NSA patents a way to spot network snoops

10 comments | 22I like it!
December 21, 2008, 04:32 PM —  IDG News Service — 

The U.S. National Security Agency has patented a technique for figuring out whether someone is tampering with network communication.

The NSA's software does this by measuring the amount of time the network takes to send different types of data from one computer to another and raising a red flag if something takes too long, according to the patent filing.

Other researchers have looked into this problem in the past and proposed a technique called distance bounding, but the NSA patent takes a different tack, comparing different types of data travelling across the network. "The neat thing about this particular patent is that they look at the differences between the network layers," said Tadayoshi Kohno, an assistant professor of computer science at the University of Washington.

The technique could be used for purposes such as detecting a fake phishing Web site that was intercepting data between users and their legitimate banking sites, he said. "This whole problem space has a lot of potential, [although] I don't know if this is going to be the final solution that people end up using."

IOActive security researcher Dan Kaminsky was less impressed. "Think of it as -- 'if your network gets a little slower, maybe a bad guy has physically inserted a device that is intercepting and retransmitting packets,' " he said via e-mail. "Sure, that's possible. Or perhaps you're routing through a slower path for one of a billion reasons."

Some might think of the secretive NSA, which collects and analyzes foreign communications, as an unlikely source for such research, but the agency also helps the federal government protect its own communications.

The NSA did not answer questions concerning the patent, except to say, via e-mail, that it does make some of its technology available through its Domestic Technology Transfer Program.

The patent, granted Tuesday, was filed with the U.S. Patent and Trademark Office in 2005. It was first reported Thursday on the Cryptome Web site.

IDG News Service

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Close

On Twitter now

nsa

Powered by Twitter
You are logged in | Sign out
Sign in and post to Twitter

What are you thinking?

Cancel Tweet sent

On Twitter now

Comments

Patent? NSA?

How can the NSA patent anything? Why would a government agency be granted a limited monopoly on technology?

If I infringe on this patent, and they come after me... how will the monetary damages be calculated to an organization which is federally funded and doesn't produce any marketable product?

Can I use the fact that they produce no product to force a compulsory license for the technology? This strikes me as very very bizzare for a federal agency.

-Steve
| reply

I would like to add that if

I would like to add that if the NSA developed this, then it was funded with taxpayer money. Therefore, it shouldn't be patented as it used public funds provided by all American citizens.
| reply

The 'patent' link goes to

The 'patent' link goes to "System and method for reallocating and/or upgrading and/or selling tickets, other event admittance means, goods and/or services"

Is the link wrong, or is the technique buried in there somewhere?
| reply
peer-to-peer

Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers

Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal

Tom Henderson
Top Ten General Operating Systems Rants

pasmith
PS3 motion controller delayed; goes up against Project Natal

sjvn
Neolithic Windows security hole alive and well in Windows 7

claird
Perl source code comparison makes for good reading

mikelgan
Cell phones don't create stress or interrupt much

Sandra Henry-Stocker
How to: The Unix Interview

 

Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann

Join the conversation here

The Daily Tip

The Daily TipQuick, practical advice for IT pros. Made fresh daily.

Hot tips:

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
Marketplace