UBC Home Page -
UBC Home Page -
UBC Home Page UBC Home Page -
-		 -
News Events Directories Search UBC myUBC Login
-
- -
UBC Public Affairs
News
UBC Reports
UBC Reports Extras
Goal / Circulation / Deadlines
Letters to the Editor & Opinion Pieces / Feedback
Advertising
UBC Reports Archives
Media Releases
Services for Media
Services for the Community
Services for UBC Faculty & Staff
Find UBC Experts
Search Site
-

UBC Reports | Vol. 51 | No. 3 | Mar. 3, 2005

Defence in Depth

UBC’s new head of computer science talks about the battle for your computer

By Brenda Austin

The profile of a virus writer or hacker is young, male, intelligent and equipped with the one luxury people in full-time employment never have -- time. He uses that time to reverse engineer software and zero in on the inevitable vulnerabilities.

Lining up against the hackers are researchers like William Aiello, the newly appointed head of the UBC Department of Computer Science. He focuses on new ways to increase computer security from the three most common large-scale threats: viruses, worms and denial-of-service attacks.

Aiello holds a PhD in applied mathematics from the Massachusetts Institute of Technology and comes to UBC from AT&T Research Labs in New Jersey, where he was the Director of Network Security Research.

“It is the initial engineering of the computers with areas of weakness, and the manufacturers’ focus on features and functions instead of invulnerability, which provide the virus writer his opportunities,” says Aiello.

That is one piece of the puzzle. The other is the fact that many people share the same type of software so there is a monoculture in which viruses and worms spread rapidly.

“When someone unleashes a piece of code -- which is what every virus is -- this causes a domino effect which might begin with an overload of network traffic and end in widespread denial of network service. This becomes a huge issue, wreaking havoc,” says Aiello. In one aspect of Aiello’s research, he grapples with how to defend against these large-scale attacks.

But, to develop software secure against every conceivable attack is not possible. Threats emerge on various fronts, not only from the virus writer but from hackers who can break into computers one by one, and spammers who drop a piece of software into a single computer system that then hosts a larger-scale attack.

“If you want to secure a complicated network you have to seek solutions from many different areas, not just the software. You may see something that went wrong on a large network, but finding the root cause can be very difficult,” says Aiello.

This leads Aiello into his main area of interest called “defence in depth” -- the management of complexity that evolves from cryptography research, system security, and traffic analysis.

Cryptography has been around in some form or other as long as humans have. Current cryptography research centres on the use of codes and limiting access to authorized persons.

The second area, system security, focuses on how different applications in a computer interact via the rules each computer uses. Firewalls and routing devices are two familiar examples.
The final area is traffic analysis, monitoring the system to spot abnormal activity. Akin to the canary in the coal mining era, the monitor prevents damage escalating, but in the case of computers, also analyses the root cause.

Given the propensity for damage and the inherent opportunities, how big is the criminal element researchers battle? This is not an area Aiello focuses on, but he says there is a complex underground economy among hackers, spammers and organized crime where the currencies of the realm are access to hacked machine, attack tips, bragging rights and money.

So, what’s the mindset of a hacker? Aiello recalls an extremely bright colleague whose mind worked in a way he believes the minds of hackers must work. His colleague was able to make connections between areas of computer vulnerability in a way that made everyone glad he was legitimately employed on “their” side.

“The good news is we’ve made progress in our defences and as science progresses we can turn more mathematical theories into engineering artifacts,” Aiello says.

“Computer science cuts across many disciplines such as mathematics, engineering, commerce and general sciences,” Aiello adds. “Luckily, one of the department’s strengths is interdisciplinary research, and my hope is we not only provide the computer tools and network security, but the intellectual concepts as well in a way that enables us to continue to grow as an intellectual leader within the university community.”

Department Gains New Facilities

Newly arrived from AT&T Research Labs in New Jersey, Computer Science department head William Aiello has assumed leadership of 55 faculty members, 185 graduate students, approximately 900 undergraduates and 40 staff.

Known for its focus on interdisciplinary programs and research strength in areas such as computational intelligence and graphics, the department has welcomed the addition of new lecture and classroom space at the recently completed Dempster Pavilion.

A second facility to be shared with the Institute for Computing, Information and Cognitive Systems (ICICS) and named the ICICS/CS building, will provide additional administrative and lab space and strengthen ties among researchers in areas ranging from engineering and computing to psychology and medicine.

In the past two years, the department’s top programming team has captured first place at the International Collegiate Programming Contest (Pacific Northwest Division), beating traditional powerhouse teams from Stanford and Berkeley and is headed to Shanghai in April to compete in the World Finals.

- - -  
-

Last reviewed 22-Sep-2006

to top | UBC.ca » UBC Public Affairs

UBC Public Affairs
310 - 6251 Cecil Green Park Road, Vancouver, BC Canada V6T 1Z1
tel 604.822.3131 | fax 604.822.2684 | e-mail public.affairs@ubc.ca

© Copyright The University of British Columbia, all rights reserved.