|
|
The information provided below includes the award recipient
name, the project title, the amount of Federal funding
and the number of years funded.
Telcordia Technologies, Morristown NJ., Advanced
Security Profiles & Enforcement for Next Generation Networks,
$997,000 (2 of 2 years) Contact: Thea Hocker, phone:
973-829-4689, email: thocker@telcordia.com Krista Wald (973)
829-4757.
Technical contact: Dave Waring, phone: 973-829-4850, email
dlw@research.telcordia.com
Telcordia Technologies will conduct research that will
address security concerns due to the merging of data
networks (i.e. the Internet) and voice networks (i.e.
the public switched telephone network). The program
will consist of two research tracks. The first will
focus on interactions among protocol layers. It
will examine emerging interconnection architectures
and transport layer protocol stacks to identify inter-layer
security dependencies and exposures, and then create
security profiles to guard against these vulnerabilities.
A second research track will explore a novel new approach
to intrusion detection, based upon behavioral specifications
and monitoring at the operating system level.
University of Maryland/NAI Labs, College Park,
and Glenwood, MD, Secure Wireless LAN/Man Infrastructure
Test Bed, $861,236 (2 of 4 years)
Contact: Christopher McCarthy, Public Relations
Coordinator, 301-314-2716
Technical Contact: Bill Arbaugh, University of Maryland,
College Park, phone: 301-405-2774, email: www.cs.umd.edu/~waa
The explosive growth in wireless networks over the last
few years resembles the rapid growth of the Internet
within the last decade. During the beginning of the
commercialization of the Internet, organizations and
individuals connected to the Internet without concern
for the security of their system or networks. Over time,
it became apparent that some form of security was required
to prevent outsiders from exploiting the connected resources.
To protect the internal resources, organizations usually
purchased and installed an Internet firewall.
We believe that current wireless access
points present a larger security problem than the early
Internet connections for two reasons. First, a large
number of organizations, based on vendor literature,
believe that the security provided by their deployed
wireless access points is sufficient to prevent unauthorized
access which is unfortunately false. Second, several
efforts are under way to combine currently disjoint
wireless local area networks (WLAN) into wireless metropolitan
networks (WMAN)- essentially creating a new wireless
based infrastructure. The fact that such an infrastructure
will be critical is without question.
There are several goals of the UMCP
Secure Wireless LAN/MAN Infrastructure test bed. First,
the test bed will test the secure inter-operation between
a multitude of different wireless equipment- both commercial
and developmental. Second, the test bed will support
research designed to address the integration issues
that surround the new draft security architecture for
IEEE 802.11 (Enhanced Security Network (ESN)), as well
as the security and management issues surrounding scalability,
naming, and fraud control in wireless metropolitan networks.
Finally, the test bed will serve as a wireless security
training apparatus for students, faculty, and other
collaborators.
University of California, San Diego, CA, Real-Time
Intrusion Detection, $612,826 (2 of 3 years)
Contact: George Varghese, Professor, Computer Science
and Engineering, 858-549-3816
The Sensilla proposal addresses prominent deficiencies
of current
intrusion detection systems using an approach called *network
attack
detection*. We seek to detect attacks before they turn
into actual
intrusions by detecting port scans and other pre-attack
exploits. A
particular novel feature of our research is that we aim
to detect
abstract multi-packet attack signatures} (rather than
specific, single
packet patterns exemplified by current signature based
systems). We
do so using light-weight mechanisms with provably low
false positive
rates that can be implemented in high speed. The project
seeks to
invent a new high level attack detection language for
managers to
input patterns they wish to monitor, to implement these
mechanisms,
and to test our algorithms on real networks.
University of Tulsa, OK, Vulnerability Analysis
Tools and Attack management systems for Converged Networks,
$691,362 (3 of 3 years)
Contact: Sujeet Shenoi (PI)
Center for Information Security
Department of Computer Science
University of Tulsa, Tulsa, OK 74104
918-631-3269
Society has never been more reliant on telecommunications,
yet the public telephone network (PTN) backbone is more
vulnerable than ever. PTN vulnerabilities are growing
due to system complexity, deregulation, increasing numbers
of motivated, highly skilled attackers, and the automation
and coordination of attacks. Meanwhile, the convergence
of the PTN with ever-expanding IP and wireless networks
is introducing new entry points for attack.
The primary research objectives are: (i) develop a suite
of tools for dynamically mapping converged networks and
analyzing vulnerabilities, and (ii) construct sophisticated
attack management systems for converged networks that
integrate vulnerability analysis with real-time attack
detection, modeling and visualization.
