Researchers at the Georgia Institute of Technology were awarded $4.2 million from the Defense Advanced Research Projects Agency (DARPA) and the Air Force Research Laboratory (AFRL) to improve how data is tracked between computers, internet hosts and browsers, the university said on July 30.
The project, titled “THEIA” after the Greek goddess of shining light, is set to last four years. Participants in the project include researchers form the school’s College of Computing: Dr. Taesoo Kim, assistant professor; Dr. Alessandro Orso, associate chair; Dr. Simon Chung, research scientist; and Dr. Albert Brzeczko, research engineer at Georgia Tech Research Institute (GTRI).
THEIA is meant to shed light on where data movies as it is routed between internet hosts and whether malicious code is attached during transfer.
“The project has wide implications for any industry and anyone who needs to send secure information, make sure it is not manipulated during transfer, and that it arrives securely intact…If we have the ability to fully track how data is processed until it reaches the intended recipient, then we can better detect and stop advanced persistent threats (APT),” Dr. Wenke Lee, primary investigator and professor in the College of Computing, said in a statement.
It is not currently possible for a network intrusion detection system to determine if data sent from an end-host was modified by a malicious browser extension after a user completed a web form. “State-of-the-art information flow tracking today typically applies only to a single layer (such as the program level), or does not utilize the full semantics at all layers (to verify if input was entered by the original user, for example),” the university explained in a statement.
However, THEIA is planned to track and record information at three layers: user interaction with a program, program processing of data input, and program and network interactions with an operating system. Combined, this system will monitor secure data flow from user to program to file system storage to network output and back, the university said.
“THEIA represents what could be a significant advance over state-of-the-art approaches, which typically are forced to make arbitrary trade-offs between verifying accuracy and maintaining total computational efficiency,” Lee said.