My heart's in the Highlands, my heart is not here - Robert Burns
|
|
|
Einstein 2 detects cyber attack patterns
THE US DEPARTMENT OF HOMELAND INSECURITY will be detecting patterns of cyber attacks from foreign countries, thanks to an intrusion-detection system that is currently being rolled out.
Einstein 2 will be widely deployed in US federal government networks during 2010, but currently only a handful of agencies are running it.
However so far the DHS, the Department of Agriculture, the State Department and the Department of Interior, which have their systems running through it, are alreading noticing some interesting things.
Using Einstein 2 it is has been possible to see how certain attacks target particular departments and particular agencies and others you can see every place it is currently operational.
Nicole Dean, deputy director of the national cybersecurity division of DHS told SFGate that Einstein 2 has been deployed by nine federal agencies that plan to operate their own trusted infrastructure compliant Internet access points. Three carriers - AT&T, Qwest and Sprint - have installed it so far and Verizon is in the middle of doing so.
The DHS is detecting between 100 and 10,000 cyberattacks aimed at each federal agency per week through the Einstein appliances.
Einstein 2 "is allowing us to monitor intrusion sets that weren't previously being monitored and to make that information available through the US-CERT of what's actually occurring and what various types of intrusion sets are active that we may not have been aware of before," Dean said.
The Einstein 2 systems are not using commercially available intrusion-detection signatures. However it has some limitations, apparently. It is a passive network data collection system that doesn't operate in real time.
Traffic comes into a department or agency, a mirrored copy is sent to Einstein 2, and Einstein 2 has the signature sets loaded into it. Some of that traffic will trip a signature that sends an alert to the US-CERT analyst. Once the signature is fired off, US-CERT works with the department to deal with the attack.
Every time there is an attack the department or agency cleans up that machine and removes it from their network so it can be re-imaged and brought back online in a non-infected state.
Already work is underway on Einstein 3, which will give federal agencies near real-time defense against cyberattacks including distributed denial-of-service attacks. µ
Share this:
Share
"Okay, so now that I've successfully degraded the future quality of the conversation, carry on." .... posted by : Jason Goatcher, 14 February 2010
That is a tired old red herring which still captures and intimidates the less than perfectly well equipped, Jason Goatcher.
It completely fails though to capture the imagination and attention of those who really matter and who can attend to matters which really matter. As a novel and engaging diversion with pleasurable climactic pastimes though, is it an Addictively Atractive Meme in which to Play and Submit to the Power of Passion which Surrenders to Deliver Last the Insatiable Pleasures of First Party Desire to Quench the Sticky Sweet Teases in All Public Private Party Tests ....... XSSXXXXual ZerodDay Dreaming. :-)
Now would that be akin to AI Protected Occupational Reality or just a Great AI Game Proposal for Virtual Reality, and would they Both be One and the Same and also Completely Different every New Day in a C42 Quantum Control System Program?
So, are you claiming that one of the smartest men ever couldn't possibly have a large penis?
I'll have you know that I tested in the 98th percentile in the 7th grade and my schlong rivals most blacks, with me being white.
Okay, so now that I've successfully degraded the future quality of the conversation, carry on.
one degree off is enough to thwart most control systems. Signature-based anomaly detection has been over-sold to people who believe in Unicorns and toothfairies.
Hopefully homeland security didn't get the potency and intelligence of this defender-of-the-free IT system mixed up,
i.e., hung like Einstein, smart like a horse...
however, I am expecting the latter.