While the world we perceive occupies a physical space, the advent of the Internet and other technologies have caused many people to frequent a different type of place: cyberspace.
But unlike the physical world, in which the police are a phone call away, the security of a web user is not guaranteed. Because hackers work day and night to exploit the Internet for personal gain, researchers at the UA have received multiple grants to explore the emerging field of cybersecurity.
“[Maintaining] cybersecurity has become a big problem for government, for industry and also for the general public,” said Hsinchun Chen, Regents’ professor and Thomas R. Brown Chair of Management and Technology in the Eller College of Management’s Management Information Systems Department.
Chen is the principal investigator of two cybersecurity projects, both of which are funded by the National Science Foundation for a total of $5.4 million.
One project will utilize “big data” analytics in order to make sense of the covert world in which hackers operate, while the other will focus on training the cybersecurity professionals of the future.
The trainees’ job will be to stay one step ahead of hackers, who are constantly looking for new ways to exploit vulnerable computer networks, whether it’s to make a statement, as in the practice of hacktivism, or for monetary gain.
Because hackers have a habit of sharing information online, the hacker community is a vast “underground ecosystem” that must be understood before it can be suppressed, Chen said.
Using cutting-edge data-mining techniques, the researchers will comb through massive amounts of online chatter to single out the most influential hackers in hopes of identifying their strategies and protecting against them.
Researchers are also looking at other ways of preventing cyber-attacks. Eric Gross, a graduate student in the MIS department, is one of those being trained as a part of Chen’s Scholarship for Service grant. Gross’ research will focus on ways hackers might access mobile devices like smartphones and tablets as opposed to web servers, which are a common target of hackers.
Following in the hackers’ footsteps, Gross tries to pinpoint devices using a tool called Shodan.
Unlike search engines like Google that look for websites, Shodan scours the Internet for data associated with the myriad servers, webcams, printers and other devices that are connected to data networks worldwide. The results from a Shodan search yield information about such devices in the form of metadata, which is data about the device and how it operates.
This seemingly innocuous data can actually be used by hackers to pull off some unusual tricks.
Gross said he has heard stories of hackers being able to hijack webcams or even gain control of streetlights, both of which could raise serious ethical and public safety concerns.
While many web servers have a fixed Internet Protocol address, or IP address, mobile devices have a dynamic IP address that can change over time, making it difficult for hackers to hone in on a particular device. That is why mobile devices are rarely hacked — but that doesn’t mean hackers aren’t trying.
“A lot of [hackers] think very laterally,” Gross said. “They find brilliant new ways to exploit devices that no one’s thought of before.”
Gross is currently exploring ways to locate mobile devices using Shodan to assess their vulnerability. As in all cybersecurity work, the end goal is to shore up any weaknesses that might exist in the system and prevent future cyber-attacks, he said.
Brint Milward, director of the School of Government and Public Policy and holder of the Providence Service Corporation Chair in Public Management, is the principal investigator of a similar project that was recently funded by the NSF for $200,000 over two years. His research will analyze the social networks through which hackers communicate to learn more about the hackers themselves.
“Computational scientists are great at documenting the attacks,” Milward said. “The thing that they haven’t been able to do is track backwards from the attack to the attackers, and that’s where the social scientists come in.”
By analyzing the various forums in which hackers share information about their craft, the researchers will be able to identify “signatures,” or patterns of behavior that could hint at the hackers’ motives or even their identities, Milward said, adding that minimizing cyber-attacks is “one of the pre-eminent public policy challenges of this era.”
The three projects include collaboration between researchers of different disciplines to tackle the issues of cybersecurity, as experts in the fields of management and sociology join forces with computational scientists to uncover the inner workings of hacker networks.
“This is a great example of people from different colleges [at the UA] coming together to advance the new science of cybersecurity,” said Ronald Breiger, a sociology professor and co-principal investigator on two of the projects.
Chen said he thinks it’s rewarding to know that he’s involved in research that will benefit not only government and industry agencies, but also the public at large.
“[The researchers and I] are very excited about what we do,” he said, “not just in advancing the science, but also helping to make the Internet a safer place.”
– Follow Mark Armao @MarkArmao