We’ve all imagined, if only briefly, playing life like a videogame; haven’t we? Whether it’s playing GoldenEye and then spotting all the CCTV cameras in Dixons, planning your route around the store so you can take them out without being spotted; afterimages of Tetris after a long session; seeing a car that looks a bit like a model in GTA, and for a second fantasising about taking it for a spin doing stunt jumps. How about if you could patrol a computer network within a game Tron-style, working with others to locate and eliminate problems while moving about in a virtual world? Well, a program developed by Jeremy Kepner and Matthew Hubbell (sort of) allows people to do exactly that.
“CySA3D is a Cyber Situational Awareness tool that depicts the activity on the network using a 3D MMORPG interface.” explains project lead Kepner, of MIT’s Lincoln Laboratory. “In this world, as computers appear on a network they are placed in their proper location with respect to a building floor plan. Operators can walk around the world to monitor the state of their network, look at specific computers, and perform actions on those computers.”
The project blurs the line between game and security software – especially as operators can use either a mouse & keyboard combo, or a PlayStation controller. But why make what has been referred to as a ‘real life Tron’ at all? “We have built a number of web based computer monitoring tools over the years and we were surprised at how little information they could display and how little they were used. The CySA3D interface allows us to display much more information and also solves the problem of how to connect virtual information with physical information.” It’s not just technical showboating, either – there are very real advantages to be had monitoring a computer network in this way. “The CySA3D interface is easy to learn and doesn’t tire out the operator. An operator can monitor a much larger network for a longer period of time than they could using other tools.”
“Our expertise is in collecting and analyzing large amounts of data. We don’t have a lot of game expertise.” says Kepner, when asked if the team took inspiration from any existing games. “We are looking forward to getting feedback from the community on what games we should look at for inspiration.”
They may not be gamers but, interestingly, Kepner’s team used an existing videogame engine – which in September was announced to have been adapted ready for Wii U development – for the project. “We used Unity3D to build CySA3D so we support the interfaces Unity3D supports. Currently, we have three primary use cases:
(1) Display Wall. For the big picture view we use a 3 meter 10 Megapixel display.
(2) Desktop. For detailed actions an operator should use a keyboard.
(3) Mobile. We have started looking at the iPad for operators who walk around the buildings.” A version for the casual gamers, then? [witty joke]
It’s not currently possible to zap viruses and intruders as though you were playing a traditional FPS, but maybe one day… “Operators can take actions on a computer on the network based on visual cues. Eventually, if the set of cues and actions becomes stable, then we could use “monsters” and “weapons” to represent these cues and actions. We don’t have any artists on the team so right now we are limited to monsters and weapons built by others that we can download.”
“MIT Lincoln Laboratory has a strong technology transition mandate so we always try and get our software out whenever we can.” he says, on the issue of people outside of MIT with little to no technical knowledge one day owning and using a version of the program. “Currently, we have adapted CySA3D to a few environments. As that number of environments grows the time to adapt the game to each new environment decreases.”
Kepner believes that CySA3D is much more than a flash-in-the-pan experiment. “I think across the internet we are seeing a transiton from the ‘Old Web’ (i.e., HTML pages in a browser) to environments that feel a lot more like videogames (e.g, the iPad). I think network security will follow this trend […] This effort began with creating a GridView3D interface to monitor thousands of nodes in a computer grid (or cloud) and we use it for that purpose daily. We adapted the GridView3D technology to do wide area network surveillance. I think monitoring clouds is a very viable use of the technology.”
Think about it. There is, right now, a working ‘game’ that allows people to work together patrolling a computer network in a virtual world. They can travel from node to node in this world, and (to an extent) act on any problems they find. Most exciting of all is surely the fact that the project is far from finished:
“We have just started to scratch the surface of what can be done.”