custom ad
NewsJanuary 21, 2003

BUFFALO, N.Y. -- A suspected crooked insider at a New York software company sells consumer-credit reports to identity thieves, at roughly $30 a pop, in a high-tech scam that prosecutors say victimizes thousands. An unemployed British computer administrator fights extradition to face federal charges in Virginia and New Jersey that he hacked into 92 separate U.S. military and government networks, often getting past easy-to-guess passwords to download sensitive data...

By Ben Dobbin, The Associated Press

BUFFALO, N.Y. -- A suspected crooked insider at a New York software company sells consumer-credit reports to identity thieves, at roughly $30 a pop, in a high-tech scam that prosecutors say victimizes thousands.

An unemployed British computer administrator fights extradition to face federal charges in Virginia and New Jersey that he hacked into 92 separate U.S. military and government networks, often getting past easy-to-guess passwords to download sensitive data.

These and other recent data intrusions, whose authors are typically intent on theft, sabotage or cyberterrorism, have given rise to a promising profiling strategy aimed at preventing online break-ins as they happen.

Just as authorities use profiling to guard against criminals at ports and borders, researchers at the State University of New York at Buffalo are developing software that can generate highly personalized profiles of network users by analyzing the sequences of commands entered at each computer terminal.

Summer test possible

The system -- a prototype is likely to be ready for intensive testing this summer -- could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight monitoring.

The software draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks, such as opening files, sending e-mail or searching archives.

Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior.

Receive Daily Headlines FREESign up today!

Alerted to anomalies, network administrators then begin monitoring more aggressively to assess whether pilferage is in progress.

"The ultimate goal is to detect intrusions or violations occurring on the fly," said chief researcher Shambhu Upadhyaya, a SUNY Buffalo computer science professor. "There are systems that try to do this in real time, but the problem is it results in too many false alarms."

Keeping false alarms to a manageable minimum is key, but extremely difficult to achieve, said Bruce Schneier, a network security and cryptography expert and author of "Secrets & Lies, Digital Security in a Networked World."

"These systems live and die on false alarms," said Schneier. "You see this problem in facial recognition, trying to catch terrorists by recognizing faces in airports. All those trials failed miserably."

Designated by NSA

The Buffalo school is one of 36 research and teaching centers designated by the National Security Agency since 1998 to help safeguard America's information technology systems.

Upadhyaya began examining in 1999 whether monitoring simple user commands instead of network traffic might produce faster, more effective monitoring.

Some computer-security products that feature user-profiling seek out deviations on the basis of huge amounts of data flowing through entire networks. They're typically 60 percent to 80 percent reliable, whereas simulation tests indicated the new software would be up to 94 percent reliable, Upadhyaya said.

"Hackers are a step ahead of you always," he explained, noting that the military "is especially worried about the insider who's been there a long time and learned all the loopholes."

Story Tags
Advertisement

Connect with the Southeast Missourian Newsroom:

For corrections to this story or other insights for the editor, click here. To submit a letter to the editor, click here. To learn about the Southeast Missourian’s AI Policy, click here.

Advertisement
Receive Daily Headlines FREESign up today!