In the world of cybersecurity, the saying goes, to defend and win against an attack you have to make sure all the proverbial doors and windows are shut.
But, if you are an attacker you just need to find one crack.
It’s this dynamic that inspired Galois research lead Adam Wick to make attackers’ work more difficult if they find that one crack.
It’s an area called cyberdeception, and it aims to confuse bad seeds who target networks.
Galois, which has worked on a project to that end called Prattle, was awarded $750,000 by the Air Force Research Lab to continue the work. The project is part of a Small Business Innovation Research grant that Galois has led since last spring.
This funding is part of the project’s second phase. It is slated to last for two years.
Prattle is a software tool designed to generate network traffic that appears real to an outside attacker but is actually fake information, Wick said.
Attackers can gain valuable information just by studying network traffic, such as what computers are on and when, or where the interesting servers are, or even what programs companies use. If a company is running Prattle, the attacker may see some real information but will be inundated with the fake data, Wick said.
So far, the team has built a simple prototype that can replicate human web traffic on a network. Wick noted that while some software tools can generate traffic that tests networks, the information on those is clearly computer-generated.
“The traffic generated looks fake,” Wick said. “The notion here is to generate traffic to fool a trained human observer.”
As part of the grant’s second phase, Galois will continue to develop the tool and a commercialization strategy. The company wants to create pilots with industrial partners. It hopes to have the first effort set up in about nine months.
Beyond that, Galois could either spin the technology out as its own startup or incorporate the tool into the product offering of its existing subsidiary FormalTech.
Galois employs 70 people at its downtown headquarters. The company specializes in computer science research. The company works with government and corporate clients on security and other technical issues.