Still Life

With four guide ropes attached to it, the east-side clock face is raised into position. While it didn't seem that windy on the ground on Saturday, Jan. 28, winds higher up were strong, requiring extra guidance to bring the clock face safely to the Old Main bell tower.

Old Main clock faces installed

Ben White of New Vibrations Audio and Video works on a ledge of the Old Main bell tower, to remove the speakers from the old chime system. The company installed a new carillon system today (Jan. 27) that will play a digital recording made of the original Old Main bell that now sits adjacent to Old Main and other bells of comparable sizes.

New carillon, restored clocks being installed

The funeral procession for Joe Paterno made its way past Beaver Stadium and down Porter Road as crowds applauded on Jan. 25. Thousands lined the procession route through the University Park campus and downtown State College to bid a last farewell to Joe Paterno.

Joe Paterno's funeral procession

Coach Joe Paterno was on the field for the first half of the Nittany Lions' football game. Penn State beat the Iowa Hawkeyes 13-3 on Oct. 8, 2011, in front of an enthusiastic crowd at Beaver Stadium.

Joe Paterno through the years

Katie Knobloch and Andrew Adamietz, members of the a capella group Blue in the Face, shared a candle at the vigil held Sunday, Jan. 22, to mourn the death of Penn State football coach Joe Paterno, who passed away earlier in the day. Several thousand members of the Penn State and State College community came out to the Old Main lawn on Penn State's University Park campus for the vigil.

Thousands mourn Paterno's passing

Featured Video

We ... are Penn State (December 19, 2011)

We ... are Penn State (December 19, 2011)

Penn State's creamery, from the cow to the cone

Penn State's creamery, from the cow to the cone

Researchers use balloons to unlock mysteries posed by dying stars

Researchers use balloons to unlock mysteries posed by dying stars

Everyday virus proves potent against cancer cells.

Everyday virus proves potent against cancer cells.

Updates:
Penn State Promise

Penn State Harrisburg community forum to discuss child abuse

Video: Board of Trustees' Jan. 20 press conference

Newly elected chair of the Board of Trustees delivers remarks

Frazier provides update on independent investigation

Guidelines for reporting of child abuse, sexual assault

Researchers invent system to control worms attacking computer networks

Thursday, February 8, 2007

A new anti-worm technology developed by Penn State researchers can not only identify and contain worms milliseconds after a cyber attack, but can also release the information if the quarantine turns out to be unwarranted.

Because many current security technologies focus on signature or pattern identification for blocking worms, they cannot respond to attacks fast enough, allowing worms to exploit network vulnerabilities, according to the researchers. As a result, several minutes can elapse between when a signature-based system first recognizes that a packet or datagram is a worm and when it creates a new signature to block further spread.

But when signature-based systems shorten the signature-generation time, they often miss those worms capable of mutating automatically.

The researchers' new technology -- Proactive Worm Containment (PWC) -- doesn't rely on signature generation. Instead it targets a packet's rate or frequency of connections and the diversity of connections to other networks -- which allows PWC to react far more quickly than other technologies.

"A lot of worms need to spread quickly in order to do the most damage, so our software looks for anomalies in the rate and diversity of connection requests going out of hosts," said Peng Liu, associate professor of information sciences and technology at Penn State and lead researcher on the PWC system.

When a host with a high rate is identified, then PWC contains that host so that no packets with the worm code can be sent out. Liu estimates that only a few dozen infected packets may be sent out to other networks before PWC can quarantine the attack. In contrast, the Slammer worm, which attacked Microsoft SQL Server, on average sent out 4,000 infected packets every second, Liu said.

Because high connection-rate transmissions do not always indicate worms, PWC includes two novel techniques that can verify that suspect hosts are clean or not infected. These techniques use vulnerability-window and relaxation analyses to overcome the denial-of-service effect that could be caused by false positives, he added.

"PWC can quickly unblock any mistakenly blocked hosts," Liu said.

The PWC software can be integrated seamlessly with existing signature-based worm filtering systems. The researchers are currently beta-testing PWC.

Because PWC targets connection rates to identify worms, it may miss slow-spreading worms. But current technologies already can pick those up, Liu said.

Worms pose a serious threat to networks, compromising network performance and even leading to denial of services. SQL Slammer, for instance, not only slowed Internet traffic but also disrupted thousands of A.T.M. machines. Additionally, worms can open the door for attackers to machines within infected networks.

A provisional patent has been filed by Penn State on the software, "Proactive Worm Containment (PWC) for Enterprise Networks," invented by Liu; Yoon-Chan Jhi, a doctoral student in the Department of Computer Science and Engineering; and Lunquan Li, an IST doctoral student.

Contact