CICI: SSC: Proactive Cyber Threat Intelligence and Comprehensive Network Monitoring for Scientific Cyberinfrastructure: The AZSecure Framework

CICI：SSC：科学网络基础设施的主动网络威胁情报和综合网络监控：AZSecure 框架

基本信息

批准号：
1917117
负责人：
Hsinchun Chen
金额：
$ 99.8万
依托单位：
University of Arizona
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2019
资助国家：
美国
起止时间：
2019-07-01 至 2024-06-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1917117&HistoricalAwards=false
关键词：
CICI SSC Proactive Cyber Threat

项目摘要

The rapid growth of computing technologies in scientific instruments has increased the rate of discovery. Some recent examples include the discovery of new fundamental particles and the first-ever images of a black hole. Unfortunately, the same technologies contributing to these high-impact discoveries are also being targeted by hackers to steal ideas or for profit. These attacks threaten the privacy, integrity, and ability to access valuable scientific data and events. The risks to scientific facilities and how they can be attacked have still not been properly mapped. This project will use novel Artificial Intelligence to (1) study hackers in the international and ever-evolving Dark Web and identify and categorize hundreds of thousands of risks and (2) link those risks to possible attacks on two large-scale science community facilities. One of them is a facility funded by the National Science Foundation offering advanced computing resources for Life Sciences. The other uses a network of sensors around the globe to collect detailed and timely data for Earth Sciences. Studying these valuable targets enables investigation of current and emerging threats that present risk to scientific discovery.Led by the Hispanic Serving Institution (HSI) University of Arizona (UA), this project designs an innovative, holistic, and proactive Cyber Threat Intelligence (CTI) framework with two synergistic research streams. The first builds upon advanced topic modelling and text classification approaches from our NSF Secure and Trustworthy Cyberspace (SaTC) research to systematically collect and explore multi-million record Dark Web hacker forums for scientific cyberinfrastructure exploits. The second designs novel banner data feature extraction, text analytics, and custom vulnerability scanning integrating state-of-the-art tools to comprehensively categorize and assess the vulnerabilities within CyVerse?s (life sciences) and LEO?s (earth sciences) diverse instruments, data, hardware, and software. Exploit and vulnerability assessment results are linked via a novel deep learning-based Exploit Vulnerability Deep Structured Semantic Model (EV-DSSM) based on word embedding. UA?s National Security Agency-designated Center of Academic Excellence in Cyber Defense, Research, and Operations, NSF Scholarship-for-Service (SFS) Cyber-Corps, and Master?s in Cybersecurity programs position the project for synergy with teaching and research. Techniques developed in this project will advance knowledge not only CTI, but network analysis, deep learning, and text analytics across multiple disciplines. Findings from this research will be disseminated to 75+ SFS partner institutions and operational intelligence for the larger scientific community (e.g., NSF Cybersecurity Summits of Large Facilities and Cyberinfrastructure).This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

科学仪器中计算技术的快速增长提高了发现率。最近的一些例子包括发现新的基本粒子和黑洞的第一个图像。不幸的是，黑客也针对窃取想法或盈利的相同技术也是针对这些高影响力发现的相同技术。这些攻击威胁着访问有价值的科学数据和事件的隐私，完整性和能力。科学设施的风险以及如何被攻击的风险仍未得到适当映射。该项目将使用新颖的人工智能来（1）在国际和不断发展的黑暗网络中研究黑客，并识别和分类数十万个风险，以及（2）将这些风险与对两个大型科学社区设施的可能攻击联系起来。其中之一是由国家科学基金会资助的设施，为生命科学提供先进的计算资源。另一个使用全球的传感器网络来收集地球科学的详细和及时数据。研究这些有价值的目标可以调查当前和新兴的威胁，这些威胁对科学发现呈现风险。由西班牙裔服务机构（HSI）亚利桑那大学（UA）领导，该项目设计了一个创新，整体和主动的网络威胁智能（CTI）框架，该框架具有两个协同的研究流。第一个基于我们的NSF安全和值得信赖的网络空间（SATC）研究的高级主题建模和文本分类方法，以系统地收集和探索数百万的记录记录的深层网络黑客论坛，以实现科学的Cyberinfrststructure漏洞。第二个设计新颖的横幅数据功能提取，文本分析以及自定义脆弱性扫描整合最先进的工具，以全面地分类和评估Cyverse的漏洞（生命科学）和LEO（地球科学）（地球科学）各种仪器，数据，硬件和软件。利用和脆弱性评估结果通过基于单词嵌入的新型深度学习漏洞深度结构化语义模型（EV-DSSM）链接。 UA是国家安全局指定的网络防御，研究和运营学术卓越中心，NSF奖学金（SFS）网络奖学金，以及网络安全计划中的硕士学位，将其定位为与教学和研究协同的项目。该项目中开发的技术不仅可以推动CTI的知识，而且还可以推动跨多个学科的网络分析，深度学习和文本分析。 Findings from this research will be disseminated to 75+ SFS partner institutions and operational intelligence for the larger scientific community (e.g., NSF Cybersecurity Summits of Large Facilities and Cyberinfrastructure).This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

项目成果

期刊论文数量（22）

专著数量（0）

科研奖励数量（0）

会议论文数量（0）

专利数量（0）

A Deep Learning Approach for Recognizing Activity of Daily Living (ADL) for Senior Care: Exploiting Interaction Dependency and Temporal Patterns

DOI：
10.25300/misq/2021/15574
发表时间：
2021-06
期刊：
MIS Q.
影响因子：
0
作者：
Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen
通讯作者：
Hongyi Zhu;Sagar Samtani;Randall A. Brown;Hsinchun Chen

Labeling Hacker Exploits for Proactive Cyber Threat Intelligence: A Deep Transfer Learning Approach

DOI：
10.1109/isi49825.2020.9280548
发表时间：
2020-11
期刊：
2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
影响因子：
0
作者：
Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen
通讯作者：
Benjamin Ampel;Sagar Samtani;Hongyi Zhu;Steven Ullman;Hsinchun Chen

Distilling Contextual Embeddings Into A Static Word Embedding For Improving Hacker Forum Analytics

将上下文嵌入提炼为静态词嵌入以改进黑客论坛分析

DOI：
10.1109/isi53945.2021.9624848
发表时间：
2021
期刊：
Proceedings of 2021 IEEE International Conference on Intelligence and Security Informatics (IEEE ISI 2021
影响因子：
0
作者：
Ampel, Benjamin;Chen, Hsinchun
通讯作者：
Chen, Hsinchun

Identifying Patterns of Vulnerability Incidence in Foundational Machine Learning Repositories on GitHub: An Unsupervised Graph Embedding Approach