Detecting and Responding to Cyberattacks

UC Riverside receives $3.7 million of $23.2 million in funding for cyber security research alliance

Iulian Neamtiu, Harsha V. Madhyastha and Srikanth Krishnamurthy standing on stairs

From left, Iulian Neamtiu, Harsha V. Madhyastha and Srikanth Krishnamurthy

RIVERSIDE, Calif. (www.ucr.edu) — Three University of California, Riverside professors in the Department of Computer Science and Engineering at the Bourns College of Engineering are co-principal investigators in a new $23.2 million Collaborative Research Alliance on cyber security. The UCR team will receive up to $3.7 million during the first five years of the project.

Professor Srikanth Krishnamurthy and Assistant Professors Iulian Neamtiu and Harsha V. Madhyastha will represent UC Riverside. Other participating organizations are Penn State, Carnegie Mellon University, Indiana University, UC Davis, and the Army Research Laboratory. Consortium and Army researchers will jointly develop the research program, and lead and conduct research under this Collaborative Research Alliance. The principal investigator on the project is Patrick D. McDaniel, professor of computer science and co-director of the Systems and Internet Infrastructure Security Laboratory at Penn State.

The five-year funding for the core and enhanced program named Models for Enabling Continuous Reconfigurability of Secure Missions is $23.2 million, with an additional $25 million for the optional five-year extension — a potential total of $48.2 million over the 10-year collaboration.

The research alliance is designed to create a science to detect and model cyberattacks and the risk and motivations behind them, and creating a response that can counter the attack and neutralize the cyberattackers in real time. The project will support 17 faculty and more than 30 graduate students among the partnering universities.

John Pellegrino, director of the Army Research Laboratory’s computational and information sciences directorate, noted that “the understanding and operation of complex, heterogeneous Army battlefield networks in the presence of unrelenting cyberattacks is a formidable challenge for the Army’s scientific and network operations communities. We look forward to exploring this fascinating and dynamic technical area, bringing some of the top technical minds in the Army Research Laboratory together with these highly talented academic partners to advance cyber science, and with our partners in the Army’s Communications -Electronics Research, Development and Engineering Center and in industry, exploit the discoveries to strengthen our networks.”

While this research has obvious applications to defense, cyberattacks take place today anywhere computer networks exist, so the research has implications for industry and consumers as well.

“The project bridges various disciplines such as security, software engineering, networking and modeling of human behaviors to forge a holistic view of cyber-threats and their impact,” said Krishnamurthy. “This holistic view will lead to new ways of proactively preventing attacks, and allow the rapid reactive reconfiguration of the system at large, in the wake of an attack. The project will be instrumental in increasing the visibility of UCR’s cutting-edge cyber-security research and will provide a forum for graduate students in various sub-disciplines of computer science to not only interact within UCR, but also work with personnel from the other members in the consortium.”

The alliance will focus on four areas: detecting adversaries and attacks in the cyber-space (detection); measuring and managing risk (risk); and altering the environment to achieve best results at the least cost (agility). The fourth area, developing models of human behaviors and capabilities that enable understanding and predicting motivations and actions of users, defenders and attackers, will be integrated into the first three areas.

Krishnamurthy, a well-known expert in the areas of networking, systems and security, especially wireless networking, will lead the alliance’s detection efforts.  His team will use a novel approach, named Diagnosis-enabling Intrusion Detection, to identify threats and their impact on missions. By collecting large volumes of data from humans, sensors and applications, the team can map behavioral models extracted from the data onto existing models to tell apart normal behavior from attacks with high accuracy and in a highly volatile environment.

Madhyastha is a leading researcher in network measurement, distributed systems, and security. He will be involved in the development of scalable network monitoring frameworks to enable the Diagnosis-enabling Intrusion Detection approach, as well as in enabling missions to be reconfigurable at the network, operating system, and service layers.

Neamtiu is a leading expert in programming languages, software engineering and smartphones. His efforts will involve assessing software risks using formal program analysis and statistics, as well as mitigating software security risks by constructing software capable of rapidly reconfiguring itself to thwart threats and respond to ongoing attacks.

The researchers will look at human factors, how to modify computer and network environments in reaction to events and how to convey information to the proper people in the proper way. They will develop methods to assess the risks to personal privacy, life and limb and finances. They will also assess the state of the attackers, what motivates them and their goals and abilities.

“Future Army networks will be heterogeneous and dynamic, and they will continue to face advanced evolving persistent threats,” said Ananthram Swami, Army senior research scientist for network science and manager for the Collaborative Research Alliance. “The CRA gives us an opportunity to jointly advance the theoretical foundations of a science of cyber security in the context of Army networks. Such a science will eventually lead to network defense strategies and empirically validated tools. Substantial interactions and staff rotations between domain experts and scientists across the consortium and Army Research Laboratory will be vital to enabling the joint research that will ensure the success of the program.”

A typical situation the project seeks to solve might involve a soldier in a combat area seeing a disreputable looking person. The soldier takes a photo and wants to send it to the intelligence resources to determine if the person poses a problem. The enemy’s cyber objective is to stop, alter or slow down the transfer of the image and the resultant return of information to the soldier. Such attacks on cyber infrastructure are increasing in number and sophistication.

Media Contact


Tel: (951) 827-1287
E-mail: sean.nealon@ucr.edu
Twitter: seannealon

Archived under: Science/Technology, , , , ,

Top of Page