Intrusion Detection Systems is our main area of research at the City College Center for Information, Networking and Telecommunications (CINT), directed by Professor Tarek Saadawi, drawing inspiration from the field of immunology to fuel his innovative engine.
“Pathogens and hosts engage in a constant, ancient, evolutionary duel. Why not observe what the human body does to detect pathogens, and build it inside the computer?”
Intrusion Detection Systems work by ‘sitting’ behind firewalls and inspecting every data packet that passes through. Built with sophisticated statistical intelligence algorithms, they are able to study activity patterns and develop conceptions of what is normal. If abnormal traffic is sensed, a flag is raised, relaying to other components of the system that an unwanted invader has made it past the network’s firewall — just like how our immune cell sentinels are able to sense nonself antigens and use cytokines to notify others that foreign matter has made it past the body’s lines of defense.
“We had to sit with two professors of immunology… so we have a good appreciation of biology. The merging of different areas of science is fundamental now, in our research.”
Biology’s central theory, Charles Darwin’s ‘Evolution by Natural Selection,’ is replicated in silico. According to Dr. Saadawi, Intrusion Detection Systems utilize genetic algorithms, which are optimization techniques that enable them to adapt and redesign themselves. This is important because hackers have engineered computer viruses that are capable of re-coding themselves such that they acquire novel characteristics in the time spent traveling between host machines in a computer network, similar to how new variants of bacteria, or viruses, like SARS-Cov2 arise via changed genetic code. “It is a race,” says Dr. Saadawi, “and we’re racing against them.”
These types of cybersecurity tools have multiple applications, including 5G, and virtual memory, the spinal cord of cloud computing. The goal, he says, is to secure virtual memory to guarantee there is no hacking.
To transform the theoretical into the empirical, an international testbed was established, connecting institutions that are over 6.7 thousand miles apart. Grants from the National Science Foundation and the Japan Science Foundation, were used to create a “dedicated pipe” that provides the collaborating teams at City College, Columbia University, Rutgers University, and, the Kuytech Institute in Japan, with the infrastructure necessary to test computer science theories and improve the design of generated cybersecurity tools.
“Now our lab is not only at CCNY, our lab has become this massive global testbed. The first experiment, we’re going to do involves blockchain, which is a big thing now, We’re putting nodes in our lab and some in the Japanese network. We’ll be running our algorithms to test if they can work on a large scale.”
The blockchains nodes will be inoculated with artificial computer viruses to obtain data on the intrusion detection systems’ performance; metrics such as error rate, probability of false detection, false alarm rate, and detection latency. This is strikingly similar to what is done in the field of synthetic virology, where kinetic modeling is performed using organisms inoculated with artificial viruses engineered by humans. The science mirrors biological science in many ways.
Internet safety is a matter of national security. If the United States’ critical infrastructures are hacked into, there can be catastrophic effects. In this age of webcams and security cameras, hackers can violate people’s privacy rights. Bank account information, addresses, and social security numbers can be obtained by keyloggers, and your data and systems can be locked and held for ransom.
“Most of the mistakes that leads to hacking come from the user’s side, from me and you using the laptop and clicking on a link we’re not supposed to, or going to a website we’re not supposed to go to.”
To raise awareness about cybersecurity in the surrounding community, Dr. Saadawi is participating in a coalition between City College, the Harlem Chamber of Commerce, and the Manhattan District Attorney Office. He hopes their seminars and presentations will garner attention and attract people to educational programs that aim to supply New York City with the cybersecurity professionals it lacks.
“We are trying to be a hub for spreading cybersecurity awareness and helping small business learn how they can do that. We’ve received a seeding grant to build, because from the city’s point of view, they’ve noticed that we need so many, thousands, of cybersecurity professionals in the city. We have established in Fall 2020 a Cybersecurity Master’s Degree Program at City College GSOE; https://cybersecurity.ccny.cuny.edu/ ”