Remedy 3: Find the Source of Infections
Fix the backbone of the Internet so criminals can't hide their tracks
Diagnosing anthrax or another infectious disease is easy; the hard part is finding where it came from. Today's Internet has a similar problem: Malware is easy to spot, but its origin is often a mystery. Information travels around the Internet in data packets, each one with an Internet Protocol (IP) address, a 12-digit number that indicates from which machine it originated. Unfortunately, it's easy to "spoof," or fake, the IP address to hide the data's actual source. (There are even legal tools you can use to hide your computer's IP address so that you can surf the Web anonymously.)
CyLab's Fast Internet Traceback (FIT) technology can follow each packet as it moves across the Internet, "like leaving a trail of breadcrumbs," says Adrian Perrig, assistant professor of electrical and computer engineering at Carnegie Mellon. With FIT, each packet would get a small marker added to it as it passed through a router, a machine that directs and relays Internet traffic. These markers would allow computer-forensics experts to identify the routers through which a packet had passed, ultimatel tracing it back to the computer that originally sent the data-whether it belonged to Ivan, a botnet or a teenager just causing trouble-and choke it off.
But for FIT to work, Perrig estimates, at least a third of the Internet's roughly 100,000 routers must be upgraded, a process that would take many years and cost billions of dollars. Even then, tracing packets would get you only so far, says Bruce Schneier, founder of California-based consultancy Counterpane Internet Security. "It's easy to prove that your computer did something, but it's hard to get from your computer to you," he explains. That is, the chain of evidence breaks once you try to prove that it was Ivan's fingers on the keyboard. You need some way to absolutely verify his identity, such as authentication and biometrics. But this, in turn, raises serious privacy concerns. Do you really want Uncle Sam or your boss to be able to pinpoint where you go on the Internet? What if you're a political dissident in Iran or China?
CyLab has policy experts who deal with these types of issues, which may prove harder to solve than the technical ones, given the international nature of the Internet. Achieving a survivable, self-healing Internet will be difficult-but not impossible. "If you want to eradicate disease from this earth, the problem is insurmountable," Khosla says. "But if you want to eradicate smallpox, polio, measles or malaria, each problem is very difficult, but on their own, none are insurmountable."single page