Project DeepCode: Auto Detection & Fixing of Security Flaws

  

With the increase in the number of devices connected to the internet and the emergence of 'internet of things' along with benefits many security issues have also risen. DARPA it seems have have come upon a solution to the ever increasing security vulnerabilities. Their latest project codenamed DeepCode can automatically find and fix security issues. This is a more proactive approach to counter security issues than the usual 'fix after attack approach' or 'defend when attacked approach'.  However, as with all military research you shouldn't expect these technologies to be released to public anytime soon but the distant future appears to be a bit more safe. I have pasted an abstract and a link for the complete article below.

Original Article by Robert Lemos of eweek.com

Researchers involved in a project funded by the U.S. Air Force Research Laboratory and the Defense Advanced Research Projects Agency are describing a machine-learning system as a fundamentally new approach to cybersecurity. DeepCode is designed to analyze terabytes of software code to find security flaws and fix them. Draper Laboratory, formerly part of the Massachusetts Institute of Technology, and a group from Stanford University led by machine-learning pioneer Andrew Ng, are behind the project. The researchers are using machine-learning and pattern-analysis techniques to teach the system what good code and bad code look like. Once DeepCode is trained to recognize vulnerabilities, it will be able to identify flawed code and recommend repairs. The team already has used the system to detect vulnerabilities such as the Heartbleed bug in OpenSSL, and is now working to increase the magnitude of data for making decisions by a factor of 1,000.  "The system collects and ingests massive amounts of software, makes this software searchable, indexes the known bugs and security vulnerabilities, and identifies--in new or existing code--matches to any previously identified flaws," says Draper Lab's Brad Gaynor.

For the complete article please click on the following link: DeepCode

Will Star Wars Like Force Field Become a Reality?

Science and technology has come a long way in bringing things of fiction to reality. The pace of development has increased  exponentially in the recent 1 to 2 years. Just came upon a very interesting article on CNN according to which the staple favorite of sci-fi movies, 'the force-field' is about to become a reality. Boeing has recently been granted a patent for this technology.

Visit the CNN page 'force-field' for more details. What other sci-fi stuff do you guys think can become a reality in the near future?

Evolving man’s best friend: wearable tech for dogs

Imagine this; you are caught in a blizzard, alone on the highway, in a broken down car waiting for help. Suddenly a search and rescue dog appears, bringing a smile to your face which quickly fades away as you don’t see its handler. The dog looks at you, sniffs you and then bites at an attachment on its vest which releases a dull beep sound. You look at all this, astonished, wondering what’s up with the dog and where its handler might be when within minutes you are surrounded by the rescue team members.

In the above scenario the attachment bitten by the dog was a GPS locator that transmitted your position to the rescue team. This is just an example of the many ways in which dogs could use wearable technology to assist humans better. Associate Professor Melody Jackson and her research team at Georgia Tech, Atlanta has developed devices that allow dogs to communicate with their handlers through technology. The researchers designed the devices in line with the natural tendencies of dogs to bite, tug and sniff.  Total eight dogs were used for this study which comprised of five Border Collies, two Retrievers and a Pit Bull. All these dogs before being part of the experiment had received training for assistance, agility or both and were used as regular work dogs. For this experiment all the dogs were trained using positive reinforcement techniques like clicker training to use the devices. The dogs were trained so that they tried to activate the device till they heard a tone from it which indicated task completion. The tug activated device is based on a stretchable resistor and elastic band sewn together into a fleece ball. To activate it the dog has to grasp the fleece ball attached on its vest and briefly tug and release it. The device activated by the dog’s nose has an infra-red proximity sensor and is based on the VCNL 4000 module. To activate it the dog has to only bring its nose near the device and not necessarily touch it. There were three types of devices activated by bite. A four sided bite device that could be bitten from any direction was used. It is based on force sensitive resistors; to activate it the dog has to bite on it resulting in variation in resistance and hence activating the sensor. Bite device based on capacitive sensors was used for dogs that had softer bites. To activate it the dog has to grasp the device slightly and the moisture from the dog’s saliva increases the capacitance hence activating the sensor. Another bite device was developed based on pneumatic sensors. Devices based on such sensors can be bitten from any direction. To activate it the dog has to bite on it which increases pressure at the ends of the sensor and activates the sensor. The experiments revealed that the best sensors were capacitive and pneumatic bite sensors with 100% success rate with all the dogs. These experiments have revealed that developing wearable technology for dog to handler communication is possible and such devices can help us use working dogs more efficiently.

Source: Jackson, M. M., Valentin, G., Freil, L., Burkeen, L., Zeagler, C., Gilliland, S.,& Starner, T. (2015). FIDO--Facilitating interactions for dogs with occupations: wearable communication interfaces for working dogs. Personal and Ubiquitous Computing, 19(1), 155-173.

Welcome to our new blog

Hi friends,

Welcome to the revised blog of Sophos Research Consultancy Services. We have created this platform to interact with you guys. So feel free to comment, discuss and share our posts.