Cybersecurity solution detects cyber attacks as they happen
A winning entry in a cyber security competition gives analysts a way to look at computer network traffic and determine how a system was penetrated; it also supplies critical data that can be used to reduce system vulnerabilities and limit future attacks
Cybersecurity experts admit every attack can’t be prevented, but “we hope to detect them as they happen, or to find out quickly when they happened and how, so we can respond appropriately,” said Wesley McGrew, a computer science doctoral candidate and instructor at the National Forensics Training Center at Mississippi State. The U.S. Department of Justice funds the center, which teaches law enforcement officers to fight cybercrime.
McGrew recently won first place in a competition to design solutions to a sophisticated, simulated network attack, providing answers that offer real-world relevancy. His winning entry, called Pcapline, gives analysts a way to look at computer network traffic and determine how a system was penetrated. It also supplies critical data that can be used to reduce system vulnerabilities and limit future attacks.
For his work in the Network Forensics Puzzle Contest sponsored by the SysAdmin, Audit, Network, Security Institute, or SANS, McGrew won an iPad, as well as valuable peer recognition for his work and Mississippi State’s growing presence in computer forensics training, application development and research.
“Competition spurs research,” said McGrew, who wrote the code for Pcapline in his spare time.
Jim Laird writes that that research is a powerful force in the daily battle against cyber threats, according to McGrew, as well as a vital tool for preparing students for a job market that places a premium on cutting-edge technology skills.
“We have a similar ‘capture the flag’ simulation with students in our information security class, and the experience pushes them to take everything they’ve learned from the theoretical into the practical. They’re learning the skills and developing the perspective they’ll need to protect networks and catch the bad guys,” McGrew explained.
“We are proud of Wesley’s achievement,” said David A. Dampier, director of the National Forensics Training Center and associate professor of computer science and engineering at the land-grant institution. “It demonstrates Mississippi State’s expertise, engagement and leadership in this competitive and critical field.”
In 2009 McGrew’s cyber-investigative techniques helped the FBI and a Dallas medical facility capture a Texan accused of planning a major computer “hack” on the business. Five years earlier, he aided in thwarting the improper activities of a would-be hacker from another educational institution.
