Protecting Large Networks from Hackers
July 7, 2016 Leave a comment
The most common kind of attack that hackers use is what’s known as brute force: they basically hit a system with so much data that they overwhelm its defenses. Essentially, with a large enough number of usernames and passwords being tested on a system, something will work eventually. Then hackers can get into a computer or website and do whatever it is that they’re trying to do. Classic methods of detecting intrusion don’t hold up; they simply can’t respond fast enough to the scale of the attack coming in.
But University of Twente Ph.D. graduate Rick Hofstede has developed a new system of detection that can do a lot toward protecting users from this kind of attack. The system, called SSHCure, takes a top down approach to seeking out intrusions by observing patterns in a network. As networks support more and more devices and users, it become harder to “police” those networks. SSHCure looks for patterns that stand out and then investigates those. After you’ve seen enough advertising mailers, for example, you can recognize what they are without having to read them, and this system works in much the same way with attacks. It has been used by a number of organizations outside of the lab and has proven to be very successful.
With detection accuracy of up to 100%, SSHCure could have a huge impact on Internet security going forward. It’s been released in an open source format, though who has access to it is as yet limited. Don’t be surprised if it becomes commercially available in some form in the future, though. Hofstede thinks that later models of routers, which will have to be more powerful to handle 5G and more demanding networks, could be bundled with a version of SSHCure to help prevent attacks from the start.