Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Technology

DARPA Is Looking For Analog Approaches To Cyber Monitoring 41

Posted by Soulskill from the literally-moving-the-needle-on-cybersecurity dept.
chicksdaddy writes: Frustrated by adversaries continued success at circumventing or defeating cyber defense and monitoring technologies, DARPA is looking to fund new approaches, including the monitoring of analog emissions from connected devices, including embedded systems, industrial control systems and Internet of Things endpoints, Security Ledger reports.

DARPA is putting $36m to fund the Leveraging the Analog Domain for Security (LADS) Program (PDF). The agency is looking for proposals for "enhanced cyber defense through analysis of involuntary analog emissions," including things like "electromagnetic emissions, acoustic emanations, power fluctuations and thermal output variations." At the root of the program is frustration and a lack of confidence in digital monitoring and protection technologies developed for general purpose computing devices like desktops, laptops and servers.

The information security community's focus on "defense in-depth" approaches to cyber defense are ill suited for embedded systems because of cost, complexity or resource limitations. Even if that were possible, DARPA notes that "attackers have repeatedly demonstrated the ability to pierce protection boundaries, exploiting the fact that any security logic ultimately executes within the same computing unit as the rest of the (compromised) device software and the attacker's code."
This discussion has been archived. No new comments can be posted.

DARPA Is Looking For Analog Approaches To Cyber Monitoring More

DARPA Is Looking For Analog Approaches To Cyber Monitoring

Comments Filter:

  • They'll find the terrorists' messages have a much warmer sound.

    • Actually, there are slight stressors in speech patterns when one is "working" a message, even if they are unconscious. A good listener can detect these, provided they have a baseline comparison.

      From this you can pinpoint words and phrases that aren't typical. Doesn't work so well when they're talking long distance with their Jewish girlfriend, though.

  • even DARPA can't protect a laptop from attacks (Score:3)

    by turkeydance ( 1266624 ) on Friday October 02, 2015 @11:33AM (#50645555)
    i'm so screwed.

  • When you have a hammer, everything looks like a nail.

    When you are used to using electronic methods for intel, you ignore the non-electronic methods (aka tradecraft) and then all your high-tech expertise is useless.

    It's a shame they don't teach spooks what they used to in my day.

    • Unless we have enough spooks to covertly inject a ricin pellet into the leg of every script kiddie and bot-herder on the internet; we'll probably still need technological solutions to monitoring IT stuff.

      If DARPA thinks that they can play offense if they just throw enough computers at the problem they are dreaming; but a cloak and dagger will only get you so far when dealing with people exploiting your software.

      • 90 pct of all stolen mil data is due to cleared individuals doing stupid things.

        9 pct is due to human ops.

        Only 1 pct is due to technical means.

        Where do you think we should focus our resources?

        • Depends what the guys in my "clan"[1] are selling.

          [1] I can't find the right word. Those things like a cross between fraternities and masonic lodges. Bonesmen and that.

        • 90 pct of all stolen mil data is due to cleared individuals doing stupid things.

          9 pct is due to human ops.

          Only 1 pct is due to technical means.

          Where do you think we should focus our resources?

          Perhaps corruption just might be the ticket. Trying to go all analog on com that requires DSP just shows the damage in 1954 when the violation of church and state was breached as one cannot apply such an atrocity without adverse effects regarding the loss of intellect over the entire flock. Advancement was sacrificed for absolute power and this should be clear with the USS Ross incident in the Black Sea. Take these words as you wish, as I am not at all convinced the US is interested in getting off the sh

  • Dear DARPA: (Score:2, Funny)

    by pla ( 258480 )
    Dear DARPA:

    Try looking in the back of your own closet (over on the NSA shelf, third bin from the left), filed under Tempest [wikipedia.org].

    You're welcome.

  • Might actually work. (Score:5, Interesting)

    by fuzzyfuzzyfungus ( 1223518 ) on Friday October 02, 2015 @11:51AM (#50645743) Journal
    Given neat tricks like recovering the RSA key GnuPG is using [iacr.org] with nothing but a relatively unexceptional microphone recording of the noise emitted by the computer's power circuitry actually work; it seems quite plausible that you could detect abnormalities in operation based on measurements of the device's sound, heat, and so on.

    What seems markedly trickier is dealing with devices whose behavior is variable enough that defining 'abnormality' is hard and generating a baseline 'fingerprint' isn't obvious. If the device's behavior is nice and predictable, you could theoretically force the attacker's malware to be extraordinarily similar to the legitimate software in order to evade detection. If not, though, the really nasty challenge would seem to be less in the measurement and more in knowing what signals to freak out about.
  • CPU utilization will go to 100%, causing all kinds of emission changes and power consumption alerts.

  • Admit it - we all just thought "Chipotle"

    • That's why I love Chipotle. I have almost no unscheduled analog emissions after eating there. Especially compared to Wendy's chili.

      • I have almost no unscheduled analog emissions after eating there.

        Chipotle is great, and I too especially appreciate how they have integrated their systems with most open source online calendars, allowing one to schedule analog emissions at the time of burrito purchase.

        • Of course the app got booted off the Apple app store because Apple wants to be the ones to decide when you have analog emissions.

          Next year Google will make it an unremoveable bloatware app because they want to track ALL of your analog emissions, scheduled or not.

          Next month, researchers will discover that Microsoft has been tracking our analog emissions all along.

          And, to come full circle, DARPA will start working on a way to remotely sniff the air in a room to determine if the occupants have been eating tra

          • Of course the app got booted off the Apple app store because Apple wants to be the ones to decide when you have analog emissions.

            Nice try, but Apple would never approve this app until the release of the iAnus, complete with a proprietary connection to the colon, requiring special toilet paper from your local Mac store, and featuring the latest wireless Browntooth connection to help you schedule emissions.

          • Re: (Score:2)

            by rtb61 ( 674572 )

            Analogue transmission are not possible over fibre optic cable, hence they are tied to the power supply, a continuous connection from the power station to the appliance (so monitoring main power transmission lines for unexpected patterns of course digital on analogue means variable burst transmissions). So internal and external networks with no direct connections that includes power and data and shielded structures and this only for current technology gear.

            Long term solution, governments being a whole lot

  • This just seems like a battle destined to be lost. Sure, given enough analysis, one could decipher the meaning of the analog emissions coming from a normal device. However, long before that technology ever produces real, useful results, anyone will be able to easily obfuscate said analog emissions with some other device sitting near the subject device. Essentially, an electromagnetic white noise device that also records ambient EM and incorporates random bits of that into its own emissions. Do the same with

    • Re: (Score:2)

      by bytesex ( 112972 )

      It's already established that people circumvent airgaps by raising temperatures of the one machine, and detecting it by the other. Or by using audio and microphones.

  • They have everything they need to secure their networks. All the federal infrastructure I worked with owned adequate technology equipment. Their networks & servers would be more secure if they used what they have now. However, many of those federal government agencies MUST hold their people accountable for poor unsatisfactory job performance. Until managers display the courage ( integrity & ethics) to 'do the right thing' by objectively enforcing policy, the deadwood eventually rots an organizat
  • "Frustrated by adversaries continued success at circumventing or defeating cyber defense and monitoring technologies, DARPA is looking to fund new approaches"

    This is ironic considering DARPA designed TCP/IP [pcmag.com]

  • Does everything really need to be connected to the Internet?

    Let's through money at it, instead of fixing even the most basic compliance issues the .gov space can't seem to get.

    Wish they spent the money on OPM..........

Slashdot Top Deals

Children begin by loving their parents. After a time they judge them. Rarely, if ever, do they forgive them. - Oscar Wilde

Close