Symbiote technology, which protects printers, routers, phones, and other peripherals from malware attacks, has been named by Popular Science as one of 2016’s “Best of What’s New.” Each year, thousands of new products and innovations are reviewed by magazine editors, with the top 100 winners across 11 categories chosen for inclusion in the “Best of What’s New” issue. Symbiote technology was recognized in the security category.
Symbiote technology grew out of cybersecurity research conducted in Salvatore Stolfo’s Intrusion Detection Systems lab at Columbia University. Ang Cui, then a PhD student (and one-time hacker), was experimenting with different offensive attacks when he found serious security flaws in the firmware of printers, flaws that allowed him to spy on what the printers were printing and to even break into computers connected to the printers. It was a major vulnerability that affected not only printers but almost any other connected device with embedded software, including VoIP phones, routers, network switches, videoconferencing components, and industrial equipment. As more devices and systems connect to the Internet—health monitoring, automobiles—they too become vulnerable to similar attacks
Pivoting from attacking devices to protecting them, Cui and Stolfo created small pieces of code, called symbiotes, that insert into the firmware of a device and continuously monitor for anomalies suggestive of an intrusion. Symbiotes install on any device regardless of the underlying operating systems and require no hardware or source code modification, making it easy to harden existing devices.
Symbiote technology represents 10 years of work and is now being commercialized through Red Balloon Security, a company founded by Ang and Stolfo. Hewlett-Packard announced it would install Symbiote technology on its high-end printer products.
For more about the research behind symbiotes, see Defending Embedded Systems with Software Symbiotes.
– Linda Crane