The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Archives for monitoring

August 10, 2016 By AMK

Georgia Tech pursues new technique for wireless malware monitoring of Internet devices

A $9.4 million grant from the Defense Advanced Research Projects Agency (DARPA) could lead to development of a new technique for wirelessly monitoring Internet of Things (IoT) devices for malicious software – without affecting the operation of the ubiquitous but low-power equipment.

DARPAThe technique will rely on receiving and analyzing side-channel signals, electromagnetic emissions that are produced unintentionally by the electronic devices as they execute programs. These signals are produced by semiconductors, capacitors, power supplies and other components, and can currently be measured up to a half-meter away from operating IoT devices.

By comparing these unintended side-channel emissions to a database of what the devices should be doing when they are operating normally, researchers can tell if malicious software has been installed.

“We will be looking at how the program is changing its behavior,” explained Alenka Zajic, the project’s principal investigator and an assistant professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. “If an Internet of Things device is attacked, the insertion of malware will affect the program that is running, and we can detect that remotely.”

The four-year project will also include two faculty members from Georgia Tech’s School of Computer Science: Professors Milos Prvulovic and Alessandro Orso. Also part of the project will be a research team from Northrop-Grumman, headed by Matthew Welborn. Details of an early prototype of the side-channel technique, called “Zero-Overhead Profiling” because the monitoring doesn’t affect the system being observed, were presented July 20th at the International Symposium on Software Testing and Analysis (ISSTA).

Within the next four years, an estimated 30 billion IoT devices will be in operation, doing everything from controlling home heating and air conditioning to sensing and managing critical infrastructure. The devices are usually small with limited processor power and memory. Their limited computing capabilities means they can’t run the kinds of malware protection software found on laptop computers, and they cannot use virtualization and other technology to protect the system software even when an application is taken over by an attacker. This means that once attackers compromise the internet-connected application, they typically “own” the entire IoT device and can even make it falsely respond to traditional queries about its own security status.

“The main challenge from a security perspective is to make these devices secure so somebody can’t take them over,” explained Zajic. “There will be a lot of processing power out there that needs to be monitored, but you can’t just put traditional security software on that processor because is doesn’t have enough power for both the security software and the tasks the device is supposed to be doing.”

Zajic and Prvulovic pioneered research on measuring side-channel signals emitted from devices. These emissions differ from the signals the devices were intended to produce for communicating information across the Internet to other devices. The researchers have already shown that they can pick up the signals close to the devices using specially designed antennas, and one project goal is to extend the range to as much as three meters.

“When a processor executes instructions, values are represented as ones and zeroes, which creates a fluctuation in the current,” Zajic said. “That creates changes in the electromagnetic field we are measuring, providing a pattern for what each part of the program looks like on a spectrum analyzer.”

Key to detecting changes in the signals is getting a “before” recording of what these signals should look like to draw a comparison with an “after” set of signals for each combination of device and software. The researchers plan to evaluate each IoT device, sampling and recording its typical operation to create a database. To avoid recording overwhelming amounts of data, the system will take periodic samples from different stages of program loops.

“If somebody inserts something into the program loop, the peaks in the spectrum will shift and we can detect that,” Zajic said. “This is something that we can monitor in real time using advanced pattern-matching technology that uses machine learning to improve its performance.”

Detecting malware, however, is more of a challenge.

“The technique is currently 95 percent accurate at profiling – pinpointing the exact point in the IoT program code that is currently executing,” explained Prvulovic. “However, detection of malware is a much more difficult problem. Profiling is about identifying which part of the program is the best match for the signal, whereas malware detection is about detecting, with sufficient confidence, that the signal does not match any part of the original program, even when the malware is designed to resemble the original code of the application.”

Zajic and Prvulovic have been studying a wide range of devices to determine the emissions produced.

“We have more than one source on a circuit board, so we have been trying to localize the sources so we can build an antenna to give us the best possible signal,” said Zajic. “There are multiple places on the board where you connect to the same information, though it may be modulated at different frequencies.”

Ultimately, researchers expect the project – dubbed Computational Activity Monitoring by Externally Leveraging Involuntary Analog Signals (CAMELIA) – to be capable of monitoring several IoT devices simultaneously. That will require development of advanced processing techniques able to differentiate signals from each device, and new antennas able to pick up the signals from a greater distance.

CAMELIA is part of a DARPA program called Leveraging the Analog Domain for Security (LADS), which is investing in six different initiatives to address IoT security. The Georgia Tech-Northrop Grumman project is the only one of the projects led by an academic institution.

The research is supported by the DARPA LADS program under contract FA8650-16-C-7620. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the sponsoring agency.

