Background - PICS

The Pacific Institute for Computer Security (PICS) is a cooperatively-funded research program within the San Diego Supercomputer Center (SDSC). PICS emerged as a research-oriented operation 1995 to complement SDSC's decade-long involvement in operational security.

The goal of PICS is to conduct and publish leading-edge research into real-world computer and network security issues, with an emphasis on solutions grounded in practical reality. PICS strives to maintain an 18 month lead on the technology sought by "high-end" computer attackers. In so doing, PICS' research and tool development focuses on proof-of-concept initiatives, while concomitantly advancing current global computer security knowledge.

These projects have lead to the deployment of numerous security tools and authoring of several CERT advisories. For instance, PICS researchers predicted, discovered and alerted vendors about flaws in rpc.statd before the first buffer overflow exploits were detected. In addition, our investigators were among the foremost to detect and describe "buffer overflow" attacks "in the wild".

PICS tool development is fueled by its own research initiatives as well as input and proposals from its sponsors and partners. Some of these tools have been distributed publicly, while others remain restricted to the relevant sponsors. Nevertheless, both genre of tools have been deployed in national security, law enforcement, educational and research activities.

In addition to its technical work, PICS is at the forefront in recognizing the legal and policy implications of computer security and computer crime. PICS researchers are investigating evidentiary issues surrounding digital evidence and computer forensics, in general; and, the interface of current laws and social ramifications with respect to this novel technology.