Cover Story

Research & Learning

It's not nice to say
"we told you so" but...

On the Big Screen

Mann's Advice

Engineer Helps
Big 12 with
Schedules

Alumni

Cross Cutting

Credits

Past Issues

Marston Muses
Readership Survey

When hackers hit the headlines in February by attacking high-profile companies on the Internet, some of the least surprised people were at Iowa State.

ECpE Associate Professor Doug Jacobson, chair of Information Systems Security and Networking (ISSN), has been training students to defend against such attacks in his Information Warfare class and through government-funded research.

“It’s the Wild West out there, except that no one’s identified a sheriff,” Jacobson said. “We need to train the ‘techies’ who can defend company networks, and ISU is one of the top schools in the country for this.”

Jacobson said there’s a severe shortage of students and faculty in the computer security area, so catching up means first trying to keep up with the increasing demand. Yet not just any student is cut out for the field.

“You have to be more on the creative side because you’re dealing with creative individuals,” Jacobson said. “You’re fighting one-on-one with people doing things way out of the box. You need to think on your feet and troubleshoot. This is not cookbook work.”

Even the Clinton Administration has stepped in, advocating research spending and scholarships to develop a generation of web warriors.

“We were involved in the preliminary discussions of that approach,” Jacobson said, noting Iowa State’s national reputation in the field.

Jacobson, ECpE Associate Professor Jim Davis, and the ISSN research group have been working for nearly two years under a defense department grant to develop detection and counter-measure strategies for denial of service attacks—the type that occurred in February.

“The project ends in July and we’re close to having our results ready,” Jacobson said. “We’re also working on ways to predict attacks, but that’s farther out there. We’re looking for some funding.”

In the meantime, web security continues to be a tricky proposition, even for noncorporate users. Recently, a new computer was put on line in the ISSN lab—“nothing special, just a computer,” Jacobson said, and within 15 minutes it was being probed from the outside for vulnerabilities.

“It’s a night-watch type of analogy,” Jacobson said. “Everybody needs to keep an eye out.”