Innovation Corner: Eureka!

Mar 1, 2007 12:00 PM

Researchers seem to be stumbling upon new security innovations in some of the most unlikely places. Research has produced alternative methods for detecting explosives and computer worms.

Cheesy Detection

Scientists from AgResearch, an agriculture and biotechnology research institute in Hamilton, New Zealand, developed a technology to detect concealed explosives while they were trying to improve the quality of cheese. The new technology involves a series of mathematical algorithms that can process patterns of X-ray data from the new generation of airport X-ray detectors and would work alongside those detectors. “This technology has the capacity to screen check-in and carry-on aircraft baggage and will offer improved security for airports and airlines the world over,” says Dr. Andrew West, AgResearch chief executive. AgResearch scientists claim their technology could have identified the explosives used by the shoe bomber and could counter the threat of liquid bombs and their precursor components. John Pettengill, a consultant to AgResearch, says the technology is about nine months away from commercialization.

Flashing Bombs

Students and scientists at the University of Alabama-Huntsville (UAH) say “scintillating sensors” they developed can help security personnel scan for dirty bombs, in addition to helping doctors as they treat cancer with radiation therapy and astronomers to study the universe. The sensors were developed by using “scintillating” materials that flash or glow when they are hit with certain types of high-energy radiation, including X-rays. The intensity of the flash changes with the energy of the radiation “so you can infer the energy of the incident radiation, and in some configurations, the direction and type of radiation,” says Dr. Richard Miller, project leader and associate professor of physics at UAH. These sensors could be used by Homeland security officers to screen large ports and airports for clear signs of illegal radioactive materials that are smuggled into the country.

Wrangling Worms

In another technology development, researchers at Penn State University say they have developed anti-malware technology that can identify and contain worms in milliseconds rather than minutes — greatly limiting how far they spread and how much damage they cause.

According to a report in InformationWeek, the new technology — Proactive Worm Containment — focuses on analyzing packet rate and frequency of connections, rather than signature or pattern identification.

“A lot of worms need to spread quickly in order to do the most damage, so our software looks for anomalies in the rate and diversity of connection requests going out of hosts,” says Peng Liu, associate professor of information sciences and technology at Penn State and lead researcher on the Proactive Worm Containment System.

Penn State researchers assert that because many security technologies focus on signature or pattern identification for blocking worms, they cannot respond to new attacks fast enough, allowing worms to exploit network vulnerabilities. Several minutes can elapse between when a signature-based system first recognizes a new worm and when it creates a new signature to block it from spreading any more.

When signature-based systems shorten the signature-generation time, however, they often miss worms that are capable of mutating automatically.

By targeting a packet rates, frequency of connections, and the diversity of connections to other networks, researchers claim that the Proactive Worm Containment technology can react much more quickly. Liu says only a few dozen infected packets may be sent out to other networks before the new technology can quarantine the attack. In contrast, the Slammer worm, which attacked Microsoft SQL Server, sent out about 4,000 infected packets every second, he tells the magazine.

The Penn State researchers currently are testing the technology, and the university has filed a patent for it.

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue