Representatives of the National Science Foundation, the Department of Homeland Security, and the Office of the Director of National Intelligence came yesterday to the IEEE Symposium on Security and Privacy in Oakland, CA, to describe the federal government’s current wish list for cybersecurity research. The representatives described three main ways that the federal government is interested in spending its money on academic work.
First, they asked for “moving target” technologies. The idea here is that current systems favor attackers–the defender’s system remains the same and the attacker is able to hammer away at it until exploits are found. With moving targets, federal government agencies hope to shift this scenario to make it harder and more expensive for attackers to penetrate systems. The idea is that systems that are complex and easily changed by defenders make an attacker’s job more difficult. This runs against traditional security wisdom, which is that adding complexity opens up more room for vulnerabilities.
Second, the federal agencies asked for work on “tailored trustworthy spaces.” Here, they hope researchers can create islands within systems that meet particular security requirements and that are easy to put up and take down. The hope is that it would be possible to have a verifiably secure work environment that was fine-tuned to match the task the user is carrying out.
Finally, the representatives outlined the need for a better understanding of the economics of security. Currently, security is often an afterthought for software developers. When companies do invest in security, the results can be haphazard, scattershot, and hard to measure. The federal agencies are hoping to get a clearer picture of what types of investments would help defenders, and they are asking for solutions that might again shift the advantage away from attackers. Right now, it doesn’t cost an attacker much to go after a system, and cyber crime promises high rewards. The agencies hope to find ways to encourage improvements to overall security, and to discourage attackers.
Jeannette Wing, assistant director of the computer and information science and engineering directorate of the National Science Foundation, stressed that with all three of these agendas, the federal government is hoping to break away from the current security arms race and find new directions. Since the federal representatives spoke in front of some of the world’s top security researchers, it should be interesting to see how the concepts are received.
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate
Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.
10 Breakthrough Technologies 2023
These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway
Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.