Cybersecurity Collaboratory

Cyberspace Threat Identification, Analysis and Proactive Response

Prof. Salim Hariri (Co-PI) Prof. Mohand-Saïd Hacid (Co-PI) Prof. Aris Ouksel (Co-PI)

Project summary

Current advances in computing, networking, software and services are leading a future of ubiquitous cyberspace services (e.g., cloud services), which will touch all aspects of our life. These pervasive services will revolutionize the way we do business, maintain our health and conduct education. In this environment, cybersecurity represents a daunting challenge. Corporations, agencies, national infrastructures, and individuals have been victims of cyber-attacks. It has been estimated that Internet "malware" (worms, spyware, and the like) cost businesses over hundred billions of dollars, despite the rollouts of significant Internet security software. Clearly, current techniques for identifying and containing network attacks have significant limitations. They are not sufficiently flexible to handle the complexity, the dynamic nature and the epidemic behavior of cyber-attacks. The goal of this effort is to investigate innovative research techniques to achieve resilient cybersecurity. Our approach relies on the following observations:
  1. reliable check of malicious traffic can only occur at the many final destinations of traffic;
  2. threat identification requires automated information sharing and cooperative risk analysis from all machines in a network akin to techniques utilized in disease control;
  3. rapid preventive and reactive response autonomic mechanisms to identified threats, which continuously increase the burden on the potential attackers by relying on the principle that "the best defense is offense"; and
  4. efficient self-management of the large volumes of automatically generated information shared between sites.