Featured Research

from universities, journals, and other organizations

Cybersecurity researchers roll out a new heartbleed solution: Red Herring creates decoy servers, entraps, monitors hackers

Date:
April 14, 2014
Source:
University of Texas, Dallas
Summary:
As companies scrambled in recent days to address the latest cybersecurity bug known as Heartbleed, researchers demonstrate a solution that fixes the vulnerability, and also detects and entraps hackers who might be using it to steal sensitive data.

As companies scrambled in recent days to address the latest cybersecurity bug known as Heartbleed, researchers at The University of Texas at Dallas had a solution that fixes the vulnerability, and also detects and entraps hackers who might be using it to steal sensitive data.

The advanced technique -- dubbed Red Herring -- was created by a team led by Dr. Kevin Hamlen, an associate professor of computer science in the Erik Jonsson School of Computer Science and Engineering. It automates the process of creating decoy servers, making hackers believe they have gained access to confidential, secure information, when in fact their deeds are being monitored, analyzed and traced back to the source.

"Our automated honeypot creates a fixed Web server that looks and acts exactly like the original -- but it's a trap," said Hamlen, a member of the UT Dallas Cyber Security Research and Education Institute (CSI). "The attackers think they are winning, but Red Herring basically keeps them on the hook longer so the server owner can track them and their activities. This is a way to discover what these nefarious individuals are trying to do, instead of just blocking what they are doing."

The Heartbleed bug affects about two-thirds of websites previously believed to be secure. These are websites that use the computer code library called OpenSSL to encrypt supposedly secure Internet connections that are used for sensitive purposes such as online banking and purchasing, sending and receiving emails, and remotely accessing work networks. Heartbleed became public last week.

In 2012, a new feature named Heartbeat was added to software primarily for slow Internet connections. Heartbeat allowed connections to be held open, even during idle time. A flaw in the implementation allowed confidential information to be passed through the connection, hence the name Heartbleed.

Even though Heartbleed is now in the process of being fixed, victims face the challenge of not knowing who may already be exploiting it to steal the information, and what information they may be going after. A common fix for this type of problem is to create a trap, a honeypot that lures and exposes attackers. Typically this can involve setting up another Web server somewhere else.

"There are all sorts of ad hoc solutions where people try to confuse the attacker by deploying fake servers, but our solution builds the trap into the real server so that attacks against the real server are detected and monitored," Hamlen said. "Our research idea can build this honeypot really quickly and reliably as new vulnerabilities are disclosed."

The Red Herring algorithm created by Hamlen automatically converts a patch -- code widely used to fix new vulnerabilities like Heartbleed -- into a honeypot that can catch the attacker at the same time.

"When Heartbleed came out, this was the perfect test of our prototype," Hamlen said.

Red Herring doesn't stop at being a decoy and blocker; it can also lead to catching the attacker. As the attacker thinks he or she is stealing data, an analyst is tracking the attack to find out what information the attacker is after, how the malicious code works and who is sending the code.

"In their original disclosure, security firm Codenomicon urged experts to start manually building honeypots for Heartbleed," Hamlen said. "Since we already had created algorithms to automate this process, we had a solution within hours."

When news of Heartbleed became public on April 8, software engineering doctoral student Frederico Araujo started researching the vulnerability and had implemented Red Herring by 2:30 a.m. April 9.

"I was very proud that he had taken the initiative before I'd even gotten to it," Hamlen said. "Normally, I personally would have started working on it sooner, but I'd been up all night grading papers the night before."


Story Source:

The above story is based on materials provided by University of Texas, Dallas. Note: Materials may be edited for content and length.


Cite This Page:

University of Texas, Dallas. "Cybersecurity researchers roll out a new heartbleed solution: Red Herring creates decoy servers, entraps, monitors hackers." ScienceDaily. ScienceDaily, 14 April 2014. <www.sciencedaily.com/releases/2014/04/140414150658.htm>.
University of Texas, Dallas. (2014, April 14). Cybersecurity researchers roll out a new heartbleed solution: Red Herring creates decoy servers, entraps, monitors hackers. ScienceDaily. Retrieved October 23, 2014 from www.sciencedaily.com/releases/2014/04/140414150658.htm
University of Texas, Dallas. "Cybersecurity researchers roll out a new heartbleed solution: Red Herring creates decoy servers, entraps, monitors hackers." ScienceDaily. www.sciencedaily.com/releases/2014/04/140414150658.htm (accessed October 23, 2014).

Share This



More Computers & Math News

Thursday, October 23, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Chameleon Camouflage to Give Tanks Cloaking Capabilities

Chameleon Camouflage to Give Tanks Cloaking Capabilities

Reuters - Innovations Video Online (Oct. 22, 2014) — Inspired by the way a chameleon changes its colour to disguise itself; scientists in Poland want to replace traditional camouflage paint with thousands of electrochromic plates that will continuously change colour to blend with its surroundings. The first PL-01 concept tank prototype will be tested within a few years, with scientists predicting that a similar technology could even be woven into the fabric of a soldiers' clothing making them virtually invisible to the naked eye. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com
Internet of Things Aims to Smarten Your Life

Internet of Things Aims to Smarten Your Life

AP (Oct. 22, 2014) — As more and more Bluetooth-enabled devices are reaching consumers, developers are busy connecting them together as part of the Internet of Things. (Oct. 22) Video provided by AP
Powered by NewsLook.com
Google's Inbox Is The Latest Gmail Competitor

Google's Inbox Is The Latest Gmail Competitor

Newsy (Oct. 22, 2014) — Google's new e-mail app is meant for greater personalization and allows users to better categorize their mail, but Gmail isn't going away just yet. Video provided by Newsy
Powered by NewsLook.com
Free Math App Is A Teacher's Worst Nightmare

Free Math App Is A Teacher's Worst Nightmare

Newsy (Oct. 22, 2014) — New photo-recognition software from MicroBlink, called PhotoMath, solves linear equations and simple math problems with step-by-step results. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:

Strange & Offbeat Stories

 

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins