Feeds

Securo-boffins call for 'self-aware' defensive technologies

Say they should be used to protect 'leccy, gas, water

High performance access to file storage

Security boffins should concentrate on creating self-aware technologies that can learn from cyber attacks, summit experts say, proving that none of them have ever seen a movie about artificial intelligence.

Participants at the inaugural World Cyber Security Technology Research summit also reckoned figuring out how to protect smart grids and mobile networks should be top research priorities, according to their report.

The experts were particularly concerned about the damage from smart grid hacking:

Smart utility grids have, for a variety of reasons such as their size and accessibility, a raised susceptibility to cyber attacks. Such attacks can destroy national critical infrastructure and the need for smart grid cyber security is therefore imperative.

And if the thought of your electricity, gas and water in the hands of hackers wasn't enough to freak you out, they also mentioned they want security technologies that can think for themselves to protect us:

Research objectives in this area would include the development of cyber security technologies which have self-learning capabilities; self-awareness in cyber systems enabling early attack detection and self-configuration to defend against an attack; the establishment of feedback in cyber systems providing the capability of learning from cyber attacks.

So, just to be clear then, if these technologies did go rogue (and let's face it, they probably would) their top capability would be learning how to defend themselves from attack. Maybe the cure is worse than the disease…

Apart from dread scenarios of doom, the specialists are also worried about the security of mobile networks given the rapid uptake of smartphones worldwide.

"This issue will only increase due to convergence in mobile architectures and the number of mobile users - five billion compared with 1.5 billion on the internet," said Patrick Traynor, associate professor at Georgia Tech. "Malicious behaviour will simply follow utility - as mobile phones become the dominant computing platform, the expectation must be that they will be regularly targeted."

The report also said that technology alone wouldn't be enough to fight cyber crime:

Next generation cyber security research must take into account social, political, legal and economic aspects of this space. Social behavioural norms in cyber space need to be investigated, societal desires such as trust, safety, freedom and privacy must be examined, and attitudes to cyber security in source countries of cyber attacks should be studied.

The Centre for Secure Information Technology (CSIT) hosted security experts from the UK's Home Office, US Dept of Commerce and the awesomely-named US Cyber Consequences Unit as well as universities, defence and IT companies at the summit in Belfast earlier this year. The resulting report (pdf) was published yesterday. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.