With only a few weeks left, the Class of 2003 of the School of Engineering and Applied Science is working to complete its final projects, which will be officially presented on April 24 -- the school's Poster Day.
Many of these projects were started over a year ago and have been progressing throughout the school year.
And while all works are sponsored by professors, there are a few that spring right from the adviser's own research. One of these is the project of Francis Brown and Vinnie Liu.
Enrolled in the Computer and Information Science Department, these two seniors are currently adding the finishing touches to their project -- a computer system that will prevent certain kinds of hacker attacks.
The project is aimed at computers that are wired to a network security system, which are therefore liable to Distributed Denial of Service attacks -- better known as DDoS to the technologically-savvy.
Because of DDoS, hackers can break into many secure computers and coordinate an attack from all units against one "victim" -- usually Internet providers such as eBay -- that freezes because of an excess of demand.
The idea came about when CIS Professor Jonathan Smith proposed that the two students continue work he had done on computer security, a growing worldwide concern. And now, Brown and Liu are presenting their idea to help solve it.
"Our solution is to use machine learning -- a machine's ability to automatically improve its future performance based on past experience," Brown said.
The final goal, he added, was to "build a system that stops the attack closer to the victim."
The idea is to have the machine learn new patterns of identifying DDoS attacks, enabling it to block as many as possible.
The two seniors are also working on training what Liu called "degree of tolerance" to the attacks so that the machine will not be too sensitive.
And these training sessions can never be too thorough -- according to Brown and Liu, the number of computers attacked through DDoS are becoming more numerous and more severe.
Because DDoS is such a simple strategy, no solution has yet been found to prevent it. In fact, even the most inexperienced hackers -- called script kiddies -- can tap into computer systems and use them to attack a provider.
Often, individual computer owners are not even aware that their machine is being used. Sometimes, a simple download from the Internet will suffice to make the computer available to a hacker.
But while the chances of being included in a DDoS attack are real, individual users are rarely subjected to this kind of intrusion.
Instead, the most likely targets are academic institutions, whose campus systems are seldom adequately protected.
This project could, then, bring a considerable improvement in computer security to the Penn campus, as well as to many other institutions.
And while at the moment the project is in its final stages, there is still one problem to be solved.
"We're now doing testing," Liu said. "But we're waiting for permission to attack a lab."






