Award Abstract # 1925476
CC* Integration: NetBASILISK: NETwork Border At Scale Integrating and Leveraging Individual Security Components

NSF Org: OAC
Office of Advanced Cyberinfrastructure (OAC)
Recipient: REGENTS OF THE UNIVERSITY OF MICHIGAN
Initial Amendment Date: August 9, 2019
Latest Amendment Date: August 9, 2019
Award Number: 1925476
Award Instrument: Standard Grant
Program Manager: Deepankar Medhi
dmedhi@nsf.gov
 (703)292-2935
OAC
 Office of Advanced Cyberinfrastructure (OAC)
CSE
 Directorate for Computer and Information Science and Engineering
Start Date: October 1, 2019
End Date: September 30, 2022 (Estimated)
Total Intended Award Amount: $999,715.00
Total Awarded Amount to Date: $999,715.00
Funds Obligated to Date: FY 2019 = $999,715.00
History of Investigator:
  • Eric Boyd (Principal Investigator)
    ericboyd@umich.edu
  • Shawn McKee (Co-Principal Investigator)
  • J Alex Halderman (Co-Principal Investigator)
Recipient Sponsored Research Office: Regents of the University of Michigan - Ann Arbor
1109 GEDDES AVE STE 3300
ANN ARBOR
MI  US  48109-1015
(734)763-6438
Sponsor Congressional District: 06
Primary Place of Performance: University of Michigan Ann Arbor
3003 South State St.
Ann Arbor
MI  US  48109-1274
Primary Place of Performance
Congressional District:
06
Unique Entity Identifier (UEI): GNJ7BBP73WE9
Parent UEI:
NSF Program(s): CISE Research Resources
Primary Program Source: 01001920DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 9102
Program Element Code(s): 289000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

The NetBASILISK (NETwork Border At Scale Integrating and Leveraging Individual Security Components) project enables researchers and network engineers at the University of Michigan to introduce the next level of security and privacy protection scaled to the vast volume of generated research data. As attackers develop more sophisticated tools to acquire student and faculty private data, institutional financial information, and proprietary, often classified, research information, it is imperative for information technology staff to detect and stop these attacks. By observing patterns of network traffic, NetBASILISK will accomplish these goals with a minimal impact on the speed or volume of network traffic.

Current threat prevention systems do not scale to the growing volume of research data at an affordable cost. The University of Michigan solution, a novel framework combining open source and proprietary components, significantly improves system performance and accuracy in detecting and preventing threats to institutional data. NetBASILISK comprises powerful load balancing threat prevention mechanisms, data filtering tools, and threat detection technology. NetBASILISK will create a secure network perimeter while facilitating science such as cryo-electron microscopy, Large Hadron Collider particle research, and non-distorted Internet measurement, as well as enabling innovative network enhancements such as technologies to circumvent web censorship.

NetBASILISK will be used to inform the design of advanced network security devices for universities that scale to accommodate the network traffic requirements of data intensive science. Lessons learned and technology enhancements discovered by the project will be shared with the university networking community, as well as commercial partners. The science community will be informed of lessons learned from new design patterns employed for border security. The science drivers of the project, including advances in cryo-electron microscopy, networking, and physics will provide broad, impactful benefits. Project funding will also be used to support faculty, graduate students, and a postdoctoral researcher.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

Guhit, Jem and Colone, Edward and McKee, Shawn and Steinhoff, Kris and Thomas, Katarina "Benchmarking NetBASILISK: a Network Security Project for Science" EPJ Web of Conferences , v.251 , 2021 https://doi.org/10.1051/epjconf/202125102068 Citation Details

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

The NetBASILISK project successfully achieved its goal of prototyping and deploying a network border security solution capable of supporting unrestricted network traffic at 4x100 Gbps in production. The project utilized a combination of new commercial solutions (Corelight, Arista, and CloudStrike/Humio solution), along with the Border Gateway Protocol (BGP), and locally developed middleware (BlockingArbiter), to implement the NBIS (Network Border Infrastructure System) edge security solution. This system has been operating successfully in production at the University of Michigan for over three years. NBIS seamlessly integrates the existing network security components of the University of Michigan with the newly implemented NetBASILISK network components. Certain system modules, including the BlockingArbiter software and BGP null routing integration, are outcomes of the innovative development efforts and technical expertise of the University of Michigan network team and research project members acquired throughout the project's duration. 

The NetBASILISK project realized its objective to advance the state of the art in traffic analysis and configuration automation for extremely large-scale networks. This achievement was made possible through the implementation of: 1) a robust network load balancing/filtering mechanism (BGP null routing and BlockingArbiter integration), 2) analysis of mirrored network traffic (Corelight and Arista components), and 3) gathering and analyzing real-time network performance data (using the Humio monitoring solution and perfSONAR metrics measurement tools). Furthermore, the project facilitated the acquisition of new insights for both the network team and researchers. These insights pertained to external and internal network traffic flows, network performance, and the effects of automation. Automated procedures were deployed across all stages of the system lifecycle, from testing and deployment to operations, including software and operating system upgrades.

A crucial understanding of how data-intensive science drives the need for scalable and performant network security solutions has been developed through rigorous testing, network monitoring, and network traffic analysis. The testing framework, originally developed by the U-M Physics department AGLT2 team, a part of the CERN ATLAS initiative, has also been implemented during the NetBASILISK project in another scientific environment: Cryo Electron Microscopy, an inter-institutional, international biometric research collaboration of the University of Michigan Life Science Institute.The project team developed innovative monitoring and analysis tools, performance management solutions, and automated component configuration modules. The direct integration of the monitoring framework into the University of Michigan’s production network, empowering it to drive network configuration, has already fostered collaborations with other universities and the NSF FABRIC project.


Last Modified: 01/18/2024
Modified by: Eric Boyd

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page