Breaking News - Security:

NSF Cybersecurity Centers To Study Internet 'Ecology'

The National Science Foundation (NSF) has announced 33 new projects from its $30 million Cyber Trust program, including two new cybersecurity research centers that will focus on eliminating plagues of Internet worms and viruses and on building better security defenses through a deeper understanding of Internet "ecology."

"The Cyber Trust program—the centerpiece of NSF’s leadership of cybersecurity research and development—promotes research into more dependable, accountable and secure computer and network systems," said Peter Freeman, NSF assistant director for computer and information science and engineering. "We are very pleased to be able to add these activities to our growing portfolio of work in this critical area."

The first center, led by Mike Reiter of Carnegie Mellon University will focus on "Security Through Interaction Modeling" (STIM). In the same way that ecology studies the web of life, the STIM Center will pursue fundamental understanding of the networks of interactions among humans, computers and even cyberattacks.

The STIM Center, with anticipated funding of $6.4 million over five years, will explore ways to create more effective and usable defenses by modeling these networks of interactions and making the models an integral part of the defenses. Among its activities, the center will study healthy network interactions to see what distinguishes them from attacks; examine the network interactions of particular "species" of applications, such as e-mail or peer-to-peer networks, for clues to limiting successful attacks; and, to develop better defenses, study how cyber-attackers can combine attacks to reach their goals.

The Center for Internet Epidemiology and Defenses will be led by Stefan Savage of the University of California-San Diego, and Vern Paxson of the International Computer Science Institute, affiliated with UC-Berkeley. The center, with expected five-year funding of $6.2 million, will be dedicated to wiping out those plagues of the Internet, worms and viruses that infect thousands upon thousands of computers and cause billions of dollars in down time, network congestion and potentially lost data.

Taking cues from the field of epidemiology, the center will work to understand how the Internet's open communications and software vulnerabilities permit worms to propagate, to devise a global-scale early warning system to detect epidemics in their early stages, to develop forensics capabilities for analyzing wide-ranging infections, and to develop techniques and devices that can suppress outbreaks before they reach pandemic proportions.

"These centers as well as our other funded activities are looking not only for new ways to cope with imperfections in today's systems, but also for the knowledge and techniques to build better systems in the future," said Carl Landwehr, program director for Cyber Trust. "We had a number of strong proposals, indicating the depth of interest in this area by the academic research community."

Both centers will also initiate significant efforts in education and workforce development and coordinate with ongoing outreach activities on their campuses. The centers' results will be incorporated into undergraduate and graduate courses, K-12 and college-level curricula and training programs for high-school students and faculty at traditionally minority-serving institutions.

In addition to the two centers, the Cyber Trust program will support 12 new team projects and 19 individual or small-group projects, out of nearly 400 projects proposed.

For securing today's systems, new Cyber Trust awards include projects that will investigate methods for detecting tampered photographs that have not been tamper-proofed, improve tools used in network forensics, and evaluate the strength of biometrics, which are increasingly advocated as a means for identifying users in all kinds of systems. New awards also support research into better detection of and defense against malicious code, anomalies in network routing, distributed denial of service attacks and other system intrusions.

To better secure tomorrow's systems, new Cyber Trust awards are aimed both at the detection and removal of software flaws and at developing architectures and algorithms that are resilient even in the face of such flaws. More fundamental work in cryptography, the foundation of many mechanisms for protecting digital information and establishing trust will also be supported.

New Cyber Trust awards also support multidisciplinary research to improve understanding of the social, legal, ethical and economic trade-offs that affect the design and operation of trusted information systems. Finally, all Cyber Trust projects encompass education and workforce development to ensure that those who produce, operate and use trusted systems can put the technological advances into practice.