| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | August 1, 2009 |
| Latest Amendment Date: | August 1, 2009 |
| Award Number: | 0905186 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Deborah Shands
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | September 1, 2009 |
| End Date: | August 31, 2014 (Estimated) |
| Total Intended Award Amount: | $400,000.00 |
| Total Awarded Amount to Date: | $400,000.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
21 N PARK ST STE 6301 MADISON WI US 53715-1218 (608)262-3822 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
21 N PARK ST STE 6301 MADISON WI US 53715-1218 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): |
CYBER TRUST, TRUSTWORTHY COMPUTING |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
TC: Medium: Collaborative Research: Wide-Aperture Traffic Analysis for Internet Security
Among emerging network threats, some of the most pernicious and elusive are stealthy attacks that take place at very low rates and in a targeted fashion. This project is developing methods for identifying malicious and unwanted activity in the Internet -- specifically, traffic that is low-volume and well "hidden'' among normal traffic. The approach being taken is to develop new methods for direct analysis of Internet traffic of unprecedented scope and scale. In particular, the project is designing and implementing a system that leverages high-performance cluster computing to allow application of sophisticated pattern analysis and machine learning algorithms to network traffic at the packet and flow level.
An organizing principle of the system is its decomposition into data-parallel "lenses'' and more computationally challenging "pattern analysis'' components. The project is investigating the application of this architecture to dark address monitoring in traffic from core networks -- a capability that has not been possible to date.
The end result of this project will be a set of tools and a running system that may be used by researchers to enable new investigations into traffic analysis, and may be used by network operators on an ongoing basis to help protect their networks.
Please report errors in award information by writing to: awardsearch@nsf.gov.
