Collaborative Research: SaTC: EDU: A Hands-on Approach to Securing Self-Driving Networks

合作研究：SaTC：EDU：保护自动驾驶网络安全的实践方法

• 批准号: 2113945
• 负责人: Sajad Khorsandroo
• 金额: $ 17.35万
• 依托单位: North Carolina Agricultural & Technical State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-09-01 至 2024-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2113945&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Hands

This award is funded in whole or in part under the American Rescue Plan Act of 2021 (Public Law 117-2). Today’s computer networks have grown both in complexity and in scale, in part as a response to diverse connectivity requirements in the era of the Internet of Things, Cloud 3.0, and Big Data. Existing network management solutions cannot keep up with the demand for solutions to real-time network management problems resulting from these increasingly complex networks. Network management requires a fundamentally new approach in which networks can autonomously control, configure, and manage themselves. While these “self-driving networks” offer numerous opportunities for efficient network management, they introduce new threats and attack vectors that must be addressed to secure them. Unfortunately, there is currently a shortfall of professionals trained in autonomous and intelligent network security and a shortfall of content with which to train these professionals. This project will address these shortfalls by developing lab-intensive modules that enable undergraduate students to gain fundamental and advanced knowledge in securing next-generation self-driving networks. The project team will develop six self-contained modules with comprehensive coverage of the techniques, tools, and methods required to secure self-driving networks. The modules will cover (1) attack investigation and analysis of legacy, Software Defined Networking (SDN), and adversarial attacks; (2) hunting for vulnerabilities using static analysis, software component analysis, automated known attack patterns, and behavioral analysis; (3) network-wide data collection using classic and OpenFlow based approaches; (4) protection using runtime application self-protection, automated patching, and security information and event management; (5) evaluation using continuous adaptive risk and thrust assessment; and (6) action using security orchestration, automation and response. In addition, this project aims to increase the participation of underrepresented groups in STEM by organizing workshops and participating in professional conferences. The project team will also organize a workshop to disseminate the modules to interested faculty members from other organizations.This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该奖项全部或部分根据2021年美国救援计划法案（公法117-2）资助。当今的计算机网络在复杂性和规模上都在增长，部分原因是为了应对物联网、云3.0和大数据时代的各种连接需求。现有的网络管理解决方案不能跟上对这些日益复杂的网络所导致的实时网络管理问题的解决方案的需求。网络管理需要一种全新的方法，使网络能够自主控制、配置和管理自己。虽然这些“自动驾驶网络”为有效的网络管理提供了许多机会，但它们也引入了新的威胁和攻击媒介，必须加以解决以保护它们。不幸的是，目前缺乏经过自主和智能网络安全培训的专业人员，也缺乏培训这些专业人员的内容。该项目将通过开发实验室密集型模块来解决这些不足，使本科生能够获得保护下一代自动驾驶网络的基础和高级知识。该项目团队将开发六个独立模块，全面涵盖保护自动驾驶网络所需的技术、工具和方法。这些模块将涵盖（1）对传统、软件定义网络（SDN）和对抗性攻击的攻击调查和分析;（2）使用静态分析、软件组件分析、自动化已知攻击模式和行为分析来寻找漏洞;（3）使用经典和基于OpenFlow的方法来收集网络范围内的数据;（4）使用运行时应用程序自我保护、自动修补以及安全信息和事件管理进行保护;（5）使用连续自适应风险和推力评估进行评估;以及（6）使用安全编排、自动化和响应进行操作。此外，该项目旨在通过组织研讨会和参加专业会议，增加代表性不足的群体对STEM的参与。项目团队还将组织一次研讨会，向其他组织感兴趣的教职员工传播这些模块。该项目得到了安全和值得信赖的网络空间（SaTC）计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，在这种情况下，特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。