NSA proposes backdoor detection center
Declaring hidden malware to be "a growing threat," the National Security Agency's cybersecurity chief is calling on Congress to fund a new National Software Assurance Center dedicated to developing advanced techniques for detecting backdoors and logic bombs in large software applications.
In prepared testimony before the House Select Committee on Homeland Security's cybersecurity subcommittee last month, NSA information assurance director Daniel Wolf bemoaned an absence of tools capable of scouring program source code and executables for evidence of tampering. "Beyond the matter of simply eliminating coding errors, this capability must find malicious software routines that are designed to morph and burrow into critical applications in an attempt to hide," said Wolf.
The proposed solution: a federally funded think-tank that would include representatives from academia, industry, government, national laboratories and "the national security community," said Wolf, "all working together and sharing techniques."
[ Read more ]