Source: http://www.news.gatech.edu/2016/07/31/monitoring-side-channel-signals-could-detect-malicious-software-iot-devices

Filed Under: Georgia Tech News Tagged With: computer science, DARPA, Georgia Tech, Internet of Things, IoT, malicious software, malware, monitoring, Northrop Grumman

March 16, 2015 By AMK

Pentagon acquisition bosses ‘ho-hum’ on multiple reviews for passing milestones

Defense Department major weapons buyers could streamline the acquisition process by eliminating some reviews in the years-long phase for passing each procurement milestone, the Government Accountability Office (GAO) found.

“The process in some instances can include up to 56 organizations at eight levels and accounts for about half of the time needed to complete information requirements,” the watchdog said in a report released Tuesday.

Interviews with 24 program managers and participating organizations on major procurements such as aircraft showed that most “did not think these reviews added significant value to the documentation,” GAO said. “The program managers considered the value added to 10 percent of the documentation to be high,” GAO said in report required by the 2014 National Defense Authorization Act. “However, for the remaining 90 percent of the documents, the officials believed the reviews did not add high value.”Sixty-one percent said they provided moderate value while 29 percent said they provided less than moderate.

Keep reading this article at: http://www.govexec.com/contracting/2015/02/pentagon-acquisition-bosses-ho-hum-multiple-reviews-passing-milestones/106221

Filed Under: Government Contracting News Tagged With: acquisition reform, GAO, monitoring, NDAA, oversight, procurement reform

March 13, 2015 By AMK

DoD doesn’t know cost or performance of non-major acquisition programs, GAO says

The Defense Department doesn’t have the information to determine the cost or performance of its non-major acquisition programs, says a March 2 Government Accountability Office report.

These non-major programs, called category II and III programs, range from a multibillion dollar aircraft radar modernization program to soldier clothing and protective equipment programs in the tens of millions of dollars, the report says.

GAO found that the accuracy, completeness and consistency of DOD’s data on these programs were undermined by widespread data entry issues, missing data and inconsistent identification of current category II and III programs.

Keep reading this article at: http://www.fiercegovernment.com/story/dod-doesnt-know-cost-or-performance-non-major-acquisition-programs-gao-says/2015-03-03

GAO Report 15-188 can be downloaded here: http://www.gao.gov/assets/670/668783.pdf

Filed Under: Government Contracting News Tagged With: cost reasonableness, DoD, GAO, monitoring, performance, performance based logistics, surveillance

December 31, 2014 By AMK

Report: How unaccountable contracting fails governments and taxpayers

Contracting-out government services is a topic that stays in the news.

Units of local, state and the federal government usually are prompted to consider a contracting-out strategy as a means to save money.  It’s not unusual for such plans to be challenged by government workers, labor unions, and even taxpayers who think that good paying jobs will be eliminated and savings really won’t be realized.

But what about when a service is outsourced to the private sector.  Is it given the oversight and analysis that its should be afforded?  More directly, how carefully are contractors being watched?

Now, a non-profit organization devoted to the study of privatization and responsible contracting called In the Public Interest, has published a comprehensive report entitled, “Standing Guard: How Unaccountable Contracting Fails Governments and Taxpayers.”

The report makes the point that when local and state governments contract-out critical public services that are crucial to the well-being of the community, the need for robust contract oversight is pressing. However, research and the experiences of cities and states across the county show that too often contract oversight is lax.

Oversight is important so that government can hold contractors accountable for their performance, and ensure that the public receives quality services at a reasonable cost. Proper oversight can protect public health and safety. Strong oversight allows governments to catch waste, fraud, and abuse in real time instead of long after the fact, and correct mistakes before they result in serious harm.

To download and read the complete report, click here: http://www.inthepublicinterest.org/sites/default/files/Standing%20Guard.pdf 

Filed Under: Government Contracting News Tagged With: contracting-out, contractor performance, monitoring, outsourcing, oversight

November 7, 2014 By AMK

Cloud service contracts lack needed clauses, security standards not met

A review of cloud computing services in the Commerce Department found missing clauses in contractors’ agreements to permit reviews of their facilities and operations, as well as lack of compliance with federal security standards.

In examining a sample of cloud service contracts from three bureaus, the department’s inspector general found that four did not contain a specific Commerce Department clause that would allow its investigators access to the provider’s facilities, installations, operations, documentation, databases and personnel that would be used to perform such services. As a result, the IG would not be able to conduct inspections, investigations, audits and other reviews.

Additionally, one contract did not contain a Federal Acquisition Regulation (FAR) clause that would permit the agency access to a service provider’s installations, documentation, records and databases, which is needed to make sure that government data remains secure and confidential, according to an IG memo dated Oct. 14, 2014.

Keep reading this article at: http://www.fiercegovernmentit.com/story/commerce-ig-cloud-service-contracts-lack-needed-clauses-security-standards/2014-10-20

Filed Under: Government Contracting News Tagged With: access, clauses, cloud, Commerce Dept., FAR, IG, monitoring, surveillance

  • « Previous Page
  • 1
  • 2
  • 3
  • Next Page »

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2022 · Georgia Tech - Enterprise Innovation Institute