The suite of tools to be constructed includes scanners
for mapping and acquiring detailed information about IP
networks and gateways, convergence technologies, and SS7
networks and SS7-based wireless gateways. The information,
including operating system profiles and data, IP service
fingerprints, and point codes and connection data for
SS7 networks, will be integrated with an attack model
database to support sophisticated querying and analysis
of network vulnerabilities.
The attack management systems will help visualize and
direct responses to PTN attacks. Distributed attack notification
services linked to intrusion detection systems and an
attack model database will provide detailed information
about PTN attacks. Incident data will be correlated with
network topology and vulnerabilities to facilitate attack
tree construction for attack analysis and risk mitigation.
The attack management systems will enable network security
administrators to make rapid, intelligent decisions in
the face of coordinated attacks.
Schweitzer Engineering Inc., Washington State
University, Pullman, WA, and University of Idaho,
Moscow, ID, Industrial Applications of Information Security
to Protect the Electric Power Infrastructure, $774,736
(1.6 of 2 years)
Technical point of contact: Jeff Roberts, Schweitzer Engineering
Laboratories, Inc. 2350 NE Hopkins Court Pullman, WA 99163-5603,
Phone 509-332-1890
Press point of contact: Susan Fagan, Schweitzer Engineering
Laboratories, Inc. 2350 NE Hopkins Court Pullman, WA 99163-5603,
Phone 509-338-4397 Contact: Susan Fagan, phone:
509-338-4397, email: susan_fagan@selinc.com
The North American electric power
grid fuels our digital society and supports virtually
all non-military critical infrastructure within the
United States. However, increasing reliance on computer
technology for improved ommunication and automation
of electric power stations has created vulnerabilities
within the power grid that are similar to those seen
in traditional computer networks. Particularly vulnerable
are (1)control center and subtstation communications,
and (2)computer controlled protection equipment like
circuit breakers and circuit reclosers. Cyber attacks
and electronic sabotage targeted against these vulnerabilities
have the capability of inducing power sysem fluctuations
that can lead to cascading blackouts over very large
geographic areas. Loss of life, property, production,
and service may result from those outages.
Schweitzer Engineering Laboratories, Inc. (SEL) will
conduct applied research in the use of Information Security
(InfoSec) principles within the control and protection
systems governing the North American power grid. SEL
will be joined by two subcontractors, Washington State
University (WSU) and the University of Idaho (UI), in
a collaborative research effort that will apply InfoSec
and Internet Protocol Security principles, conduct in
situ security and survivability assessments, develop
a prototypical secure information infrastructure, and
develop greater awareness about InfoSec within the electric
power industry."
University of Pittsburgh, PA, A Survivable and
Secure Wireless Information Architecture, $432,199 (2
of 2 years)
Contact: Prashant Krishnamurthy, Assistant Professor,
Department of Information Science and Telecommunications
University of Pittsburgh, 135, N. Bellefield Avenue Pittsburgh
PA 15260 Phone: 412-624-5144, Fax 412-624-2788, e-mail
prashant@tele.pitt.edu
The increasing reliance on wireless networks makes it
extremely important to maintain reliable and secure communications
in the wake of failures or security breaches. Wireless
access networks have several aspects that make survivability
and security particularly challenging. For example, the
broadcast nature of wireless communication links makes
them unique in their vulnerability to security attacks
and their susceptibility to intentional threats. Additionally,
in wireless networks, mobile devices continuously change
locations and the resulting mobility impacts the degree
of survivability, security and communications reliability
as users of the network dynamically enter and leave the
network. Such unique features of wireless access networks
result in limited applicability of standard survivability
and security techniques developed for wired networks.
Wireless access networks have been usually homogeneous
with limited or no interoperability between various technologies.
However, no single wireless technology is capable of supporting
all the various application requirements such as coverage,
bit rates, error rates, mobility, etc. and the evolutionary
trend is towards a mixture of various technologies and
networks that must co-exist and interoperate to provide
the required services. As an example a wireless LAN (WLAN)
may be employed for local coverage, low mobility and high
data rates while an overlaying cellular network is used
for wide area coverage, high mobility, but low data rates.
Protocols required to manage seamless mobility and interaction
between hybrid networks will be more susceptible to failures
and security attacks if they are not designed properly.
The project has three main thrusts - survivable network
and protocol design, development and evaluation of a security
architecture for wireless access networks, and the interaction
between survivability and security. In the first part,
techniques for analyzing the survivability of hybrid wireless
access networks will be developed and we will examine
the effects of wireless access network failures on the
wired backbone and signaling networks and how to minimize
the impact. In the second part, we will address the design
of a security architecture for wireless access networks
and we will develop algorithms and security protocols
for preventing, overcoming (quick detection) and ameliorating
(providing alternative secure communications) these effects.
