Slashdot Mirror

← Back to Stories (view on slashdot.org)

UCB, USC To Build (And Hack) A Model Internet

Posted by timothy on from the smaller-scale dept.

darksoulz writes "Associated Press stories from TheKansasCityChannel.com and TheChamplainChannel.com have an interesting report today. It appears that the U.S. Government has given a $5.5 million grant to the University of California, Berkley and the University of Southern California so that they can build a model of the internet, so they can hack it. They are trying to find better defenses against hacking, without breaking the real Internet. The first phase is scheduled to be completed by February."

5 of 218 comments (clear)

  1. In ten years... by sandbenders · · Score: 5, Insightful

    In ten years everyone will wonder why USC and Berkley produced all of the decade's best crackers. This project will result in three things:

    1. Good dissertations for CS PhDs.
    2. More secure software, which will rarely be implemented and even more rarely be implemented well.
    3. A whole bunch of research assistants who think they are l33t h4x0rs. And some of them will be right.

    --
    Eagles may fly, but weasels don't get sucked into jet engines.
  2. Re:Good by Anonymous Coward · · Score: 5, Insightful

    I think the real point here is to make a testbed where they can unleash worms and then try different techniques to try and trace, contain, stop, and prevent them. Not to actually attract hackers. They will be the hackers, do the hacking, etc. Also to play with DDOS attacks and whatnot, without saturating any existing networks. I think the operative term is hacking a model 'internet' not a machine on the internet.

  3. Just offer prizes to hackers by G4from128k · · Score: 4, Insightful

    I'm not sure how they plan to "model" the internet, but I would argue that the internet is its own best model. Anything else will lack some exloits present in the "real" net while have other exploits absent in the real net (bugs in the model's software).

    I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net. The profs and grad students could ajudicate the prize giving. They would find at least 1100 exploits this way (fewer if they have to pay those pesky grad students or usurious university accounting department overhead rates).

    If letting hackers profit from hacking the actual internet is too scary/illegal, then the university could create a small publically exposed network running a variety of apps, OS, etc.

    --
    Two wrongs don't make a right, but three lefts do.
  4. Re:This will fail by orangesquid · · Score: 3, Insightful

    What makes you think they would pick a good operating system on purpose? Rather, they could put up many different systems known to be hackable, write worms or scripts designed to hack into these machines, and try to create technologies to capture/contain and lessen/slow infections and security breaches.

    I don't think the point is to re-create OpenBSD. The goal is probably more of a cross between network monitoring, intrusion detecion systems, and automatic network reconfiguration.

    The Internet can already route around problems because of redundancy. Sophisiticated routers can control and shape traffic. But, as of yet, there's no widespread technology to protect entire networks from security problems. We will never create perfect systems... so we must create countermeasures so that when our systems fail, they fail in the smallest and least dangerous ways possible. It's like fault isolation.

    --
    --TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
  5. a model? by hyrdra · · Score: 3, Insightful

    The problem with their "model" is that something as complex as the current Internet as it exists today can't really be modeled, at least not very well. It's a huge chaotic system thats constantly changing and growing, so when you try to model it your model is going to be out of date before you can do anything useful with it. I really don't think $5 million can buy even a small representation of what the Internet is today. Think of the OSI layers and all the different software, hardware, protocols, methods, systems and manufactures in place at each layer. Each of those has its own set of vulnerabilities, holes, etc. and keep in mind there are many different versions of each of those running at the same time across different networks.

    This complexity is precisely what makes tracking and solving problems with today's Internet so hard.

    I am curious as to what they expect to study and find from this model. Today's problems with the Internet and networking in general are largely social, economic, or political. Figuring out some neat new protocol isn't going to make backbone provider X update their entire network. Worms and the such are also the bain of a social problem. As long as we have smart programmers with free time, there will be worms and exploits of the system no matter what procedures are in place or how smart the network is; The fix for said worms are timely patches and updates, however most users won't and don't do this, hence the epidemics.

    This might make some great academic research and a neat new toy for the University but I fail to see how it can find applications in the real world where the problems are much harder than the technical ones this project (presumably) hopes to solve.

    --


    "I'll just chip in a bit for RedHat: I actually have that installed on my university machine." - Linus, '95