Research lab extends host-based cyber sensor project to open source

A Department of Energy (DOE) lab is taking research done to develop a host-based security sensor and open-sourcing the software to encourage community feedback and participation.

"We'd love to have other people use this," says Glenn Fink, senior research scientist at Pacific Northwest National Laboratory, who invented Hone, a cyber-sensor that's currently available for the Linux operating system kernels 2.6.32 and later, with other versions in development for Windows 7 and XP, plus a Mac OX version planned. To encourage participation in development, PNNL has established the open-source Hone Project with the Linux version.

IN THE NEWS: Hospitals seeing more patient data breaches

While there are other host-based sensors, PNNL believes Hone may represent a potential breakthrough in identifying suspicious communications between monitored computers and network activity, whether it be from the Internet or the internal network. Fink said Hone can identify relationships between programs and network activities. As such, it might not only be able to identity cyberattacks accurately, but could also be adapted to limit how processes can communicate to the network. Fink said Hone is potentially of use in monitoring wireless networks.

PNNL is using Hone, which includes some visualization display, as part of a research project to understand how attackers break into computer systems. Since Hone is in an early stage of development, the DOE lab is inviting input from the public and open-source participation, and believes there is a potential for investing in it to evolve it further.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.

More about: IDG, LAN, Linux
References show all
Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers

Russian leaker resurfaces, claims Microsoft will issue second Windows update this year

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in New Zealand