Finally we address the issue of the interaction between
survivability and security. Component failures will result
in security breaches and impact network performance simultaneously.
A survivability strategy for restoring the performance
could very likely be inconsistent with the security requirements
or vice versa. We will examine the interaction between
survivability and security and create design strategies
consistent with both sets of requirements.
Rether Networks, Inc., Centereach, NY, Compiler-Assisted
Intrusion Detection/Prevention and Automated Damage Repair,
$448,146 (1 of 2 year)
Contact: Tzi-cker Chiueh, Chief Executive Officer,
phone: 631-467-4381
This is an intrusion prevention proposal, aimed
at generating secure software and at monitoring any
changes to that software. Certain Trojan horse or intrusion
techniques may be detected and even repaired, hence
the self-healing aspect of the proposal. However, the
main thrust of the research is to design software that
avoids those problems in the first place. Their effort
would exploit the segmentation hardware feature to perform
highly efficient array bound checking. It builds a return
address intact check into each procedure call (and
return) in the application, and it supports an innovative
compiler-driven system-call and flow checker
that guarantees that only those system calls present
in the protected application’s source code are allowed
to be invoked at run time. The combination of design
and run-time features offers potent security possibilities.
Decision Science Associates, Vienna, VA, and Lockheed
Martin, Gaithersburg, MD. Metrics and Tools for Evaluating
Intrusion Detectors, $99,999 (1 of 1 year)
Contact: Jacob W. Ulvila, Principal Investigator,
703-319-0580
Decision Science Associates, Inc. (DSA) and Lockheed Martin
(LM) will develop metrics and a proof-of-concept software
tool for evaluating intrusion detection systems using
decision analysis methods.
We will develop a method for evaluating intrusion detection
systems. In the course of this development, we will develop
appropriate metrics for that evaluation. We will implement
the method in a proof-of-concept software tool. Through
these activities, we will advance information assurance
as an engineering discipline. Although we will not develop
an intrusion detection system, our method, metrics, and
tool will be useful for evaluating and designing such
systems.
The continued ability of hackers to cause problems in
commercial computer systems has caused a heightened interest
in detecting intrusions as a part of a comprehensive protection
plan. Not only have intrusions become more numerous, but
they have become more serious as well. While recent attention
has focused on developing better intrusion detection systems,
the current state-of-the-art in evaluating such systems
remains primitive.
The proposed development offers substantial improvements
over currently available methods. Our approach is based
on the decision analysis method. The method comprehensively
accounts for the costs of mistakes (failure to respond
to intrusions and failure to ignore non-intrusions) when
the detector is operating at its optimal performance point
(in terms of detection and false alarm probabilities)
for the operating environment (as characterized by the
probability of intrusion). The method also shows how to
specify this optimum point for different costs and operating
environments. Our tool will be the first to offer a decision
analysis method for evaluating intrusion detection systems
in an easy-to-use tool for system designers and assessors.
Our proposed research and development will be conducted
over a one-year period and will consist of four tasks.
In Task 1, we will develop the specifications needed to
adapt the decision analysis method for evaluating intrusion
detection systems as required to produce a software tool.
In Task 2, we will develop extensions to the basic method
to address: costs of other than mistakes; additional categories
of cost; multiple possible reports, responses, or intrusions;
attitude toward risk; multiple attributes of value or
cost; or multiple detectors. In Task 3, we will develop
a proof-of-concept prototype. In Task 4, we will illustrate
the method and tool with an example.
CygnaCom Solutions, Inc., McLean, VA, Engineered
Composition for Infrastructure Design, $84,054 (1 of 1
year)
Contact: J. David Thompson, Manager, CygnaCom Security
Evaluation Lab, phone: 703-270-3566
CygnaCom Solutions has developed
a concept called Engineered Composition (EC), which is
a method of specifying an infrastructure security criteria
in such a way that it can be decomposed into components,
the components can be individually tested, and when properly
assembled will implement a system which meets the original
infrastructure security criteria. EC uses a top-down approach
to composability instead of the more traditional and problematic
bottom up approach. Its development was motivated by difficulties
encountered while addressing difficulties in the specification
of security criteria for large and complex systems designed
to be built in pieces by multiple competing vendors. It
has been vetted successfully in the security community.
The next step to making it a practical tool for large
system security design and integration is to provide implementation
mechanisms. We have chosen the Common Criteria as the
ideal vehicle and propose to determine what changes need
to be made to the CC and its interpretations and tools
to support EC. Many of the CC mechanisms are in place,
but some are obscure and others are incomplete. Some mechanisms
are missing. We will test the proposed changes to the
CC using a PKI Directory infrastructure Protection Profile
we have been developing for NSA.
Total $5,001,558
|
|
|
|