CICI: Secure and Resilient Architecture: Effective and Economical Protection for High-Performance Research and Education Networks

CICI：安全和弹性架构：为高性能研究和教育网络提供有效且经济的保护

基本信息

批准号：
1642161
负责人：
Johanna Amann
金额：
$ 99.95万
依托单位：
International Computer Science Institute
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2016
资助国家：
美国
起止时间：
2016-10-01 至 2022-09-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1642161&HistoricalAwards=false
关键词：
CICI Secure Resilient Architecture Effective

项目摘要

Scientific research requires the free exchange of information and ideas among collaborators worldwide. For this, scientists depend critically on full and open access to the Internet. Yet in today's world, such open access also exposes sites to incessant network attacks like theft of information, parasitic resource consumption, or suffering from (or inadvertently participating in) denial-of-service (DOS) attacks. Some of the most powerful networks today remain particularly hard to defend: the 100G environments and backbones that facilitate modern data-intensive sciences - physics, astronomy, medicine, climate research - prove extremely sensitive to the slightest disturbances. For these networks, traditional enterprise solutions such as firewalls and intrusion detection systems (IDS), remain infeasible as they cannot operate reliably at such high speeds. This project develops a novel, comprehensive framework that integrates software and hardware for the economical protection of critical high-performance science infrastructure.The project increases the performance of network monitoring by offloading low-level operations from software into hardware, such as switches and computer network interface cards. The project enables network monitoring systems to tie into the hardware offloading being developed. Furthermore, the project expands the capabilities of network monitoring systems to create visibility into science networks, for example, by adding support for the protocols used for high-speed scientific data transfers. It also extends support for responding actively to malicious activity like denial-of-service attacks. This project implements these capabilities in the open-source Bro network security monitor utilized by many NSF-supported organizations nationwide to protect their scientific cyberinfrastructure.

科学研究需要在全球合作者之间自由交流信息和思想。为此，科学家批评完全开放访问互联网。然而，在当今的世界中，这种开放访问也使网站揭露了不断的网络攻击，例如盗窃信息，寄生资源消耗或遭受（或无意中参与）拒绝服务（DOS）攻击。当今一些最强大的网络仍然很难捍卫：100G环境和骨干促进了现代数据密集型科学 - 物理，天文学，医学，气候研究 - 证明对丝毫干扰非常敏感。对于这些网络，传统的企业解决方案（例如防火墙和入侵检测系统（IDS））仍然不可行，因为它们无法在如此高速的情况下可靠地运行。该项目开发了一个新颖，全面的框架，该框架将软件和硬件集成为关键高性能科学基础架构的经济保护。该项目通过将低级操作从软件转移到硬件（例如交换机和计算机网络界面卡）中来提高网络监视的性能。该项目使网络监视系统能够与正在开发的硬件卸载联系在一起。此外，该项目扩展了网络监视系统的功能，以创建科学网络的可见性，例如，通过增加对高速科学数据传输的协议的支持。它还扩大了积极应对恶意活动（例如拒绝服务攻击）的支持。该项目将这些功能实现在全国许多NSF支持的组织使用的开源网络安全监控器中，以保护其科学的网络基础设施。