FAA bolsters cybersecurity with help from IBM
Malware introduced into the U.S. Federal Aviation Administration’s (FAA) computer network which monitors and controls U.S. aviation can bring down a plane and cause havoc as surely as liquid explosives or underwear bombs can; the IBM is teaming up with the FAA to build a cybersecurity system which will improve defense against cyberattacks on the U.S. civilian aviation network; the flexible model used in the prototype system will be designed to look retrospectively at event occurrences and system compromises, and it will also be able to correlate historical traffic patterns with dynamic data from monitors, sensors, and other devices capturing information about network traffic and user activity in real time
Aviation security is about more than full-body scanners, biometric IDs, and protecting airplanes from shoulder-fired missiles. Here is an example: U.S. Federal Aviation Administration (FAA) is teaming with IBM to build a prototype security system that will improve defense against cyberattacks on the U.S. civilian aviation network. Designed specifically for the FAA’s high-speed networks, the system “will go beyond traditional security approaches of encryption, firewalls, intrusion -detection devices and anti-virus software,” IBM said in a press release issued Tuesday.
The FAA system will use IBM’s streaming analytics technology constantly to analyze massive amounts of data. IBM says the project will introduce first-of-a-kind security analytics technologies and entirely new approaches to protecting large digital and physical infrastructures from hacking, botnets, malware and other forms of cyber attacks.
The company says that not only will the flexible model used in the prototype system be designed to look retrospectively at event occurrences and system compromises, it will be able to correlate historical traffic patterns with dynamic data from monitors, sensors, and other devices capturing information about network traffic and user activity in real time.
“Stream computing gives you the capability to ingest data at very high traffic speeds and perform analytics on it,” said J. R. Rao, senior manager for security at IBM Research. “The key innovation is we’re taking these capabilities and applying them to the domain of security analytics.”
Network World’s Jon Brodkin writes that preliminary work on the project began last year, and it has now been installed on BladeCenter servers at the government’s Cyber Security Management Center in Leesburg, Virginia. The FAA has “been very forward looking and progressive in looking at new technologies,” Rao said.
IBM and FAA officials are still validating the system, and the project will last at least another six months before the FAA decides whether to put it into production. “Not only will the flexible model be designed to look retrospectively at event occurrences and system compromises, it will be able to correlate historical traffic patterns with dynamic data from monitors, sensors and other devices capturing information about network traffic and user activity in real time,” IBM said.
Brodkin writes that hackers, botnets, and malware are growing concerns for the FAA, which will use the project to build customized dashboards that update employees on the security status of FAA networks.
“These dashboards will give FAA officials visual representations of network workloads, tickets for found malware, and historical trends to facilitate decision making and early action in the event of network anomalies suggesting a possible attack,” IBM said.
