X

Schools get tailored cyberattack data

A customized service that analyzes data from firewalls and intrusion detection systems might help protect university networks.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
See full bio
Joris Evers
2 min read
U.S. colleges and universities now have their own version of DShield, a popular service that analyzes security data to help fend off cyberattacks.

The service for the academic world is the first sector-specific version of DShield, which was launched as a free global service in 2000. Three universities have signed on for the pilot, which was announced on Tuesday. Other colleges and universities have been encouraged to join.

"The goal is to have an accurate assessment of information security in academic institutions," said Steffani Burd, the executive director of Information Security in Academic Institutions, the team running the service. The project is sponsored by the research arm of the U.S. Department of Justice and run by Columbia University's Teachers College in New York.

The worldwide version of DShield relies on data submitted by anybody--whether a person or large organization--in any location. The tailored schools service will work in the same way, but will only analyze data provided by the schools.

Academic organizations are expected to submit logs from their firewall and intrusion detection systems so the service can parse the data and generate reports on attacks. Those reports can then be used to protect networks.

"They will be able to analyze the threats their networks are exposed to and compare the data with our global data," said Johannes Ullrich, the chief research officer at the SANS Institute and founder of DShield.org.

For example, users will be able to see where attacks are coming from and what network ports are attacked, Ullrich said. "Academic institutions face the challenge of maintaining an open network while also providing security for their users. This data will help them decide what protection to deploy while minimizing restrictions."

The intelligence service is part of a larger Information Security in Academic Institutions research project that started last year. Other project parts include a survey and interviews with IT directors at colleges and universities. "Ultimately, the information should help find solutions to security problems in the academic world," Burd said.

Academic organizations interested in joining the new effort can contact the research group via its Web site.