Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, March 30, 2010

FAA Launches Real-Time Security Pilot With IBM

The Federal Aviation Administration has begun a research and development pilot aimed at helping the agency detect and react to hackers before they have a chance to attack FAA systems, IBM and the FAA announced Tuesday.  The pilot makes use of recently released IBM software called InfoSphere Streams, which was developed in conjunction with the Department of Defense and can perform real-time analytics on heavy throughput data streams of up to millions of events or messages per second.  FAA security analysts are swamped on a daily basis with a massive volume of security information coming from the FAA’s firewalls, intrusion detection systems, and wireless detection systems as well as data feeds from other agencies and commercial security services such as VeriSign’s iDefense.  In recent years, they have included theft of personal information on 48,000 former and current employees, a takeover of the FAA’s domain controllers, and a viral infection that forced the FAA to shut down systems in Alaska, according to a 2009 report from the Department of Transportation’s inspector general.

In addition to the FAA’s own cybersecurity efforts, the FAA’s security operations center manages cybersecurity for the rest of the Department of Transporation as well as for parts of the Department of Energy and the Department of Commerce, and Brown expects the amount of cybersecurity information being fed to the FAA’s analysts only to grow with time.

According to IBM, the effort will work by first establishing certain baselines in order to be able to identify anomalous traffic, and then use those baselines to detect the presence of possible attackers in real-time and even to perform predictive analytics to anticipate what hackers who have infiltrated a system might do next in order to cut them off at the pass before they’re able to do real damage.

InfoSphere Streams is able to digest heavy streams of low-level data in multiple formats simultaneously, analyze them with pre-processing, and adjust to tweaks in algorithms and analytical models on the fly.

http://www.darkreading.com/vulnerability_management/security/perimeter/showArticle.jhtml?articleID=224200806&cid=RSSfeed

Posted on 03/30
NewsPermalink