A consortium of cybersecurity researchers from the country's top academic institutions, coordinated by Northrop Grumman Corp.'s information systems sector, was announced today in Washington, D.C. The group's stated goal is to collaborate on cybersecurity research and proactively address known and unknown threats to critical infrastructure, public safety and ecommerce.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.
The group outlined 10 cybersecurity research projects they will conduct under a five-year grant from Los Angeles, Calif.-based Northrop Grumman, one of the largest contractors to the defense and intelligence communities in the United States. The cybsersecurity funding totals in the millions of dollars annually, said Northrop Grumman chief technology officer Robert Brammer. While some of the work will be funneled back into Northrop Grumman's business, Brammer added that each participating university -- Purdue University, Carnegie Mellon University and Massachusetts Institute of Technology -- would be able to patent any intellectual property it developed as part of the consortium; collaborative projects would be handled on a case by case basis, Brammer said.
While the consortium members representing the universities acknowledge that the bulk of the cybersecurity research would not focus on building solutions to existing problems, it does not mean a particular application could not be accelerated to meet a current cybersecurity issue.
"The consortium provides insight into a wide range of expertise; this is a great advantage," said Gene Spafford, executive director of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. "Today's problems are not new; we've been warning about them for three decades now, but they have not been taken seriously by government and industry. Problems are addressed after they've occurred, and not proactively. Funds and resources come about only after the fact, and these problems could have been prevented. Part of the problem is the limited resources in academia often force us to compete against each other. That is an aspect of this consortium that is gratifying."
Spafford said CERIAS' participation in the consortium involves four projects, each expanding into existing research being conducted by the center. The most ambitious seems to be the development of an Internet-scale model on which to perform constrained experiments that would not be possible on the live Internet, Spafford said. Another project involves watermarking data and databases in order to determine the source of alterations and determine the confidence of stored data. The third project Spafford outlined involved cloud computing and developing context-based adaptable defenses against attacks on distributed systems. The final project is an initiative to develop tools that would allow forensic investigators to speed up research by performing analysis on mobile devices.
MIT's Computer Science and Artificial Intelligence Lab (CSAIL)'s projects deal with information flow. They will focus on dependable software analysis and work on the development of new hardware and software that gives a computer context, via metadata, of what is acceptable behavior. CSAIL is working on a new style of processor that holds within a parallel unit that will examine metadata and look at comparable rules to determine if an action is allowed.
"We are going to start with the observation that the bulk of network problems start with insecurity in each computer node," said Howard Shrobe principal research scientist at CSAIL. "We want the computer to do a base level of checking; our goal is to make this kind of computing the norm."
Carnegie Mellon's CyLab, meanwhile, is the third partner. It will contribute projects that will leverage security built into hardware such as the Trusted Platform Module chips to get assurances of what a computer is doing. CyLab plans to contribute projects focusing on detection mechanisms for sensing attacks on control software systems, develop attack models and theoretical foundations to find vulnerabilities in software and minimize the attack window for exploitable bugs, and finally work on a real-time solution for execution trace recording and analysis that would detect in real time whether a system is under attack.
"People often make mistakes, and that's a core issue threatening security," said Adrian Perrig, technical director of CyLab. "We build systems that provide security properties despite human error."
Brammer said he expects the consortium to remain intact beyond the five-year grant and hopes to shorten communication lines between academia and industry.