NetSPA:
A Software Aimed to Avert Cyber Hackers
Group
8
Tiffany Duhamel, Elizabeth Sewel=
l,
and Katherine Watson
Key Wo=
rds:
Hackers, Vulnerability Scanners,=
Attack
Graphs, CyberAnalytix, Firewalls, and Routers.
An amazing development has come out of the Massachusetts Institute of
Technology. This development =
is
NetSPA. NetSPA stands for Network Security Planning Architecture. This prog=
ram
may not sound like a very beneficial creation, but the safety and protectio=
n it
aides in providing is exponential. NetSPA uses information about computers,
network systems, and the programs they run to develop a graph. The developed
graph shows all the possible ways unauthorized users could access the opera=
ting
systems. Not only does NetSPA
create the graphs, but it analyzes those graphs and recommends the best
possible way to fix the most vulnerable weaknesses. NetSPA uses vulnerabili=
ty
scanners to locate and identify network program's weak spots, as well as ai=
de
in finding solutions. This development will greatly benefit all businesses =
and
organizations by reducing their chances of being threatened by network
infiltrators and save them time by pinpointing the riskiest areas.
The Network Security Planning Architecture was developed=
by
Richard Lippmann, a senior staff member at Lincoln Laboratory’s
Information Systems Technology Group, and a group of his colleagues. His te=
am
consists of two computer scientists, Kyle Ingols and Seth Webster, along wi=
th
MIT graduate student Leevar Williams. Richard Lippmann and his contemporari=
es
developed NetSPA in response to the unwavering threat of cyber hackers on t=
he
U.S. government. This new technology identifies any potential way that a
network can be attacked. It uses information about networks and the individ=
ual
machines and programs running on them to create a graph that visually displ=
ays
how an attacker could infiltrate the system. The=
n, the
system administrator can review the graph and decide what actions need to be
taken. And, if they are having trouble deciding what needs to be done, NetS=
PA
analyzes the graph and suggests the best and quickest way to fix the most
vulnerable areas. The new software relies on vulnerability scanners to iden=
tify
weak spots that could pose a threat to the network. Once it has identified =
the
vulnerable areas, it analyzes the firewall and router rules which are typic=
ally
very complicated. This will determine which weak areas can actually be reac=
hed
and how attackers will be able to spread through the network by jumping from
one vulnerable host to another. This process saves a lot of valuable time
because it takes much more time to patch up hosts individually. “Inst=
ead
of patching, or fixing, or blocking a thousand hosts,” Lippmann expla=
ins,
“we could say there are ten critical hosts and patch those first.R=
21; It
also can seek out vulnerabilities that otherwise would be unforeseen. Such =
as,
if the system administrator granted access to a vendor’s IP address m=
any
years ago, and hackers exploited this by forging that address. The process =
is
very complex and time consuming and the development of the software was even
more lengthy and complicated. The original version of NetSPA could only han=
dle
about seventeen computers in a network before it became too slow to be usef=
ul.
It has since been made faster and more efficient. One way this has been
accomplished is to work within firewalls to treat multiple hosts in a netwo=
rk
the same way instead of treating each individual machine under the same
firewall rules. There are also developments in new attack graphs and more
efficient algorithms to compute the new graphs.
The graph that NetSPA generates is set up as an attack g=
raph
cascade. There are four large rectangular regions that represent one subnet=
in
a larger network. Within each of the subnets, there are smaller rectangular
regions that represent groups of hosts that are treated identically by all
firewalls and that are compromised by an attacker to the same level. There =
is a
dot in the center of each region that signifies all hosts in that region. T=
he
attacker will start at the upper subnet (“EXTLAN”) on a single
host. The lines connecting the hosts represent vulnerabilities that the
attacker uses to progressively compromise more hosts.
Software such as NetSPA is invaluable for any individual=
or
organization that has any kind of information they want to shield from the
unauthorized public. While developed for something as great as the defense =
of
this country, NetSPA can benefit a wide variety of individuals and
organizations. Attacks on the U.S. government and defense computer networks
continue to occur and threaten the safety of this country. Between 2003 and
2005 there was a series of breaches on the
Patents are being developed for this amazing new technol=
ogy.
There is a patent for a “predictive” graph and another for a
“multiple prerequisite” attack graph, the latter of the two is =
much
more efficient and recurrent. The software is being tested on multiple
different networks and is still being developed and improved to be easier to
use and more efficient. A group of MIT students, with Lippmann as their
technical advisor, have proposed a business plan for a company called
CyberAnalytix to commercialize NetSPA. Their proposal won $10,000 in the MIT
$100K Entrepreneurship Competition in May.
NetSPA is excellent new software that will utilize
information about networks, individual machines and programs running on the=
m to
create a graph that shows where the network is most prone to attack. This t=
ool
makes it possible for system administrators to focus on the most vulnerable
area, instead of wasting time securing the entire system. The graphs develo=
ped
from the software will aide in finding the best solutions for fixing the
weakest areas of a network before they are infiltrated. The developers of
NetSPA are continuously improving this new technology and expanding its
boundaries. This innovative development in cyber threat prevention will hav=
e a
tremendous positive effect on the network safety of not only small business=
es,
but even the protection of our country.
References
Imperial Valley News.
MIT Lincoln Laboratory Software NetSPA Designed To Stop Cyber Hackers.
29 August 2008.
http://imperialvalleynews.com/index.php?option=3Dcom_content&task=3Dvie=
w&id=3D2518&Ite
Lincoln Laboratory: Massachusetts Institute of Technolog=
y. Network
Security: Plugging the Right Holes. July 2008.
htt;//www.ll.mit.edu/publications/labnotes/pluggingtherightholes.html
1. Wh=
at
does NetSPA stand for?
2. Wh=
o was
the head of the research team that developed NetSPA?
a. Se=
th Webster
b. Kyle Ingols
c. Richard Lippmann
d. Leevar Williams
3. Wh=
at
triggered the development for NetSPA?
4. Wh=
o will
NetSPA benefit?
5. Wh=
at
company was created to commercialize NetSPA?