author photo
By Clare O’Gara
Mon | Feb 10, 2020 | 8:49 AM PST

LiDAR as part of your organization's cybersecurity defenses?

Yes, but it might not be the LiDAR you're thinking of.

The original LiDAR: Light Detection and Ranging

If you've ever seen one of those beautiful three-dimensional maps with colors ranging from red to blue, you've seen the National Ocean Service's LiDAR technology at work.

Or the work of the United States Geological Survey (USGS), with its recent LiDAR imagery from Icy Cape, Alaska:


For this field, LiDAR is a remote sensing method that uses pulses of light to produce a complex image of the earth's surface.

And these images are more than beautiful, they're also valuable:

"NOAA (National Ocean and Atmospheric Administration) scientists are using LiDAR to produce more accurate shoreline maps, make digital elevation models for use in geographic information systems, to assist in emergency response operations, and in many other applications."

But that's not the LiDAR that can warn you about cyber threats. For that, you'll need to hear what's happening at Purdue University.

The new LIDAR for cybersecurity

The FBI had a problem, and researchers from Purdue University wanted to help find a cyber solution.

In response to increasing attacks on government targets, the FBI issued a high-impact security warning to major cities.

To help stop as many of these cyberattacks as possible, Purdue developed a new tool that functions as an early alert detection system. The system is dubbed LIDAR, which stands for Lifelong, Intelligent, Diverse, Agile, and Robust.

"The name for this architecture for network security really defines its significant attributes," said Aly El Gamal, an assistant professor of electrical and computer engineering in Purdue's College of Engineering. "Our system is robust and able to adapt to different environments through lifelong learning."

As El Gamal mentioned, Purdue sees this as a type of security architecture, which it says can be used by computer systems and networks, including wireless networks.

How does LIDAR for cybersecurity work?

The system works with pre-processing components that are designed to be resilient to adversarial attacks, and it includes a cross-layer feature extraction mechanism for wireless networks.

The Purdue LIDAR system consists of three main parts:

  1. Supervised machine learning
    "The supervised machine-learning component uses an algorithm to compare abnormalities detected in the system to known attack templates."
  2. Unsupervised machine learning
    "The unsupervised component uses an algorithm to detect any anomalies in the overall system being monitored."
  3. Rule-based learning
    "One of the fascinating things about LIDAR is that the rule-based learning component really serves as the brain for the operation," El Gamal said. "That component takes the information from the other two parts and decides the validity of a potential attack and necessary steps to move forward."
LIDAR for cybersecurity includes a honeypot

Purdue's LIDAR also has another talking point—what it calls a "curiosity-driven" honeypot.

You probably know honeypots look like a company network but are actually set up to lure hackers and study their behavior. Trend Micro's recent Fake Company, Real Threats honeypot simulated a smart factory.

Purdue says its honeypot is unusual because it attracts hackers but does not allow them to infiltrate the network.

Will this new LIDAR be at a SecureWorld conference?

Security leaders tell us one of the reasons they attend their regional  SecureWorld conference each year is to see what's new among cybersecurity vendors. And we've already heard about some cool new things rolling out this year in the vendor pavilion.

However, you will have to wait on Purdue's cybersecurity LIDAR because the innovators are still working with the Purdue Research Foundation and the Office of Technology Commercialization to patent this new cybersecurity architecture.