Researchers aim to develop a cloud computing environment that could immediately recognize and fend off a cyber attack, much like the human body fights a virus.
Federal Data Center Consolidation Makes Progress
(click image for larger view and for slideshow)
The Department of Defense (DoD) is funding research to create a cloud computing environment that can heal itself after a cyber attack.
Researchers at the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory (CSAIL) are working on a new system that would help a cloud identify an attack and recover from it almost instantaneously, according to MIT.
The work is part of the Defense Advanced Research Project Agency (DARPA) Mission-oriented Resilient Clouds (MRC) project, which aims to create a cloud network, the resiliency of which is based on its ability to adapt.
Generally if a network is attacked, the entire system that's been infiltrated shuts down regardless of which system--PC, website, or server, for instance--the attack targeted.
MIT researchers at the Center for Resilient Software at CSAIL are trying to develop a system that can tell when something is amiss with a network and defend against it as soon as it happens.
To enable a network to do this, researchers are providing a guideline for how the cloud computing environment's operations should normally function. The network can use this model to identify when it is under attack so it can return operations to normal as soon as possible, according to MIT.
Professor Martin Rinard, a principal investigator at CSAIL, likened a self-healing cloud network to the human body, which senses when it's being attacked by a virus and begins self-repair almost immediately. Rinard also is leading the work to create a network that will work this way, which at MIT is called the Cloud Intrusion Detection and Repair project.
"Much like the human body has a monitoring system that can detect when everything is running normally, our hypothesis is that a successful attack appears as an anomaly in the normal operating activity of the system," he said in a press statement. "By observing the execution of a 'normal' cloud system we're going to the heart of what we want to preserve about the system, which should hopefully keep the cloud safe from attack."
For the project to be successful, researchers must have an in-depth understanding of how a cloud-computing environment operates, which Rinard said is something the industry lacks at the moment. If researchers can understand how behavior of each system affects the cloud as a whole, they can prevent future attacks, he said.
Indeed, securing the cloud is of major concern for the U.S. military and the federal government in general as agencies ramp up their adoption of the cloud through a cloud first IT reform mandate. At the DoD specifically, the Army has been one of the earliest to jump on the cloud bandwagon; the military arm is in the process of moving its in-house email system to a private cloud hosted by the Defense Information Systems Agency.
How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)
2014 Next-Gen WAN SurveyWhile 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Server Market SplitsvilleJust because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?