It happens every day, across government, military and commercial industries. Individuals and organizations receive electronic content, such as Portable Document Format (PDF) and digital media files, from unauthorized or potentially compromised sources. These files create ever-growing security risks for paralyzing cyberattacks.
Now, American University Associate Professor of Mathematics and Statistics Michael Robinson and his team of AU graduate and undergrad students are working with BAE Systems’ FAST Labs research and development team to work on a new contract awarded by the US Defense Advanced Research Projects Agency (DARPA). Their mission is to develop new cyber tools to help prevent vulnerabilities in electronic files that can lead to cyberattacks. Development of these tools will be part of DARPA's Safe Documents (SafeDocs) program, which aims to more effectively identify and reject malicious data in a variety of electronic formats.
A New Approach to Software and Security
This project is likely the first major application of topology to analyze the structure of electronic documents, says Robinson. In fact, the process of identifying and neutralizing malicious agents within electronic documents requires an entirely new perspective about software and how it reads a document.
“Although the theory of software is strongly mathematical, it largely ignores overall structure present in the documents it reads. Malicious agents within a particular document break that overall structure, and so could be detected. My research portfolio is built around the mathematics of topology, which quantifies such structures and may be able to detect a hazardous document.”
Two Layers of Protection
As part of the SafeDocs program, the BAE FAST Lab team will work with Robinson and his team of American University students to create two different cyber tools. The first tool seeks to recover, simplify, and automatically select safe feature subsets within electronic data formats to help encode the data safely and unambiguously, while the second is a toolkit to help software developers avoid vulnerabilities in the software they create to process complex electronic data.
"Research on the SafeDocs program will leverage BAE Systems' expertise in cyber, algorithmic, and systems engineering domains to give developers tools that currently don't exist in government or commercial markets to more easily and efficiently ensure the security of electronic documents," said Anne Taylor, product line director of the Cyber Technology group at BAE Systems. "As the creation and use of electronic documents continues to grow every day, so does the risk for potential cyberattacks, making it essential we create solutions that are built with security in mind to help keep content safe."