Carleton University in Ottawa opened a new computer security research centre on Monday in part to focus on narrowing the gap between academic theoretical research and practical business applications.
The venture, funded by Ottawa-based Cloakware and the provincial and federal governments, will focus on improving computer security while still remaining true to academic research.
Studying everything from ways to reduce a hacker's ability to reverse engineer software to stopping viruses and worms through better understanding of their characteristics, professor Paul Van Oorschot and his team of computer scientists will delve into the internal workings of computer security.
Traditionally there has been an uneasy relationship between business and academia as their goals are often at different ends of the spectrum. Trying to make a profit from a technology idea and trying to fundamentally understand the technology are often divergent and financially mutually exclusive goals.
"In security there is very little (system-wide) research on the academic side because there is no reward," Van Oorschot said. "I want to change that."
Academic research tends to be very narrowly focused, and though Van Oorschot admitted he may get some push back from the academic community, he wants to focus at least some of the research on broad-scope solutions.
Van Oorschot's own experience as the former chief scientist at Entrust and an adjunct research professor at Carleton will help him since he understands the constraints of both business and research.
One solution being explored at the lab is a security metrics tool designed to calculate the security level of a given application. Starting with the assumption that a hacker will eventually get in to any application, Van Oorschot said the key is to "raise the bar so the level of effort is so high it is not worth the effort."
The tool created will be able to measure how high the security bar is for a given application. Van Oorschot said this is a good example of research with a very practical use. "That is why there is commercial interest in this," he said.
Another area of focus is trying to find a way to increase software diversity. Almost all software is identical. Because of this, once a vulnerability has been found and code has been written to exploit it all copies of the software are vulnerable to attack.
Cloakware is developing a tool for developers to use when they compile software so a small portion of the code -- for example, what resides in the memory stores -- is varied, so while the functionality will be identical, the underpinnings exploited by the hacker would be far more complex.
Simply shifting 100 bytes would make writing code to take advantage of a buffer overflow vulnerability (the most common software hole) exceedingly difficult, Van Oorschot explained, since crafting an attack has to be very, very precise.
A hacker would therefore have to rewrite the attack code for each variation of the software.