CAREER: Foundational Principles for Harnessing Provenance Analytics for Advanced Enterprise Security

职业:利用来源分析实现高级企业安全的基本原则

基本信息

  • 批准号:
    2339483
  • 负责人:
  • 金额:
    $ 72.51万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Continuing Grant
  • 财政年份:
    2024
  • 资助国家:
    美国
  • 起止时间:
    2024-06-01 至 2029-05-31
  • 项目状态:
    未结题

项目摘要

Modern data centers face significant challenges from increasingly sophisticated cyber threats. Compute servers comprise multiple software layers built upon complex hardware. Both the hardware complexity and the multi-layer software approach can be leveraged by threat actors to conceal their activities and evade detection. This proposal introduces automated techniques for swift detection, investigation, and response to such stealthy threats, with a focus on leveraging data provenance. Data provenance involves continuously collecting detailed data histories, including origins, handling, and evolution, to enhance system and application transparency. By improving the visibility and security within data centers, we aim to protect critical infrastructure and sensitive information, aligning with national security goals. The proposed work includes initiatives in education and broadening participation that will equip diverse students with essential cybersecurity skills through innovative pedagogy, hands-on laboratories, and engaging K-12 workshops. This educational approach is crucial for developing a skilled workforce prepared to address future cybersecurity challenges.This proposal aims to counter Advanced Persistent Threats (APTs) and enhance enterprise security by incorporating data provenance, a method for tracking the origin and evolution of data objects. Data provenance provides a rich historical context for understanding system operations, key to enhancing threat detection and response. The technical methodology encompasses three primary research objectives: first, developing a comprehensive system for auditing and unifying data provenance across various system layers; second, implementing advanced graph representation learning techniques to enhance the accuracy of threat detection systems, leveraging the rich historical context provided by data provenance; and third, focusing on constructing an AI-powered automated incident response framework, utilizing insights from data provenance to inform and streamline response actions. Anticipated outcomes include innovative techniques for the efficient collection and integration of data provenance, the development of scalable models for threat detection, and the creation of frameworks for rapid and automated incident response. The proposal has the potential to significantly transform enterprise security practices, leading to more robust defenses against complex cyber threats and contributing to a safer and more secure digital environment.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
现代数据中心面临着日益复杂的网络威胁带来的重大挑战。计算服务器由构建在复杂硬件上的多个软件层组成。威胁参与者可以利用硬件复杂性和多层软件方法来隐藏其活动并逃避检测。该提案引入了自动化技术,用于快速检测、调查和响应此类隐形威胁,重点是利用数据来源。数据来源涉及不断收集详细的数据历史,包括起源、处理和演变,以增强系统和应用程序的透明度。通过提高数据中心的可见性和安全性,我们的目标是保护关键基础设施和敏感信息,与国家安全目标保持一致。拟议的工作包括教育和扩大参与方面的举措,通过创新教学法、动手实验室和参与K-12研讨会,为不同的学生提供基本的网络安全技能。这种教育方法对于培养一支准备好应对未来网络安全挑战的熟练劳动力至关重要。该提案旨在对抗高级持续威胁(apt),并通过合并数据来源(一种跟踪数据对象的起源和演变的方法)来增强企业安全性。数据来源为理解系统操作提供了丰富的历史背景,是增强威胁检测和响应的关键。技术方法包括三个主要研究目标:第一,开发一个全面的系统,用于审计和统一跨各个系统层的数据来源;其次,利用数据来源提供的丰富历史背景,实现先进的图表示学习技术来提高威胁检测系统的准确性;第三,专注于构建人工智能驱动的自动事件响应框架,利用来自数据来源的见解来通知和简化响应行动。预期成果包括用于有效收集和集成数据来源的创新技术,用于威胁检测的可扩展模型的开发,以及用于快速和自动化事件响应的框架的创建。该提案有可能显著改变企业安全实践,从而更强大地防御复杂的网络威胁,并为更安全、更可靠的数字环境做出贡献。该奖项反映了美国国家科学基金会的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Wajih Ul Hassan其他文献

Is Eating Pathology Prevalent Among Social Media Users of Karachi, Pakistan ? A Cross-sectional Study
巴基斯坦卡拉奇的社交媒体用户中饮食病理学普遍吗?
  • DOI:
  • 发表时间:
    2021
  • 期刊:
  • 影响因子:
    0
  • 作者:
    I. Zahid;Munira Jamali;Sheena Nadeem Alam;Wajih Ul Hassan;Osama Zafar;H. Waseem
  • 通讯作者:
    H. Waseem

Wajih Ul Hassan的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

相似海外基金

Research Infrastructure: CC* Data Storage: Foundational Campus Research Storage for Digital Transformation
研究基础设施:CC* 数据存储:数字化转型的基础校园研究存储
  • 批准号:
    2346636
  • 财政年份:
    2024
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
CAREER: Continual Learning with Evolving Memory, Soft Supervision, and Cross-Domain Knowledge - Foundational Theory and Advanced Algorithms
职业:利用进化记忆、软监督和跨领域知识进行持续学习——基础理论和高级算法
  • 批准号:
    2338506
  • 财政年份:
    2024
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Continuing Grant
CAREER: Efficient and Scalable Large Foundational Model Training on Supercomputers for Science
职业:科学超级计算机上高效且可扩展的大型基础模型训练
  • 批准号:
    2340011
  • 财政年份:
    2024
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
Sonar Foundational Model for Representation Learning and Automatic Target Recognition Systems in Underwater Maritime Environment
水下海洋环境中表示学习和自动目标识别系统的声纳基础模型
  • 批准号:
    2903803
  • 财政年份:
    2024
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Studentship
TRTech-PGR: Unlocking Bread Wheat Genome Diversity: Foundational Genome Sequences and Resources to Advance Breeding and Biotechnological Improvement of a Global Food Security Crop
TRTech-PGR:解锁面包小麦基因组多样性:促进全球粮食安全作物育种和生物技术改进的基础基因组序列和资源
  • 批准号:
    2322957
  • 财政年份:
    2024
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
Establishing foundational tools and datasets for investigation of NSD1 gene function in neural development
建立用于研究神经发育中 NSD1 基因功能的基础工具和数据集
  • 批准号:
    10711291
  • 财政年份:
    2023
  • 资助金额:
    $ 72.51万
  • 项目类别:
Conference: NSF-NIH Joint Workshop on Foundational AI in Biology
会议:NSF-NIH 生物学基础人工智能联合研讨会
  • 批准号:
    2325301
  • 财政年份:
    2023
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
Remote and Autonomous Integrated Service Robot System Based on Intuitive Human Sensation and Foundational Model
基于人类直觉和基础模型的远程自主综合服务机器人系统
  • 批准号:
    23K20003
  • 财政年份:
    2023
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Grant-in-Aid for Research Activity Start-up
Collaborative Research: IIS: III: MEDIUM: Learning Protein-ish: Foundational Insight on Protein Language Models for Better Understanding, Democratized Access, and Discovery
协作研究:IIS:III:中等:学习蛋白质:对蛋白质语言模型的基础洞察,以更好地理解、民主化访问和发现
  • 批准号:
    2310113
  • 财政年份:
    2023
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
Collaborative Research: Leveraging historical collections and new surveys to characterize foundational shifts in vital symbioses in the threatened Arctic
合作研究:利用历史收藏和新调查来描述受威胁的北极地区重要共生关系的根本性变化
  • 批准号:
    2345994
  • 财政年份:
    2023
  • 资助金额:
    $ 72.51万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了