Phase II IUCRC University of North Carolina Charlotte: Center for Cybersecurity Analytics and Automation CCAA

第二阶段 IUCRC 北卡罗来纳大学夏洛特分校：网络安全分析和自动化中心 CCAA

• 批准号: 1822150
• 负责人: Heather Lipford
• 金额: $ 64.22万
• 依托单位: University of North Carolina at Charlotte
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-09-01 至 2024-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1822150&HistoricalAwards=false
• 关键词: Phase; II; IUCRC; University; North

With the increasing magnitude and sophistication of cyber attacks, cyber warfare has become a major threat to national security. However, the cybersecurity state of the art is still far from providing sufficient protection, not only for Internet enterprise services but also for critical infrastructure services, such as in the financial and energy sectors. With the exponential increase of attack surface and the complete reliance on human analysis and response, the time for detection and mitigation of cyber attacks have been significantly increasing (e.g., can take up to several months). In addition, the cost of deploying cybersecurity has been tremendously increasing as it is becoming very resource and labor intensive. The University of North Carolina Charlotte (UNC Charlotte) is leading the research and industry community in NSF IUCRC Center on Cybersecurity Analytics and Automation (CCAA) to address these challenges. Our goal is to build the critical mass of inter-disciplinary academic researchers, industry partners, and government agencies for advancing the science and state-of-the-art of cybersecurity analytics and automation by developing innovative sense-making and decision-making capabilities for autonomous and adaptive cyber defense that requires minimal human involvement with provable and measurable security and resiliency properties. We consider both formal- and data-driven analytics of cybersecurity artifacts for seamlessly integrating sense-making and decision-making for adaptive and autonomous cyber defense. CCAA brings together experts in formal and data-driven cybersecurity to advance cyber defense on multiple fronts, namely, (a) developing dynamic and predictive cyber risk analytics using heterogeneous cyber artifacts, (b) developing adaptive and autonomic decision-making for provably correct and safe defense strategies according to the mission requirements, and system configurations and (c) integrating cyber resilience and agility as inherent properties of cyber and cyber-physical system security. The UNC Charlotte site will lead the research and management activities and provides profound technical contributions to CCAA in formal methods for configuration verification, automated risk quantification and mitigation, adaptive learning, cyber threat analytics, and cyber agility. The Center will create and maintain a center-wide repository to make all products of the research ? datasets, code, tools, experimental results, draft manuscripts, etc. ? available to all Center?s members. The repository will be accessible through the Center?s website (http://www.ccaa-nsf.org/). Consistently with the Center?s bylaws and with any applicable NSF or individual universities? requirements, several of these products will be made available to the broader research and industry community. The repository will be actively maintained during the duration of the Phase II effort, and it can be accessed online.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

随着网络攻击的规模和复杂性不断增加，网络战已成为国家安全的主要威胁。然而，网络安全的最新技术水平仍然远远不能提供足够的保护，不仅不能为互联网企业服务提供保护，而且也不能为金融和能源部门等关键基础设施服务提供保护。随着攻击面的指数级增长以及对人类分析和响应的完全依赖，用于检测和缓解网络攻击的时间已经显著增加（例如，可能需要几个月）。此外，部署网络安全的成本也在大幅增加，因为它正变得非常资源和劳动密集型。 北卡罗来纳州夏洛特大学（University of North Carolina，简称夏洛特）正在领导NSF IUCRC网络安全分析和自动化中心（CCAA）的研究和行业社区，以应对这些挑战。我们的目标是建立跨学科学术研究人员，行业合作伙伴和政府机构的临界质量，通过开发创新的感知和决策能力来推进网络安全分析和自动化的科学和最先进的技术，用于自主和自适应网络防御，需要最少的人力参与，具有可证明和可衡量的安全性和弹性。我们考虑对网络安全工件进行正式和数据驱动的分析，以无缝集成自适应和自主网络防御的感知和决策。 CCAA汇集了正式和数据驱动的网络安全专家，以推进多个方面的网络防御，即：（a）使用异构网络工件开发动态和预测性网络风险分析，（B）根据使命要求，为可证明正确和安全的防御策略开发自适应和自主决策，和系统配置，以及（c）将网络弹性和敏捷性作为网络和网络物理系统安全的固有属性进行整合。 夏洛特夏洛特网站将领导研究和管理活动，并在配置验证、自动化风险量化和缓解、自适应学习、网络威胁分析和网络敏捷性的正式方法方面为CCAA提供深刻的技术贡献。 该中心将创建和维护一个中心范围内的存储库，使所有产品的研究？数据集、代码、工具、实验结果、草稿等？为所有中心提供？的成员。 该储存库将通过中心访问？的网站（http：//www.ccaa-nsf.org/）。 与中心一致？的章程和任何适用的NSF或个别大学？根据这些要求，其中一些产品将提供给更广泛的研究和工业界。 在第二阶段的工作期间，储存库将得到积极的维护，并且可以在线访问。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。