UCB, USC To Build (And Hack) A Model Internet

darksoulz writes "Associated Press stories from TheKansasCityChannel.com and TheChamplainChannel.com have an interesting report today. It appears that the U.S. Government has given a $5.5 million grant to the University of California, Berkley and the University of Southern California so that they can build a model of the internet, so they can hack it. They are trying to find better defenses against hacking, without breaking the real Internet. The first phase is scheduled to be completed by February."

Weak Article

[Anonymous Coward]

The articles (which are identical) don't go too much into details. What exactly are they doing that is going to cost $5.5 million dollars? Are they planning on making it a coast to coast thing? Isn't the internet just a big ass network?

Tin foil hat or not?

[grub]

The research is funded by the National Science Foundation and the Department of Homeland Security.

If they find fundamental flaws in the systems will they keep them secret to shore up US networks while leaving foreign networks susceptable? It could be a great tool for "cyberwarfare" against EvilDoers...

Re:Good

[Tin Foil Hat]

Will they expose this system externally for real "hackers" to play with?

If they do, I'm sure slashdot will be more than happy to help with stress testing.

In ten years...

[sandbenders]

In ten years everyone will wonder why USC and Berkley produced all of the decade's best crackers. This project will result in three things:

1. Good dissertations for CS PhDs.
2. More secure software, which will rarely be implemented and even more rarely be implemented well.
3. A whole bunch of research assistants who think they are l33t h4x0rs. And some of them will be right.

Quick question:

[mblase]

I know you can hack a server, but how exactly do you hack "the Internet" (model or otherwise)?

Re:Good

[Anonymous Coward]

I think the real point here is to make a testbed where they can unleash worms and then try different techniques to try and trace, contain, stop, and prevent them. Not to actually attract hackers. They will be the hackers, do the hacking, etc. Also to play with DDOS attacks and whatnot, without saturating any existing networks. I think the operative term is hacking a model 'internet' not a machine on the internet.

Re:I'll do it for 1 million

[Anonymous Coward]

To properly simulate the internet youre going to need alot more than off the shelf PC's. Youre talking Many different types of hardware, including high end enterprise stuff. Network switches of all types, from dlink home routers to mind bogglingly priced cisco stuff, and people to configure ALL of it. To do it right, youre not going to throw a grad student a cisco manual and have him learn by trial and error. Same w/ software configurations, apache to IIS to Websphere, all kinds of stuff to properly simulate it. Expensive stuff. Ok... now topologies.. ATM, ethernet, fiber, T1's, whatever topologies cable networks use... all that good stuff. You completely neglected these costs, and the monthly costs of running these lines.

Youre prob going to want more than 100 pc's also. some to mimick home lans on dsl, others cable, others behind a corporate network, others exposed right on the net, etc. These are just back of the envelope calculations.

your labor costs were not too bad, though I think youre still under in assuming 3 professors part time. I would think more like 3 full time for something like this. To do this correctly though, they will also need industry professionals configuring the higher end stuff.

As you can see, not nearly as simple as it sounded eh?

Just offer prizes to hackers

[G4from128k]

I'm not sure how they plan to "model" the internet, but I would argue that the internet is its own best model. Anything else will lack some exloits present in the "real" net while have other exploits absent in the real net (bugs in the model's software).

I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net. The profs and grad students could ajudicate the prize giving. They would find at least 1100 exploits this way (fewer if they have to pay those pesky grad students or usurious university accounting department overhead rates).

If letting hackers profit from hacking the actual internet is too scary/illegal, then the university could create a small publically exposed network running a variety of apps, OS, etc.

Re:I'll do it for 1 million rant.

[Anonymous Coward]

I wanted to seperate my ranting from my somewhat more constructive post, but the lack of business and common sense in the industry has really been getting to me lately. Dont get me wrong, I have seen some stupid moves by managers, but the extent to which engineers think they know the one true way to do everything and that they and only they understand what someone is REALLY trying to ask has just been pissing me off. Managers got there for a reason, and its not because of their holier than thou attitudes. Sure, some get lazy and dont keep up w/ the technology, but most do.

Issues are not all black and white, Linux is not necessarily the best thing for all or even most users, regardless of price. MS is not necessarily an evil company in every respect. This general hostile attitude really needs to change. The lack of interpersonal skills has long been noted in the industry, but I really think its time that something be done about it. Just take a friggen second to try and see the other person's point of view, understand where they are coming from, why they see their decision as best, then try to argue against it. Storming out of a meeting calling your manager and coworkers idiots isnt going to get you out of that cramped 3 walled cube.

