| NSF Org: |
OAC Office of Advanced Cyberinfrastructure (OAC) |
| Recipient: |
|
| Initial Amendment Date: | July 12, 2017 |
| Latest Amendment Date: | November 25, 2019 |
| Award Number: | 1739032 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Rob Beverly
OAC Office of Advanced Cyberinfrastructure (OAC) CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | January 1, 2018 |
| End Date: | July 31, 2021 (Estimated) |
| Total Intended Award Amount: | $986,067.00 |
| Total Awarded Amount to Date: | $1,018,067.00 |
| Funds Obligated to Date: |
FY 2018 = $16,000.00 FY 2019 = $16,000.00 |
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
1664 N VIRGINIA ST # 285 RENO NV US 89557-0001 (775)784-4040 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
1664 North Virginia Street Reno NV US 89557-0001 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Cybersecurity Innovation |
| Primary Program Source: |
01001819DB NSF RESEARCH & RELATED ACTIVIT 01001920DB NSF RESEARCH & RELATED ACTIVIT |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
In response to the increasing number of attacks on cyberspace, public and private organizations are encouraged to share their cyber-threat information and data with each other. Although there are long-term interests in sharing security related information, it places organizations at risk regarding the protection of their data and exposure of other vulnerabilities. This project designs, develops and implements a CYBersecurity information EXchange with Privacy (CYBEX-P) platform using trusted computing paradigms and privacy-preserving information sharing mechanisms for cybersecurity enhancement and development of a robust cyberinfrastructure. The outcome of this project has a broader impact on the development of a novel cybersecurity information-sharing platform with privacy preservation and a robust governance structure. The project also has direct impact on undergraduate and graduate student education and training, emphasizing the engineering development of minorities and women, by providing a real-world platform for investigation and management of cyber threats.
Envisioning that effective and privacy-preserving threat intelligence sharing can be instrumental for auditing the state of the threat landscape and helping to predict and prevent major cyber-attacks, this project provides a service for structured information exchange. The CYBEX-P platform provides valuable measurable information about the security status of systems and devices together with data about incidents stemming from cyber-attacks. To develop and implement such an environment across statewide organizations, then across the nation, this research project incorporates blind processing, privacy preservation and integrity of shared incident data by ensuring that only trusted processes access the raw data and only anonymized data are shared with other operators. Blind processing enables the advantages of additional information exchange while respecting organizational constraints and trust boundaries. This research also establishes a flexible governance framework that includes both policies and procedures to protect the data and provide all customers with the tools to demonstrate they are complying with both regulatory and internal data governance requirements. Specifically, the outcomes of the project demonstrate: i) CYBEX-P infrastructure development with affordable scalability, secure data exchange, and analytic components, ii) Privacy-preserving information sharing via blind processing and anonymization, and an iii) CYBEX-P governance framework.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
In this project, we have developed CYBersecurity information EXchange with Privacy (CYBEX-P), for cybersecurity enhancement across organizations. The goal of this project has been to design, develop and operationalize the CYBEX-P platform using privacy-preserved information sharing mechanisms for cybersecurity enhancement and development of robust cyberinfrastructures. CYBEX-P allows sharing of cybersecurity related information with privacy preservation and governance that enables organizations to perform detailed analysis of raw telemetry data from other participant organizations without exposing sensitive data to sharing partners.
We have introduced a novel, privacy-preserving mechanism to represent raw cyber threat-data in the TAHOE format in an automated manner. TAHOE is a cybersecurity information sharing language proposed by us. TAHOE has two modes: one for sharing data only; the other for storage and analysis of data. The TAHOE format can be followed to represent all types of threat data in a standardized format. Standardized data representation assists security administrators to obtain a broad picture of the threat landscape and to share data with a cybersecurity information-sharing platform for advanced analytics.
From the design perspective, we have created an architectural design that not only meets the initial requirements of the project but also has enough flexibility to accommodate evolving requirements. This design consists of a multi‐tier web application. The first tier consists of a single-page, touchscreen-compatible interface that facilitates visual data exploration. The second tier of functionality is the interaction between clients, the backend databases, and processing pipelines. The third tier is a combination of multiple segregated databases that contain threat data that are then processed to remove sensitive information and stored in a separate reporting database.
CYBEX-P will bolster cybersecurity research endeavors by providing a rich, diverse and sizable dataset. We envision that CYBEX-P will contribute to the advancement of cybersecurity in two major ways. Firstly, it will play a central role in defense against new threats. The instantaneous sharing of threat indicators will cripple a new attack at its onset. Secondly, as the result of the large accumulation of threat data, this infrastructure will promote and incubate machine learning in cybersecurity research.
The CYBEX-P testbed development has provided experience on the design and operation of a cybersecurity sharing environment for training purpose. The testbed has both direct and indirect impact on hands-on student research, education, and training in cybersecurity. The project has enabled the University of Nevada, Reno to develop new cybersecurity curriculum including cybersecurity minors, cybersecurity graduate certificate and a cybersecurity graduate degree and contributed to the advancement of our cybersecurity center.
Last Modified: 10/15/2021
Modified by: Shamik Sengupta
Please report errors in award information by writing to: awardsearch@nsf.gov.
