BD Spokes: PLANNING: NORTHEAST: Cross-organization Big Data Cyber Attack Awareness

BD 发言人：规划：东北：跨组织大数据网络攻击意识

• 批准号: 1636899
• 负责人: John Yen
• 金额: $ 9.96万
• 依托单位: Pennsylvania State Univ University Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-09-01 至 2017-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1636899&HistoricalAwards=false
• 关键词: BD; Spokes; PLANNING; NORTHEAST; Cross

Cyber attacks, especially those involving Advanced Persistent Threats (APTs), have targeted organizations of all types, including higher education institutions. A key opportunity to counter large-scale cyber attacks is to initiate the establishment of a broad partnership regarding the ultimate goal of cross-organization protected sharing of relevant cyber security data for enhanced operation, workforce development, and research. The impacts of sharing cyber security data are immense. Due to the risks of monoculture in enterprise computing, the "one plus one is greater than two" effects have already been widely recognized in the cyber security community. They can enhance collaborative cyber security operations through cross-organization sharing of relevant cybersecurity data. They can also empower researchers to develop scalable data analytics and tools for more effective prevention, mitigation, and response to cross-organization cyber attacks. Finally, they can significantly enhance the education and learning of diverse cyber security workforce (including developers, analysts, and managers). A key challenge for sharing cyber security data is an institution's concern about potential risks involved in sharing such data. Due to the complexity of the problems, solutions to tackle this challenge can only emerge from meetings and forums that include all stake holders such that their potential concerns about sharing cyber security data can be addressed together. Furthermore, thought leaders in cyber security, big data analytics, cyber infrastructure, privacy, data sharing policy and compliance can all contribute to such discussions in a unique way. Therefore, this project will organize a series of planning activities (including a workshop) regarding Cross-organization Sharing of Cyber Security Data, in collaboration with the Northeast Big Data Hub, Penn State, Rutgers University, Dartmouth College, industry partners (e.g., IBM), and government partners (e.g., Army Research Lab). The workshop will generate a report regarding best practices (including draft agreements and related infrastructures), planning for workforce development, and path to financial sustainability for three academic institutions in Northeast region (i.e., the Pennsylvania State University, Rutgers University, and Dartmouth College) to enable and leverage cross-organization sharing of massive cyber security data.This project will improve our understanding about the complex issues related to barriers for protected sharing of cyber security data. An improved understanding regarding these issues and their relationships in a holistic way provides a critical base on which possible best practices for agreements, frameworks, and cyber infrastructures for sharing relevant cyber security data can be established. In addition, the workshop will also identify options and uncover their tradeoffs for addressing the complex issues for cross-organization sharing of cyber security data. It is likely that these tacit knowledge, once articulated clearly through the workshop report, will enhance the formal knowledge regarding cyber security analysis, management, and tool development, especially for achieving cross-organization big data cyber attack awareness. This project will also generate three broad impacts: (i) it will fundamentally transform cyber defense operations by enabling multi-organization collaborative defense; (ii) it will enhance the global competitiveness of diverse cyber security workforce through enhancements to training tools, learning modules, and courses that leverage real-world cyber security data; (iii) it will foster research regarding cross-organization cyber situation awareness through innovative analytics of massive cross-organization cyber security data.This award is co-funded by the CISE Division of Computer and Network Systems (CNS) Secure and Trustworthy Computing (SaTC) Program.

网络攻击，特别是涉及高级持续威胁 (APT) 的网络攻击，针对包括高等教育机构在内的所有类型的组织。 应对大规模网络攻击的一个关键机会是建立广泛的伙伴关系，以实现跨组织保护共享相关网络安全数据的最终目标，以加强运营、劳动力发展和研究。共享网络安全数据的影响是巨大的。 由于企业计算单一化的风险，“一加一大于二”的效应已经得到网络安全界的广泛认可。 他们可以通过跨组织共享相关网络安全数据来增强协作网络安全操作。 它们还可以帮助研究人员开发可扩展的数据分析和工具，以更有效地预防、缓解和响应跨组织网络攻击。最后，它们可以显着增强多元化网络安全人员（包括开发人员、分析师和管理人员）的教育和学习。 共享网络安全数据的一个关键挑战是机构对共享此类数据所涉及的潜在风险的担忧。 由于问题的复杂性，应对这一挑战的解决方案只能来自包括所有利益相关者的会议和论坛，以便共同解决他们对共享网络安全数据的潜在担忧。此外，网络安全、大数据分析、网络基础设施、隐私、数据共享政策和合规性方面的思想领袖都可以以独特的方式为此类讨论做出贡献。 因此，本项目将与东北大数据中心、宾夕法尼亚州立大学、罗格斯大学、达特茅斯学院、行业合作伙伴（例如IBM）合作，组织一系列关于网络安全数据跨组织共享的规划活动（包括研讨会） ）和政府合作伙伴（例如陆军研究实验室）。 该研讨会将生成一份关于最佳实践（包括协议草案和相关基础设施）、劳动力发展规划以及东北地区三个学术机构（即宾夕法尼亚州立大学、罗格斯大学和达特茅斯学院）财务可持续性之路的报告实现和利用海量网络安全数据的跨组织共享。该项目将提高我们对与网络安全数据受保护共享障碍相关的复杂问题的理解。 对这些问题及其关系的全面理解为建立共享相关网络安全数据的协议、框架和网络基础设施的最佳实践奠定了关键基础。 此外，研讨会还将确定选项并揭示其权衡，以解决跨组织共享网络安全数据的复杂问题。 这些隐性知识一旦通过研讨会报告明确阐明，很可能将增强有关网络安全分析、管理和工具开发的正式知识，特别是实现跨组织大数据网络攻击意识。 该项目还将产生三个广泛的影响：（i）它将通过实现多组织协同防御从根本上改变网络防御行动； (ii) 它将通过增强利用真实世界网络安全数据的培训工具、学习模块和课程，提高多元化网络安全劳动力的全球竞争力； (iii) 它将通过对大量跨组织网络安全数据的创新分析来促进跨组织网络态势感知的研究。该奖项由 CISE 计算机和网络系统 (CNS) 安全可信计算部门 (SaTC) 共同资助） 程序。