17 Sep Cyber crime buster? UW-Madison's Paul Barford developing an answer to malware tsunami
Madison, Wis. – As he works to turn a research prototype into a breakthrough network security product, Paul Barford envisions quite a large potential market for his technology – basically, any organization with a computer network.
Barford, an assistant computer science professor at the University of Wisconsin-Madison, is developing that product as the founder of Nemean Networks, LLC.
Barford has said cyber crime has made a transition, moving from the point where malicious activity was a mechanism for gaining recognition to the point where it now has a profit motive. He believes the technology he is developing will help take a bite out of cyber crime, but the sheer size of the market has convinced him to take one bite of the mountain at a time.
“Anybody with a computer network is a potential customer for our product, but initial customers will probably be ones with the most to lose,” Barford said.
In other words, those with large enterprise networks such as financial institutions and major corporations. Out of the gate, Nemean Networks will focus on a specific set of target customers, but future sales channels are likely to be established in partnership with regional players or those looking to extend their reach, such as CDW Berbee.
The whole picture
Initial product testing is being conducted in partnership with UW-Madison’s Department of Information Technology, and a more thorough beta testing phase should begin early in 2008 at the sites of potential customers. Within two years, Barford hopes to have a product on the market.
Like many network security products, the yet-to-be-named product has a hardware platform with software as the vital organ. The brand differential from other intrusion detection systems is that Nemean’s technology provides network security administrators with a broader perspective on malicious activity. With its ability to adapt, in real time, to the network environment in which it is deployed, Barford said it can report on all types of malicious activity.
Just like the most complete diagnosis is required for the proper course of medical treatment, the right network diagnosis is needed to develop the right technology security solution.
In Barford’s view, a broad perspective will be increasingly important in an era where there are an estimated 40,000 to 50,000 new “malware” encounters on a monthly basis. “The real problem with network security is that the scope of threats is expanding at an immense pace,” he said. “It’s impossible to keep up with the scope of threats today.”
The other advantage, according to Barford, is that Nemean’s technology “virtually wipes out” the incidence of false alarms, which consume untold of hours of time because even though false, they must be responded to.
The product also is scalable – it can be used at what Barford called a “course” level for simple monitoring purposes, or be used to drill down to the extent where it can help solve problems.
Barford, who is seeking patents on the technology, said prospective customers are desperate for such a system-wide monitoring tool to understand what they are facing at any given moment, but Nemean may not stop there. While situational network awareness tools have their value, the company is considering the development of a malware-blocking tool down the road, but that will depend on the desires of the market.
No matter what other avenues it pursues, threat monitoring and detection will be the first order of business. “We need to be vigilant in developing techniques and addressing new threats,” said Barford, who sits on the board of directors of National Lambda Rail. “We’re going to do our best to stay on top of that.”
Jim Lowe, chief information security officer for UW-Madison, said testing is in its earliest stages, and he’s eager to see if the intrusion-detection device can provide improved security for the university. “It’s really part of the Wisconsin idea, where the university works with the private sector to develop business,” Lowe said. “One benefit of the technology is that it gives very few false positives, but we need to put that to the test.”
For now, the company will operate on the $1.5 million in capital and business expertise it has received from the Badger Alumni Capital Network (BACN). The network was established in part to increase the number of local start-up companies spun out of UW-Madison research and prevent university researchers, who often need financial and business assistance, from selling their ideas to companies outside the state.
Paul Matthews, who helped organize the Badger Alumni Capital Network after retiring from BlackRock Financial, serves as Nemean Network’s acting chief executive officer. He believes Barford is developing a disruptive technology at a time when the nation is at war and worried about cyber terrorism, and organized crime is increasingly involved in domestic cyber crime.
“It’s an area that needs real attention, computer network security,” Matthews said. “It’s a space that has tremendous possibilities.”
• Safe Internet requires total network security, prof. says
• Two UW-Madison professors named to National LambdaRail Networking Research Council
• Small Tree boosts bandwidth for Apple G4 and G5 servers