professor, was accepted by the NSDI symposium committee.

"They demonstrated on an attack style that is very common and now it can be expanded to look at a whole range of potential attacks", stated Ravi Iyer. "I think the research is very important and a reason it was accepted at NSDI, which has a notoriously low acceptance rate."

The NDSI Symposium only selected 49 out of 332 submitted papers. Phuong M. Cao presented the paper and Yuming Wu presented a poster on the same project, all of which received wide industry recognition.

"People from Fortune 500 companies were interested in the work", stated Yuming Wu. "We had discussions about the details of the work, interest in the deployment of the infrastructure, and interest in future work inspired by this research."

The original framework for the honeypot, developed by Azoff, is open-sourced and available on NCSA's GitHub. So far the project has gained more than 400 positive reactions from the online community.

While industry partners are interested in future work, the University of Illinois at Urbana-Champaign's online network is already benefiting from the software. In a single year, the team's software has analyzed 405 million attack attempts and at one point prevented more than 57 million in one day. This has resulted in them having the largest dataset of analyzed brute-force attacks to date.

Attacks on Illinois' network are local, but the analysis of the dataset has been shared with national laboratories and an international university via NCSA's Shared Intelligence Platform for Protecting the National Cyberinfrastructure (SDAIA). Alerting and collaborating with other sites allows all locations to defend against attacks that have happened at other locations. The honeypot that the team is currently operating has observed attacks coming from 73% of the autonomous systems on the internet. Three-fourths of the internet seems like a lot, but Phuong M. Cao isn't done yet.

"The future of this work is that we would gain a much larger adoption from other sites, not just in academia but also on the industry sites", stated Phuong M. Cao. "With the expansion of our shared intelligence platform we hope to cover the entire space of the internet. The future of our work is to look at how our approach can be applied to monitor more sophisticated attack activities across all the internet."
Source: National Center for Supercomputing Applications - NCSA

Back to Table of contents

Primeur weekly 2019-04-29

Quantum computing

Leading universities partner with IBM to accelerate joint research and drive educational opportunities in quantum computing ...

Canada's Strategic Innovation Fund invests CAN$7,2 million in ISARA ...

Extremely accurate measurements of atom states for quantum computing ...

Building a Printing Press for New Quantum Materials ...

New robust device may scale up quantum tech, according to researchers ...

Nanocomponent is a quantum leap for Danish physicists ...

Munich quantum distillery for light ...

Focus on Europe

PRACE issues Annual Report 2018 in a new style ...

Middleware

Sylabs announces general availability of SingularityPRO 3.1 ...

Hardware

Calcul Québec inaugurates a cutting-edge supercomputer to boost research performance ...

Xilinx to acquire Solarflare ...

New Supermicro scale-up in-memory computing platforms now shipping in volume ...

Largest, fastest array of microscopic 'traffic cops' for optical communications ...

Applications

Scientists create first billion-atom biomolecular simulation ...

UC San Diego's HPWREN Workshop attracts first responders, scientists and educators ...

Illinois researchers sweeten "honeypot" to catch, blacklist hackers ...

Four Ph.D. students selected as Blue Waters Graduate Fellows ...

ALCF Data Science Programme seeks proposals for data and learning projects ...

A new PIC simulation tool brings advanced scalability to ultra-high-intensity physics simulations ...

Upgraded science trailer teaches students about supercomputing ...

OLCF scientist talks early Summit results at APS Meeting ...

The Cloud

Archanan announces beta launch of the Archanan Development Cloud, a Cloud-based developer platform for building and testing code at scale ...

Inspur and Nutanix partner for Inspur HCI all-in-one system inMerge1000 ...