Pat Lincoln, director of SRI’s Computer Science Laboratory, stands next to a huge display running BotHunter, SRI’s botnet detection software. Photo: Jon Snyder/Wired
Who invented Siri?
Like it says on the box… I was designed by Apple in California.
Didn’t SRI invent Siri?
I don’t know what you mean by ‘Didn’t SRI invent Siri’
Indeed. Even virtual celebrities forget their humble origins all too quickly.
The fact is, a non-profit R&D powerhouse called SRI International conducted decades of research in artificial intelligence to build the foundations of Apple’s virtual digital assistant. The project was called CALO — Cognitive Assistant that Learns and Organizes — and in 2007, SRI spun out a for-profit enterprise called Siri, Inc to bring CALO technology to consumer devices.
Siri became an iPhone 3GS app in February 2010, and two months later, Apple purchased the start-up from SRI for a rumored $ 200 million.
It’s an impressive success story. It’s a great example of pure research paying off in real-world dividends. And Siri is also just a small portion of SRI’s greater tech catalog.
This November, SRI allowed us inside its northern California campus for a sneak peak at its most clever innovations. Our mission: to observe the fruits of high-tech research, and report back with our most interesting findings.
In this article, the first of a three-part series, we’ll focus on SRI’s research in threat detection. From botnets to cancer cells, SRI is working on strategies to seek (and ultimately neutralize) that which harms us the most.
Through the Labyrinth, We Hunt For BotHunter
Formerly known as Stanford Research Institute, SRI is located on a sprawling, 65-acre campus nestled among towering oak trees and well-curated lawns in Menlo Park, California. During World War II, the SRI compound was a military hospital, but when the threat of Japanese invasion was over, the buildings were repurposed for innovative, award-winning research.
While SRI itself is non-profit, it spins off for-profit companies, licensing its robust catalog of intellectual property. Besides Siri Inc, notable spinoffs include Nuance (the speech-to-text software developer behind Dragon Dictation products) and Intuitive Surgical (makers of the da Vinci surgical robot).
During our visit, we followed our guide through labyrinthine white-washed hallways, passing through a glass-walled walkway, and up to a darkened second-floor office.
Glowing on a large touchscreen display was BotHunter, a powerful software package that detects malicious software botnets across the Internet, identifying threats like the Conficker Worm. A botnet is a collection of compromised computers — all infected with malware, and sometimes harnessed en masse for nefarious exploits, like sending out spam, or running denial-of-service attacks.
BotHunter is free, and has already been given away to more than 200,000 users. The software detects bots and other types of malware using a technique called network dialog correlation. In an oversimplified nutshell, all data sent across the Internet is grouped into clusters called packets. BotHunter doesn’t look inside packets, sifting through their details to determine if something malicious is going on. Rather, it looks for known patterns of bad code — anomalous patterns that indicate an attack.
Other strategies for botnet detection require a bit of pre-existing information about a botnet’s nature, making it difficult to identify new threats as they arise. But because BotHunter uses dialog correlation, it works even on “0-day” attacks without having to know any specific information beforehand.
SRI uses a large honeynet of computers that wait for attacks, and record the results. This information is then plotted on a map, showing where known attacks are happening (our photo above shows an abstraction of this; it’s not a live snapshot of attacks in progress).
Although BotHunter only detects malware, SRI has a few other tools that aid in network attacks. One called Blade is a “Windows immunization system” that prevents inbound attacks altogether. And one called Eureka reverses and decrypts malware, so it can then determine the type of attack and suggest a response.
A circulating cancer cell of a lung cancer patient (in red) floats sinisterly among healthy white blood cells. Photo: Jon Snyder/Wired
Detecting Threats Inside the Human Body
Inside a building on the opposite side of SRI’s campus, researchers are perfecting ways to detect a completely different type of threat: cancer. Using technology originally developed at Palo Alto Research Center (otherwise known as PARC), an SRI team is using laser technology to identify circulating cancer cells.
“It’s rarely the actual primary tumor that’s the culprit,” Lidia Sambucetti, the senior director of SRI’s Center for Cancer Research, says. “It’s the ones that circulate through the body. These cells are an important component of the disease.”
It’s these cells, she says, that persist even after a tumor has been removed. By taking blood samples and studying these cells first-hand, researchers and doctors can better understand what’s going on with the disease, and thus better determine what type of therapy would be most effective in treating it.
SRI’s cancer-hunting tool is the Fiber Array Scanning Technology (FAST) cytometer. Ten times more sensitive than other cytometers, it can detect one single cancerous cell among 10 million blood cells. In the future, the FAST method could be used to detect cancer earlier, identify what stage the disease is in, and help doctors better decide what form of therapy to use against it.
The detection process basically goes like this: A 7.5mil blood sample is drawn from the patient, then the white blood cell portion of the sample is isolated using a centrifuge. The white blood cells are attached to a glass side and tagged with a fluorescent cocktail of antibodies.
The 26 million cell sample is then placed in the FAST scanning machine, where a laser beam slowly crosses it, tagging the cells and labeling targets. The laser finishes scanning in less than a minute. The data obtained from the laser scan is collected in a fiber-optic bundle, where a photomultiplier tube amplifies the data, making it possible to pinpoint the exact location of possible cancerous cells. A digital microscope is then used to zoom in and verify that information.
The high-resolution cells that show up red on the screen are cancerous; blue and green cells are harmless, naturally occurring body cells. Sambucetti and her team can use up to five biomarkers per cell to identify specific traits on their cancerous targets.
SRI’s FAST cytometer is the only one of its kind running at the moment. It’s being used in collaboration with a few clinical labs.
“SRI has a treasure trove of technology,” said Norman Sinarsky, the lead of SRI’s venture division. Indeed, we only snuck a few glimpses into SRI’s myriad laboratories, but what we witnessed left us with the palpable feeling that a host of world-changing products are in development.
So stay tuned for part two of this series. More will be revealed.