SaTC: CORE: Small: Collaborative: An Integrated Approach for Enterprise Intrusion-Resilience

SaTC：核心：小型：协作：企业入侵抵御能力的集成方法

• 批准号: 1718782
• 负责人: Nikos Triandopoulos
• 金额: $ 24.97万
• 依托单位: Stevens Institute of Technology
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2020-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1718782&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Collaborative; Integrated

The recent prevalence of advanced cyber attacks has caused enterprise breaches with severe consequences in critical sectors, such as national defense, manufacturing and the financial industry. Current defense practices rely on attack prevention and detection technologies, but our understanding of the capabilities of these security tools against truly advanced threats, which rapidly grow in sophistication, is severely lacking. This project seeks to harden enterprise security against advanced threats by systematically designing a new multi-layer intrusion-resilient framework that addresses individual enterprise defenses, as well as global, community-based protections. Overall, with a focus on educational activities, outreach to under-represented minority groups and technology transfer to industry, this project aims at contributing a new holistic defense approach to the security community that increases the security stance of our national infrastructures. This project develops a new framework for enterprise intrusion resilience that: (1) protects both individual assets and enterprises as a whole; (2) adapts to attacker's strategies by devising security tools that are themselves resilient to breaches; and (3) promotes new coordinated protections across enterprises and industry sectors while protecting the privacy of shared data. These solutions leverage cryptography, game-theoretical modeling, and community-based defenses to provide strong intrusion resilience against advanced threats. The investigators plan to engage actively with the security industry to evaluate their techniques in practical settings and provide concrete recommendations on local and coordinated defensive strategies for protecting our national infrastructures. By educating students and cyber professionals, as well as conducting a range of outreach activities to the community, this project seeks to increase awareness of emerging attack techniques and best proactive defenses for successfully mitigating the cyber attacks of the future.

近年来，先进网络攻击的盛行给国防、制造业和金融业等关键部门造成了严重后果的企业违规行为。当前的防御实践依赖于攻击预防和检测技术，但我们对这些安全工具对抗真正高级威胁的能力的理解严重缺乏，这些威胁的复杂性正在迅速增长。该项目旨在通过系统地设计一个新的多层入侵弹性框架来加强企业安全，以应对高级威胁，该框架可解决单个企业防御以及全球，基于社区的保护问题。总的来说，该项目侧重于教育活动、向代表性不足的少数群体推广和向工业转让技术，旨在为安全社区提供一种新的整体防御方法，从而提高我们国家基础设施的安全地位。该项目开发了一个新的企业入侵弹性框架，它：(1)保护个人资产和整个企业；(2)通过设计自身具有抗破坏能力的安全工具来适应攻击者的策略；(3)在保护共享数据隐私的同时，促进跨企业和行业部门的新的协调保护。这些解决方案利用密码学、博弈论建模和基于社区的防御，为高级威胁提供强大的入侵弹性。调查人员计划积极与安全行业合作，评估他们在实际环境中的技术，并就保护我们国家基础设施的地方和协调防御战略提供具体建议。通过教育学生和网络专业人员，以及开展一系列社区外展活动，该项目旨在提高对新兴攻击技术和最佳主动防御的认识，以成功减轻未来的网络攻击。

项目成果

Transparency Logs via Append-Only Authenticated Dictionaries

• DOI: 10.1145/3319535.3345652
• 发表时间: 2019-11
• 期刊: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Alin Tomescu;Vivek Bhupatiraju;D. Papadopoulos;Charalampos Papamanthou;Nikos Triandopoulos;S. Devadas

Private Hierarchical Clustering and Efficient Approximation

• DOI: 10.1145/3474123.3486760
• 发表时间: 2019-04
• 期刊: Proceedings of the 2021 on Cloud Computing Security Workshop
• 作者: Xianrui Meng;D. Papadopoulos;Alina Oprea;Nikos Triandopoulos