Cyber attack maps to underpin better strategic responses
Visualising the battlefield has long been a crucial part in identifying the most effective responses to enemy attacks. But multifaceted virtual attacks from unknown forces, hidden by increasingly large amounts of data, are becoming more and more difficult to detect.
At the University of Melbourne’s Department of Computing and Information Systems, Dr Atif Ahmad says the IT industry is in desperate need of better situational awareness to combat the growing number of damaging attacks on networks. And he is a member of the university’s interdisciplinary team working on a project to do exactly that.
Dr Ahmad’s “vision” is to create a digital map of a business’s information network that identifies, in real time, attacks as they are underway – whether these are attempts to steal data, crash a company’s service, or hijack the operation of infrastructure.
“We need to collect all the threat-relevant information, analyse it and represent it in a way that will allow system managers to make useful decisions,” he says
Visualising threats will involve collecting data in many different forms and developing new algorithms capable of sorting security relevant information from data streaming at gigabytes per second. Dr Ahmad is also modelling the way operators interact with data-collection system.
A second part of the project involves a decision-support system that makes suggestions to managers about the associated costs of potential counter measures.
Project leader at the university is cyber-security specialist Dr Ben Rubinstein, with other researchers bringing expertise from information systems, computer science, electrical engineering, business and economics.
The initiative won seed funding in 2015 from the Melbourne Networked Society Institute to create a proof of concept for a threat-mapping and decision-response tool for network managers. The project team is already developing a prototype with Whispir, a Melbourne-based commercial messaging service provider.