CICI: Secure and Resilient Architecture: Effective and Economical Protection for High-Performance Research and Education Networks

CICI：安全和弹性架构：为高性能研究和教育网络提供有效且经济的保护

基本信息

批准号：
1642161
负责人：
Johanna Amann
金额：
$ 99.95万
依托单位：
International Computer Science Institute
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2016
资助国家：
美国
起止时间：
2016-10-01 至 2022-09-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1642161&HistoricalAwards=false
关键词：
CICI Secure Resilient Architecture Effective

项目摘要

Scientific research requires the free exchange of information and ideas among collaborators worldwide. For this, scientists depend critically on full and open access to the Internet. Yet in today's world, such open access also exposes sites to incessant network attacks like theft of information, parasitic resource consumption, or suffering from (or inadvertently participating in) denial-of-service (DOS) attacks. Some of the most powerful networks today remain particularly hard to defend: the 100G environments and backbones that facilitate modern data-intensive sciences - physics, astronomy, medicine, climate research - prove extremely sensitive to the slightest disturbances. For these networks, traditional enterprise solutions such as firewalls and intrusion detection systems (IDS), remain infeasible as they cannot operate reliably at such high speeds. This project develops a novel, comprehensive framework that integrates software and hardware for the economical protection of critical high-performance science infrastructure.The project increases the performance of network monitoring by offloading low-level operations from software into hardware, such as switches and computer network interface cards. The project enables network monitoring systems to tie into the hardware offloading being developed. Furthermore, the project expands the capabilities of network monitoring systems to create visibility into science networks, for example, by adding support for the protocols used for high-speed scientific data transfers. It also extends support for responding actively to malicious activity like denial-of-service attacks. This project implements these capabilities in the open-source Bro network security monitor utilized by many NSF-supported organizations nationwide to protect their scientific cyberinfrastructure.

科学研究需要世界各地的合作者之间自由交换信息和想法。为此，科学家们严重依赖于全面、开放的互联网访问。然而在当今世界，这种开放访问也使站点面临不断的网络攻击，例如信息盗窃、寄生资源消耗或遭受（或无意中参与）拒绝服务（DOS）攻击。当今一些最强大的网络仍然特别难以防御：促进现代数据密集型科学（物理、天文学、医学、气候研究）的 100G 环境和骨干网对最轻微的干扰极其敏感。对于这些网络，防火墙和入侵检测系统 (IDS) 等传统企业解决方案仍然不可行，因为它们无法以如此高的速度可靠运行。该项目开发了一种新颖的综合框架，集成了软件和硬件，以经济地保护关键的高性能科学基础设施。该项目通过将低级操作从软件卸载到硬件（例如交换机和计算机网络）来提高网络监控的性能接口卡。该项目使网络监控系统能够与正在开发的硬件卸载相结合。此外，该项目还扩展了网络监控系统的功能，以创建科学网络的可见性，例如，通过添加对用于高速科学数据传输的协议的支持。它还扩展了对主动响应拒绝服务攻击等恶意活动的支持。该项目在开源 Bro 网络安全监视器中实现了这些功能，全国许多 NSF 支持的组织都使用该监视器来保护其科学网络基础设施。