Feds look for advanced security tools to thwart hackers

Faced with hackers who are steps ahead of the latest cybersecurity tools meant to block them from breaking into networks, the federal government on Monday called on the information technology industry to provide it with cutting-edge security concepts that will give agencies the means to thwart attacks.

The National Coordination Office for Networking Information Technology Research and Development published a notice in Monday's Federal Register requesting the industry submit advanced research concepts to better secure federal systems. The ideas would be so advanced that they would, in the words of the coordination office, be a "game-changing" event in shifting the balance of power in cybersecurity, which now heavily favors hackers over system administrators.

The request, which is part of the Comprehensive National Cybersecurity Initiative, is the first stage of what the office has called the National Cyber Leap Year, in which the government identifies concepts that create a leap in technology that could bring about such a shift.

"We determined that the best way the government could move forward is not to focus on the incremental developments that need to take place, but to be the catalyst to look at more far-reaching, revolutionary concepts that if implemented, could leap [us] ahead of a lot of the current issues and incremental fixes," said Tomas Vagoun, technical coordinator for the office's cybersecurity and information assurance, an interagency working group at NITRD, which supports research agencies.

The private sector mostly concentrates on updating cybersecurity products that can be commercialized quickly. It falls to the federal government to fund the more basic, far-reaching research that might pay off in the future, said Greg Garcia, president of the consulting firm Garcia Strategies and former assistant secretary for cybersecurity and communications at the Homeland Security Department.

"They are really requesting the private sector to identify where they think they're not doing the kind of research that needs to be done," he said. "Then we can get a better handle on where the money is already going to, and what are areas with big funding and programmatic gaps."

Vagoun said the program's goal is not to replace ongoing cybersecurity research at agencies such as the National Institute of Science and Technology, but to consider the same issues from a holistic approach. "There's important work going on, but a lot of it is piecemeal, incremental knowledge creation," he said. "It doesn't address systemic, wide-scale changes."

One example of a game-changing concept is attribution, the ability to determine the exactly where a piece of data or activity that can open up a network to hackers came from. Vagoun said the original design of the Internet placed a high value on anonymity, making it difficult to identify users and determine the source of a malicious attack.

Another area of research is in scalable data collection, which allows an agency to monitor large amounts of data in real time. Garcia said the ability to perform real-time analysis on terabytes of data would significantly increase the chances to identify and respond to attacks on agency systems. But it would require massive increases in bandwidth, such as 1 gigabit-per-second bandwidth, he said.

"The ultimate goal is to stop attacks before they happen or before they do too much damage," Garcia said. "That's high bandwidth and real time, hopefully with an automated response mechanism."

NITRD will collect responses until April 15, after which a working group of six to eight high-ranking IT officials will decide those ideas that show the most promise. The government then will hold workshops to consider the research needed to make the concepts a reality. Government, academia and industry will work on how to develop the concepts.