The Georgia Tech Research Institute in Atlanta, Georgia, recently established the Cyber Technology and Information Security Laboratory (CTISL-GTRI). Dr. Fred Wright, chief engineer of the lab, gave the chapter a glimpse of the exciting capabilities of the lab and its impact on commercial, government, and national security in November.
The mission of the lab is to develop, analyze, exploit and archive cutting edge research and development activities in the cyber and command and control spaces. The powerful organization has developed and implemented three main divisions and a critical database to address the threats in the area of network centric warfare, secure information systems, assessment and exploitation, and military/government open source enabling technologies. Their highly visible manifestation of their capabilities comes in the form of the C2 Mission Assurance Division.
They have been improving their Deployable Joint Command and Control System for years, having operation experience during the Hurricane Katrina recovery and the devastating Haiti earthquake in 2009. Their Secure Information Systems Division provides “defense in depth” in both physical and virtual systems. Their multilayered approach to the security issue is a must to discover, analyze and eliminate potential security breach paths.
The real power of the team comes from their Network Vulnerability Division. They directly support the national intelligence community, having more than 20 years of history with the National Ground Intelligence Center. In addition to the traditional roles of RF cyberwarfare and electronic warfare, the CTISL also analyses upwards of 15,000 malware samples daily. They even go out of their way to attract would be cyber attacks using honeynet and honeypot constructs. When these “bait” net/sites are invaded by malware, they unleash botnet armies to capture, analyze, categorize and archive how the malicious software works. It is all kept in a massive database called MTrace, a highly valuable and sought after collection of data, perhaps unique in the cyber industry and available to government and military organizations.
Each division provides key assets into their adaptive architecture. They also provide a security/research framework to analyze Internet hacking and suggest defensive countermeasures. The program called Spider Sense is one requested service they can provide. It is reassuring that assets like the CTISL at GTRI exists and is keeping a 24/7 eye focused on cyber security. Their insight and depth of knowledge in this area will greatly assist in the development and deployment of current and future systems to control the cyber battle spaces of the future. |
