Japanese lab brings cinematic flair to network monitoring
Cyberattacks are an ever-present danger in the digital age, yet for most of us, they are out of sight and out of mind. But what if we could see the threats with our own eyes? Visualization, according to a cybersecurity expert in Japan, can go a long way toward raising awareness and fortifying defenses.
This is the thinking behind Daedalus, a network monitoring system developed by the Cybersecurity Laboratory at the National Institute of Information and Communications Technology, or NICT.
The system looks like it was lifted from a movie. On the screen, circles orbit a 3-D sphere. When there is suspicious activity, a big, red Chinese character pops up. Kei, it reads. Translation: “warning.”
Daisuke Inoue, the director of the lab, really did want Daedalus to resemble the stuff of cinema. “What I imagined,” he said, “was an extension of the worlds of movies, animated cartoons and games I saw when I was a child.” Inoue believes visualization makes it easier for the average person — including corporate executives — to understand cyberattacks. He also thinks the cool factor is important for attracting young talent to the field of cybersecurity.
The sphere in the center represents the internet. The circles stand for networked organizations and PCs. The system watches for transfers of information to the darknet — unallocated internet protocol space that is frequently used in cyberattacks. This way, Daedalus can zero in on PCs infected with malicious software, or malware, track the progression of attacks and aid efforts to stamp them out.
Cyberattacks were barely on the radar when Inoue was enrolled at Yokohama National University in the 1990s — the early days of the web. Students were not exactly clamoring to get into the school’s information security lab.
Nevertheless, the study of internet security and privacy piqued Inoue’s interest. His mentor was Tsutomu Matsumoto, a leading expert in cryptography. “He was tough but a person with great foresight,” Inoue recalled.
Matsumoto encouraged Inoue to venture into uncharted waters, telling him that in the future, cryptography would not be the be-all and end-all of security research.
The NICT started studying cyberattacks in earnest in 2005. Malware was quickly becoming an online scourge. The institute proceeded to build a large darknet monitoring network by borrowing unused IP addresses from universities and companies. This was the beginning of Daedalus.
The system takes its name from a craftsman and inventor in Greek mythology. It also stands for Direct Alert Environment for Darknet and Livenet Unified Security.
The development of Daedalus turned out to be a major turning point for Inoue. When he unveiled the system in 2012, the response was overwhelmingly positive. Foreign media outlets took notice of its futuristic appearance; in Japan, it won a Good Design Award.
Inoue has also developed Nirvana-Kai, which defends against targeted attacks on specific organizations, and other systems. The technology he has worked on is making its way out of the lab: Daedalus alerts, for example, are sent to about 600 local governments via email and other means.
Cyberattacks have the potential to undermine not only companies but even entire countries. Until now, Japan has relied heavily on imported technology to protect itself. “Is this really OK?” Inoue said, showing his discomfort with this state of affairs — one source of motivation, perhaps, for his drive to develop proprietary technology.