Mimos lab working on a First
27th September 2005 (The Star)
BY H. AMIR KHALID

KUALA LUMPUR: Mimos Bhd's Cyberspace Security Laboratory in Technology Park Malaysia here is busy creating cutting-edge technology that will be used to ensure the country's e-sovereignty.

Its projects concentrate on creating solutions in the areas of cryptography and biometrics, e-forensics, securing network infrastructures, and trusted systems.

E-forensics deals with the discovery and recovery of digital evidence. A key project is the Forensic Investigations Recovery System Tools (First) project, which is about making digital evidence, such as information stored on hard disks, cellular phone memories and other devices, acceptable to a court of law.

The First team is working on a CD-ROM based evidence recovery kit for "first responders," such as the police officers who seize computer equipment in raids, to increase the likelihood of recovering deleted or hidden data, cut down tampering with such data, and to improve analysis of the recovered data.

One product developed for the kit is called the First Imager, which makes bit-for-bit copies of hard drives - including unallocated space, slack space and deleted files - as well as other storage media for forensic analysis.

"These are copies, not the original media, that go under forensic analysis," said department head Raja Mariam Ruzila Raja Ahmad Sufian. A beta version of First Imager is expected to be in use by law -enforcement agencies by year-end, she said.

In secure communications, the laboratory has an image authentication project using semi-fragile watermarking techniques for popular image formats and colour schemes.

"These techniques can survive image-compression processes but would show evidence of any tampering," said secure communications acting department head Moesfa Soeheila Mohamad.

Another key area of research is intrusion detection and analysis. The laboratory's Cyber Early Warning System (CEWS) is thought to be the first system of its kind that is able to prioritise attacks by severity, allowing network administrators to deal with the most serious attacks while keeping track of the lesser ones, said department head Rozana Rusli.

Professor Mohamed Ridza Wahiddin, the newly appointed director of the laboratory, said it is imperative that Malaysia develop its own set of expertise and best practices to protect its sovereignty in cyberspace.

He said e-sovereignty is also of benefit to Malaysia economically, technologically and politically. "It means we will have a safer environment for electronic transactions, better delivery of e -government services and good governance, and be better able to develop local information security technology," he said.

Ridza was speaking at a media briefing to mark his appointment. On a two-year secondment from the International Islamic University, he was appointed to head the newly consolidated laboratory and is in charge of 32 researchers organised into five departments.

Unlike the National ICT Security and Emergency Response Centre (Niser), which focuses on the nation's e-security, Mimos' laboratory is an R&D entity and could commercialise suitable projects, said Ridza.

Mimos' Technology Productisation Venture Committee is in charge of evaluating the commercial potential of all research projects. So far, none of the projects have reached a commercial market but Ridza said some of its applications are already in use at agencies like the Inland Revenue Department and the Anti-Corruption Agency.