Duquesne's Digital Mr. Clean Develops Software to Scour Away Secret Files
Dr. Charles Wood may be the Mr. Clean of the Digital Age.
In a world of high profile cyber security breaches, from China and the U.S. Chamber of Commerce to Edward Snowden and the National Security Administration, this assistant professor of information systems management at Duquesne University has patented software that electronically scrubs incoming and outgoing computer files of suspicious programs.
Think of an anti-spying computer program on steroids.
The point is to provide protection on both sides of the firewall, said Wood, a Certified Information Systems Security Professional (CISSP) who holds degrees in computer science and corporate finance, as well as information systems management.
Hacking is not merely a possibility in Wood's world. It's an ever-present reality. The question not whether someone will try to access information but how often-and how can you best protect your information, he said. Hackers often now part of corporate entities, many of them overseas. Money is a key motivation. What is a competitor doing or planning? How much is a person-or a country's-secrets worth? What is the weakest link in the information chain?
As technology grows increasingly sophisticated, so does hacking. For instance, take that photo that just landed in your inbox. If you're looking at someone's beach vacation memory, a PDF or Microsoft Word document you would never be able to notice that some pixels that might be a little off-and might have reams of sensitive information embedded within that one miniscule portion through adjustments to line and letter spacing. Most standard security systems wouldn't detect it, Wood said.
In addition to intentional attacks, online information is at risk because of human behavior. Employees may do their best to skirt security measures because they consider them cumbersome and time-consuming. According to a recent report by public-private IT partnership MeriTalk, more than 30 percent of the federal workers polled circumvent security measures at least once a week.
How can security professionals fight such subtle, deliberate, ever-changing tampering and such inconsistent, apathetic human behavior?
"The detection of secret content is so difficult or even impossible that I've taken the position that we need a different approach," Wood explained. "Instead, every file is scrubbed so that any secret messages are removed but the actual file is, for all practical purposes, unaffected, without the need for prior detection of embedded secret messages."
With scrubbing, data stays safe while changes to the actual picture, song or movie are imperceptible. Wood's scrubbers can be configured to clean any infiltrating computer files that try to enter a computer or leave a secured area in a network.
"With such a great potential for wide-spread security breaches and devastating impacts, scrubbing files that exit and enter a system seem to be the safest and most comprehensive way to address the issue," Wood said.
Founded in 1878, Duquesne is consistently ranked among the nation's top Catholic research universities for its award-winning faculty and tradition of academic excellence. The University is nationally ranked by U.S. News and World Report and the Princeton Review for its rich academic programs in nine schools of study for nearly 10,000 graduate and undergraduate students, and by the Washington Monthly for service and contributing to students' social mobility. Duquesne is a member of the U.S. President's Higher Education Community Service Honor Roll with Distinction for its contributions to Pittsburgh and communities around the globe. The U.S. Environmental Protection Agency and the Princeton Review's Guide to Green Colleges acknowledge Duquesne's commitment to sustainability.