NYU-Poly Researchers Find a New Way to Intercept Malware, Viruses at Router Level

Imagine scanning a document in search of a specific word or phrase, knowing that missing even a single letter could have disastrous consequences. Now imagine that the document is rescanned a million times every second.

Such is the task facing Internet Service Providers (ISPs) as they employ Deep Packet Inspection (DPI) — a cybersecurity tactic aimed at intercepting malicious traffic and preventing viruses from entering a network.  H. Jonathan Chao, who heads the Department of Electrical and Computer Engineering at the Polytechnic Institute of New York University (NYU-Poly), and Industry Assistant Professor N. Sertac Artan have developed and patented a hardware solution to revolutionize this increasingly critical cybersecurity function.

The approach offers considerable security advantages to consumers, explains Chao. "Our invention helps intercept viruses and malware at the earliest possible instance — before they even reach users' computers — keeping networks running and protecting individual users," he said.

Effective DPI examines every packet entering a router switch. Its contents are compared against an ever-growing catalogue of known viruses or attack signatures. With millions of packets arriving each second, the process is often accomplished by a network of processors running parallel searches on portions of data packets — an approach that doesn't scale well to high-speed traffic. Chao and Artan devised a scheme for consolidating the inspection process to a single node, compressing the catalogue of attack signatures to fit on one chip. This allows service providers to streamline their DPI strategy, using fewer resources without compromising efficacy or speed. 

With a prototype already developed, Chao and Artan are testing their solution with the goal of licensing the technology.

Chao also notes that as cybersecurity threats become more complex and wide-reaching, the security community has focused on hardware solutions to meet the high-speed detection required of today's enterprise and core networks. Earlier this year, NYU-Poly joined with three other top cybersecurity research institutions and the National Science Foundation to establish Trust Hub, a web-based repository and exchange network for security researchers and practitioners. The site will allow the hardware security community to exchange papers, benchmarks, hardware platforms, source codes and tools.

Over the course of ten months, Chao and his collaborators have obtained a total of nine patents for technologies that increase the efficiency and safety of high-speed networks. His Deep Packet Inspection solution was developed with support from the National Science Foundation and NYU-Poly's Center for Advanced Technology in Telecommunications.

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • New Uses for AI

    New applications of AI in IP cameras are delivering precise detection, robust search capabilities, elevated data analysis and enhanced image quality. When combined with built-in analytics, AI can help streamline forensic investigations and also supports several mission-critical business functions. Read Now

  • Global IT Outage Cause by Faulty Update from Cybersecurity Provider CrowdStrike

    Systems are starting to come back online after a global IT outage on Friday disrupted everything from airline operations to banks and 911 call centers. Read Now

  • Securing the Flow of Operations

    The transportation industry is a complex and dynamic environment where efficient management of physical keys, vehicles and shared devices is critical to ensuring smooth operations, reducing costs and maintaining security. Every day, more transportation facilities are using modern electronic key and asset management systems to better secure, audit and manage the important assets that keep operations running smoothly. Read Now

Featured Cybersecurity

Webinars

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3