What if a cloud computing infrastructure could recognize a cyberattack, eliminate it, and never stop working while all that is being done? That’s what researchers at MIT, with help from the federal government, are investigating the feasibility of.
Researchers at MIT’s Computer Science and Artificial IntelligenceLaboratory (CSAIL)have received funding from the Defense Advanced Research ProjectsAgency (DARPA)to bring about a cloud infrastructure that could identify cyberattacksand heal itself from any damages.
DARPA has a number of ongoingresearch projects to develop more secure cloud environments.
As part of the “Cloud Intrusion Detection and Repair” study, MITresearchers hope to fundamentally map how cloud networks are createdand operate. Based on that, a set of guidelines will be created for thecloud network to constantly assess itself to see if it is workingwithin those guidelines and return to its normal operating procedure ifit is not. The approach is different from other security measures thatdisable a system when a threat is detected, creating outages, theresearchers said.
Likethe body detects infection
“Much like the human body has a monitoring system that can detect wheneverything is running normally, our hypothesis is that a successfulattack appears as an anomaly in the normal operating activity of thesystem,” said principal investigator Martin Rinard. “By observing theexecution of a ‘normal’ cloud system we’re going to the heart of whatwe want to preserve about the system, which should hopefully keep thecloud safe from attack.”
The study’s goal of continuing operations of the system even whileunder attack are a tenet of CSAIL’s research. For example, otherongoing research includes studying vulnerabilities in Java applicationsand identifying and fixing malware in Androidapplications, all while the systems continue to operate.
Network World staffwriter Brandon Butler covers cloud computing andsocial media. He can be reached at BButler@nww.com and found on Twitterat @BButlerNWW.