Re:Just offer prizes to hackers

[dido]

Do the words "Cyber-Armageddon" mean anything to you? I imagine what some of the things they'll try to simulate are the really monstrous distributed denial of service attacks that would cripple the entire Internet for days and cause untold amounts of damage and inconvenience for millions all over the world. Things that would make a major slashdotting look like a mild hiccup. If they did that on the real Internet, the damage it would cause worldwide would be worth a helluvalot more than a piddly US$5.5 million.

I imagine they'll be dealing more with network structural problems than cracking problems. They'd also be doing experiments on some conjectures like the Warhol worms and flash worms we've heard about that can infect 60% or more of all the hosts on the Internet in under 15 minutes. If they did such an experiment on the real Internet, that would again cause a lot of major disruption, especially if they made a mistake in the worm's programming, and that's not exactly an unknown occurrence... The Great Worm itself had a bug that rendered it far less benign than Robert T. Morris planned. If that happened on one of the world's largest WAN's however, no big deal, it'll just inconvenience the grad students in charge of it, and they'd need to reinstall, which is probably part of what they'll be getting paid to do anyway.

What you're proposing by the way, would be tantamount to condoning acts that the Department of Homeland Security (which appears to be one of the agencies funding this project) has labeled terrorism, and which have been illegal since long before 9/11.

Re:This will fail

[orangesquid]

What makes you think they would pick a good operating system on purpose? Rather, they could put up many different systems known to be hackable, write worms or scripts designed to hack into these machines, and try to create technologies to capture/contain and lessen/slow infections and security breaches.

I don't think the point is to re-create OpenBSD. The goal is probably more of a cross between network monitoring, intrusion detecion systems, and automatic network reconfiguration.

The Internet can already route around problems because of redundancy. Sophisiticated routers can control and shape traffic. But, as of yet, there's no widespread technology to protect entire networks from security problems. We will never create perfect systems... so we must create countermeasures so that when our systems fail, they fail in the smallest and least dangerous ways possible. It's like fault isolation.

Re:Quick question:

[heironymouscoward]

Hacking the Internet is quite different from hacking a server. A single server behaves in an obvious and predictable fashion. The Internet behaves like a natural system: clearly there are always going to be a number of hacked systems, but the overall impact depends on how these systems have been hacked, what damage the hackers do, how fast the damage spreads, etc.

What I presume this 'model' will be used for is to do things like simulate how fast and far a new kind of virus could spread.

It's extremely pertinent research and the price tag is trivial compared with the cost of damage to the real thing.

Re:Tin foil hat or not?

[gnu-generation-one]

"If they find fundamental flaws in the systems will they keep them secret to shore up US networks?"

I don't think Internet Explorer is a secret anymore

Re:Good

[Rick the Red]

It can't be a proper model of the internet unless it contains its own Slashdot, complete with the Slashdot Effect.

Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!

The "What if machine"

[brakett]

The way I understod the article, this is supposed to be a wan that can be used as a what-if-machine. This would be a way to se the results of changing widely used standards.

What if everybody used IPv6?
What if you had to prove your id to send mail?
What if a Curious Yellow [blanu.net] -like worm were realeased?
What if.... well you get my point.

USE THE RIGHT WORD!!!!!!

[some guy I know]

It's "cracking", not "hacking", dammit!
I expect this from mainstream media, but not here.

a model?

[hyrdra]

The problem with their "model" is that something as complex as the current Internet as it exists today can't really be modeled, at least not very well. It's a huge chaotic system thats constantly changing and growing, so when you try to model it your model is going to be out of date before you can do anything useful with it. I really don't think $5 million can buy even a small representation of what the Internet is today. Think of the OSI layers and all the different software, hardware, protocols, methods, systems and manufactures in place at each layer. Each of those has its own set of vulnerabilities, holes, etc. and keep in mind there are many different versions of each of those running at the same time across different networks.

This complexity is precisely what makes tracking and solving problems with today's Internet so hard.

I am curious as to what they expect to study and find from this model. Today's problems with the Internet and networking in general are largely social, economic, or political. Figuring out some neat new protocol isn't going to make backbone provider X update their entire network. Worms and the such are also the bain of a social problem. As long as we have smart programmers with free time, there will be worms and exploits of the system no matter what procedures are in place or how smart the network is; The fix for said worms are timely patches and updates, however most users won't and don't do this, hence the epidemics.

This might make some great academic research and a neat new toy for the University but I fail to see how it can find applications in the real world where the problems are much harder than the technical ones this project (presumably) hopes to solve.