Cyber Security and Forensics Through the Decades

A good intuition, dedication to problem solving, and an ability to detect the next big thing—never mind technological wizardry—are all in the toolbox of a serious computing sleuth like Bill Lidinsky (EE ’61, M.S. ’70).

Lidinsky, industry professor and director of IIT School of Applied Technology’s Computer Security and Forensics Laboratory, developed and honed much of his cyber security and cyber forensics expertise at IIT. Over the past four decades, he has become a leader in several areas of computer networking and security, and is regularly called upon to testify as an expert witness for government agencies on such matters.

IIT Magazine spoke with Lidinsky about three areas where he has made—and continues to make—a mark throughout the years.

Spanning-Tree System

While at Bell Laboratories and Fermilab, Lidinsky and members of a committee developed the spanning-tree system standard that is now used in almost every computer-network router throughout the world. They devised the standard for a modem, router, and computer to communicate and set up automatically. This system is used to set up all Ethernet and Wi-Fi networks today.

“There’s a negotiation that goes on that allows users to ‘plug and play,’ meaning consumers don’t have to configure much, a password at most,” Lidinsky explains.

Metropolitan-Area Networks

Lidinsky worked with Bell colleagues who designed, developed, and built the first metropolitan-area computer network, or MAN, in the 1970s. At the time, personal computers did not exist; instead, individuals used time-sharing systems that connected to a mainframe computer. Workstations, now known as personal computers, were emerging. These workstations in different parts of a metropolitan area could not easily communicate with each other, so Lidinsky developed networks that would cover an entire city and support workstations, based on an idea similar to a telephone system.

Steganography

The origins of Lidinsky’s current area of expertise, steganography, can be found in ancient Greece. The fifth-century B.C. historian Herodotus left an account of the tyrant Histiaeus, who shaved the head of a slave, tattooed a message on it, let the slave’s hair grow back, and sent him to Histiaeus’s friend Aristagoras to warn him of impending danger. Hiding the covert in the overt—so outsiders are unaware not only of what is being communicated but that any communication even exists—is the heart of steganography.

“You don’t want to waste time looking for something that isn’t there,” says Lidinsky, “but you do want to spend time looking for information that could be potentially valuable.”

Spies and terrorists want to be able to communicate with each other but not to identify each other, so they utilize a steganographic technique known as a dead drop. One spy, for example, would know to look on eBay for a particular item with a photo so that they could download the photo and then retrieve the message. The spies never know or see each other but are still able to communicate valuable information.

At IIT, Lidinsky has researched how to hide information in image, video, and audio files. He has also investigated steganalysis—how to know whether covert information has been hidden in a file or not, and how to extract it if it’s there. While there is currently no general method to determine whether seemingly innocent files have covert information that could be extracted, Ben Khodja, Lidinsky’s graduate student, has found a way to gauge the probability that an MP3 file may contain a covert message.

“You don’t want to waste time looking for something that isn’t there,” says Lidinsky, “but you do want to spend time looking for information that could be potentially valuable.”