• United States



by Dave Gradijan

Department of Energy Hopes to Identify Security Threats

Jul 06, 20062 mins
CSO and CISOData and Information Security

The Argonne National Laboratory, a division of the U.S. Department of Energy, is leading an initiative to collect information about cyber security attacks and other events, reports.

The Federated Model—comprising the government, universities, research labs and any other organization wanting to share details—began last fall and now has about a half-dozen members, according to Scott Pinkerton, manager of network services for Argonne in DuPage County, Ill.

Members of The Federated Model can use the shared data to learn how different IP addresses try to access networks and how organizations have responded to those attempts, the article reports. Pinkerton said the information is used to spot patterns of malicious behavior and proactively block security attacks.

“We are reinforcing the idea that we could be smarter, and more prepared,” Pinkerton told NetworkWorld. “While the number of members is growing, The Federated Model hasn’t yet hit critical mass.”

NetworkWorld reports Argonne is developing The Federated Model’s repository and is laying out specifications for submitting and accessing information. Data is submitted in an encrypted XML format, following IETF standards. Additionally, the lab is adding features such as an RSS feed to alert members when new information has been added.

“What’s valuable about this data is not only learning what IP addresses are doing,” Tami Martin, an intrusion detection systems engineer with Argonne, told NetworkWorld, “but what organizations are doing in response to potential threats.”

Pinkerton hopes that eventually, members will get to the point where they can completely thwart an attack by following the steps that another trusted member took.

Compiled by Paul Kerstein

Keep checking in at our Security Feed for updated news coverage.

Or subscribe via RSS.