Previously, when a system was under cyber attack, the only solution to mitigate the threat was to take the server offline. However, there may now be another option. MIT researchers have developed a system that allows servers and computers to continue to operate even while under cyber attack.

The research, predominately funded by the U.S. Defense Department’s Defense Advanced Research Projects Agency (DARPA), has stood up to outside testing. DARPA hired outside security experts to attempt to bring down the system.

According to an electrical engineering and computer science professor who led the project, the system exceeded DARPA’s performance criteria in each test.

During normal operations, the system developed by the MIT team monitors any programs running on computers connected to the Internet. This allows the system to determine each computer’s normal behavior range. When an attack occurs, the system does not allow the computers to operate outside of the previously determined range. “The idea is that you’ve got hundreds of machines out there,” the professor says. “We’re saying, ‘Okay, fine, you can take out six or 10 of my 200 machines.’” But, he adds, “by observing what happens with the executions of those six or 10 machines, we’ll be able to deploy patches out to protect the rest of the machines.”

An associate professor of computer science at Columbia University finds the MIT approach to be novel. However, he feels that most web developers might be reluctant to implement the new technology in the near future.

More.................http://www.thenewnewinternet.com/2010/03/18/mit-keeps-system-online-during-cyber-attack/