CICI: RSSD: A Vulnerability Modeling Approach Toward Secure Scientific Cyber-Infrastructures

CICI：RSSD：一种实现安全科学网络基础设施的漏洞建模方法

• 批准号: 2319934
• 负责人: Abdolhossein Sarrafzadeh
• 金额: $ 59.98万
• 依托单位: North Carolina Agricultural & Technical State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-09-01 至 2026-08-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2319934&HistoricalAwards=false
• 关键词: CICI; RSSD; Vulnerability; Modeling; Approach

Scientific cyber-infrastructures play a crucial role in facilitating scientific research and discovery by providing advanced data management capabilities. This research project aims to fortify the cybersecurity of data-intensive scientific cyber-infrastructures, safeguarding valuable scientific data and preserving research integrity. To achieve this objective, the project aims to form a cybersecurity coalition among institutions within the state of North Carolina, promoting collaboration and knowledge sharing. Comprehensive cybersecurity incident data is collected within the coalition using advanced tools that gather information on incident types, timestamps, locations, active security policies, and impact levels. The collected data is utilized to model typical vulnerabilities encountered in data-intensive systems, enabling proactive vulnerability management and improving the incident response. This project impacts a wide community of scholars that conduct research through the application of a variety of data-intensive scientific cyber-infrastructures. Also, the research methodology developed in this project can be used to safeguard other scientific cyber-infrastructures. This project leverages a cybersecurity knowledge graph (CSKG) to model and integrate the collected data. The CSKG incorporates data from the coalition as well as authoritative sources such as the National Vulnerability Database, Malware Attribute Enumeration and Characterization and Open-Source Vulnerability Database. Advanced natural language processing techniques and deep learning models are developed to process the generated data and construct the CSKG. By representing the scientific cyber-infrastructure as a directed graph, the CSKG we provide an intuitive visualization and effective querying, revealing intricate relationships between vulnerabilities, attacks and affected systems. This research endeavor will establish North Carolina Agricultural and Technical State University as a leader in cybersecurity research and education. Through the cybersecurity coalition collaboration, valuable insights and best practices are shared, fostering a collective effort to strengthen the security posture of scientific cyber-infrastructures.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

科学网络基础设施通过提供先进的数据管理能力，在促进科学研究和发现方面发挥着至关重要的作用。该研究项目旨在加强数据密集型科学网络基础设施的网络安全，保护有价值的科学数据并维护研究的完整性。 为了实现这一目标，该项目旨在北卡罗来纳州内的机构之间形成一个网络安全联盟，促进合作和知识共享。在联盟内部使用高级工具收集全面的网络安全事件数据，这些工具收集有关事件类型、时间戳、位置、活动安全策略和影响级别的信息。收集的数据用于模拟数据密集型系统中遇到的典型漏洞，从而实现主动漏洞管理并改善事件响应。该项目影响了通过应用各种数据密集型科学网络基础设施进行研究的广泛学者社区。此外，该项目中开发的研究方法可用于保护其他科学网络基础设施。该项目利用网络安全知识图（CSGG）对收集的数据进行建模和整合。CSGG整合了来自联盟以及权威来源的数据，如国家漏洞数据库，恶意软件属性枚举和表征以及开源漏洞数据库。开发先进的自然语言处理技术和深度学习模型来处理生成的数据并构建CSGG。通过将科学网络基础设施表示为有向图，CSGG提供了直观的可视化和有效的查询，揭示了漏洞，攻击和受影响系统之间的复杂关系。这项研究奋进将使北卡罗来纳州农业和技术州立大学成为网络安全研究和教育的领导者。通过网络安全联盟的合作，分享了宝贵的见解和最佳实践，促进了加强科学网络基础设施安全态势的集体努力。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。