Engineering researchers take a novel approach to cybersecurity
From left to right: Postdoctoral fellow Neerja Mhaskar, professor Ridha Khedri and doctoral student Mohammed Alabbad. Photo by Jin Lee.
BY Kim Arnott
October 30, 2019
Securing computer networks has become one of the most critical challenges of our day. And with refrigerators, fighter planes, thermostats and self-driving cars joining the connected world, the challenge will only grow.
In fact, as networks continue to expand into massive pieces of infrastructure made up of thousands of nodes, security is something we’ll only be able to trust to a computer algorithm, believes Computing and Software professor Ridha Khedri.
The ability to manage very large and complex networks by human control is simply becoming unfeasible, he says.
That conclusion led Khedri, doctoral student Mohammed Alabbad, and post-doctoral fellow Neerja Mhaskar to develop an algorithm of network segmentation to optimize security automatically, even for software-defined networks.
Capable of grouping nodes into shielded clusters, developing layered policy-based defences and dynamically reconfiguring the network in real time in response to information from nodes, the mathematical-based system can easily be scaled up to deal with very large infrastructure.
The group applied for a patent for their novel approach to computer network security in November 2018.
“We were able to look at this problem from an angle that nobody else was and have come up with a way by calculation to configure the network,” explains Khedri.
The technology was recognized as a 2019 TechConnect Defense Innovation Award winner at the DefenseTechConnect Summit and Expo in Maryland in early October. The annual event attracts large companies in the defence industry. The award is given to technologies that place in the top 15 per cent of submitted challenge technologies, as ranked by the selection committee.
“This award is something that recognizes the importance of what we have worked on,” says Mhaskar, noting that it provides credibility and access to funding sources as the group work to commercialize their research.
The technology is ideal for the defence context, where security needs to be strong but also capable of a real-time response to networks of dynamic and volatile nodes that may be knocked out or destroyed.
Interdisciplinary collaboration was essential to the development of the technology, the pair agrees.
“This has been achieved because two people with different backgrounds met,” says Khedri. “Her background is in algorithm complexity, because we need an algorithm that is very efficient, and my theoretical background is in fundamentals of security and software engineering. Working together, we were able to make this breakthrough.”