CICI: RSSD:Massive Internal System Traffic Research Analysis and Logging
CICI:RSSD:大规模内部系统流量研究分析和记录
基本信息
- 批准号:2232819
- 负责人:
- 金额:$ 60万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2022
- 资助国家:美国
- 起止时间:2022-11-01 至 2025-10-31
- 项目状态:未结题
- 来源:
- 关键词:
项目摘要
This project creates a dataset (the MISTRAL Dataset) for cybersecurity researchers and network operators to use in identifying threats and thereby better protect research-related resources. The sources of data contained in the Dataset reflect actual network activity to and from several scientific applications and their related cyberinfrastructure. These data are safely captured, securely stored and accessible through authorized access to associated cybersecurity researchers for in the purpose of detecting abnormal or malicious activities that could represent threats to the identified science applications and cyberinfrastructure. Because the data are collected continuously and through automated means, the MISTRAL Dataset provides a realistic and relevant characterization of threats over time. The project also produces a public version of the Dataset.The MISTRAL project encompasses an Infrastructure, the Dataset and a set of proof-of-concept analytic endeavors. The Infrastructure includes a data storage pipeline for handling an estimated 1TB/day of data stored on-premises and/or in the cloud, a reference monitoring framework, and tools for collecting, analyzing, and sharing the data and relevant metadata that characterize both north-south (Internet-facing) and east-west (lateral) data flows. The Dataset consists of safely captured domain science workflow behavior using production network flows (e.g., source/destination IP, port, protocol, date/time, number, and size of connections) and data centers and research labs, as well as supplemental data from DNS, authentication logs, intrusion detection alerts and other security event alerts (e.g., threat intelligence data detailing Indicators of Compromise). The initial proof-of-concept analytics comprise various researcher and student (graduate and undergraduate course project) data analysis efforts to devise techniques for detecting abnormal or malicious activity or to study that activity; these collaborators also test the MISTRAL environment and Dataset to recommend refinement of the Infrastructure and the data collection process.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
该项目为网络安全研究人员和网络运营商创建了一个数据集(MISTRAL数据集),用于识别威胁,从而更好地保护研究相关资源。数据集中所载数据的来源反映了若干科学应用及其相关网络基础设施之间的实际网络活动。这些数据被安全地捕获,安全地存储,并通过授权访问相关的网络安全研究人员进行访问,以检测可能对已识别的科学应用和网络基础设施构成威胁的异常或恶意活动。由于数据是通过自动化手段连续收集的,MISTRAL数据集提供了一个现实和相关的威胁特征。MISTRAL项目包括一个基础设施、数据集和一系列概念验证分析工作。 该基础设施包括一个数据存储管道,用于处理估计每天1 TB的本地和/或云中存储的数据,一个参考监控框架,以及用于收集、分析和共享数据和相关元数据的工具,这些数据和元数据表征了南北(面向互联网)和东西(横向)数据流。数据集由使用生产网络流安全捕获的领域科学工作流行为组成(例如,源/目的地IP、端口、协议、日期/时间、数量和连接大小)和数据中心和研究实验室,以及来自DNS的补充数据、认证日志、入侵检测警报和其他安全事件警报(例如,威胁情报数据,详细说明妥协指标)。 最初的概念验证分析包括各种研究人员和学生(研究生和本科课程项目)数据分析工作,旨在设计检测异常或恶意活动或研究该活动的技术;这些合作者还测试MISTRAL环境和数据集,以建议改进基础设施和数据收集流程。该奖项反映了NSF的法定使命,并被认为值得通过使用基金会的知识价值和更广泛的影响审查标准进行评估。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Alexander Merck其他文献
Halogenfreie lösliche Ziegler‐Katalysatoren für die Ethylen‐Polymerisation. Regelung des Molekulargewichtes durch Wahl der Reaktionstemperatur
无卤齐格勒催化剂用于乙烯聚合。
- DOI:
- 发表时间:
1976 - 期刊:
- 影响因子:0
- 作者:
Arne Andresen;H. Cordes;J. Herwig;W. Kaminsky;Alexander Merck;Renke Dr Mottweiler;Joachim Dipl Chem Pein;H. Sinn;H. Vollmer - 通讯作者:
H. Vollmer
Alexander Merck的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
相似海外基金
CICI: RSSD: A Vulnerability Modeling Approach Toward Secure Scientific Cyber-Infrastructures
CICI:RSSD:一种实现安全科学网络基础设施的漏洞建模方法
- 批准号:
2319934 - 财政年份:2023
- 资助金额:
$ 60万 - 项目类别:
Standard Grant
CICI: RSSD: DISCERN: Datasets to Illuminate Suspicious Computations on Engineering Research Networks
CICI:RSSD:DISCERN:阐明工程研究网络上可疑计算的数据集
- 批准号:
2319864 - 财政年份:2023
- 资助金额:
$ 60万 - 项目类别:
Standard Grant
CICI: RSSD: LaSIC: Labeled Security Information Capture
CICI:RSSD:LaSIC:标记安全信息捕获
- 批准号:
2232864 - 财政年份:2023
- 资助金额:
$ 60万 - 项目类别:
Standard Grant