SaTC-CCRI: Collaborative Research: Sharing Expertise and Artifacts for Reuse through Cybersecurity CommunityHub (SEARCCH)

SaTC-CCRI：协作研究：通过网络安全社区中心 (SEARCCH) 共享专业知识和工件以供重复使用

• 批准号: 1925773
• 负责人: Terry Benzel
• 金额: $ 42.5万
• 依托单位: University of Southern California
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1925773&HistoricalAwards=false
• 关键词: SaTC; CCRI; Collaborative; Research; Sharing

Cybersecurity research experiments are frequently performed in ad hoc ways, which severely retards scientific progress. Most researchers use a combination of methods and infrastructure to conduct experiments using one-off, painstaking, and error-prone processes that are never shared for reuse and validation. The lack of repeatable, reproducible, and reusable processes and other artifacts limits one's ability to build upon the work of others or to compare solutions. Enabling the community to share and reuse experiment artifacts is crucial to transforming the way cybersecurity research is conducted. SEARCCH creates a collaborative, community-driven platform that lowers the barrier to sharing by aiding researchers in packaging, importing, locating, understanding, and reusing experiment artifacts. The artifacts organized by the platform, including tools, methodologies, documentation, and data, can be deployed to community testbeds for performing new experiments. Concurrently, SEARCCH engages in outreach activities to build an active, diverse, online community around the hub to enable direct sharing of expertise and crowdsourcing research ideas and experiment design. Through a process of continuous learning and improvement, the hub will grow over time to include collections of artifacts covering a broad range of cybersecurity research topics and add support for newly identified community needs. These activities together will transform the way cybersecurity research is conducted in the cybersecurity community, improving the overall scientific quality of cybersecurity research through validation, repeatable sharing and reuse, and a collective approach to building on research results.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

网络安全研究实验经常以临时方式进行，这严重阻碍了科学进步。大多数研究人员结合使用方法和基础设施来进行实验，使用一次性、艰苦且容易出错的过程，而这些过程永远不会共享以供重用和验证。缺乏可重复、可再现和可重用的流程和其他工件限制了一个人基于他人工作或比较解决方案的能力。使社区能够共享和重用实验工件对于改变网络安全研究的进行方式至关重要。 SEARCCH 创建了一个协作、社区驱动的平台，通过帮助研究人员打包、导入、定位、理解和重用实验工件来降低共享障碍。 该平台组织的工件（包括工具、方法、文档和数据）可以部署到社区测试台以执行新实验。与此同时，SEARCCH 还开展外展活动，围绕中心建立一个活跃、多元化的在线社区，以便直接分享专业知识以及众包研究想法和实验设计。 通过不断学习和改进的过程，该中心将随着时间的推移不断发展，包括涵盖广泛网络安全研究主题的工件集合，并增加对新确定的社区需求的支持。这些活动共同将改变网络安全界进行网络安全研究的方式，通过验证、可重复共享和重用以及以研究成果为基础的集体方法来提高网络安全研究的整体科学质量。该奖项反映了 NSF 的法定使命，并具有通过使用基金会的智力优点和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Toward Findable, Accessible, Interoperable, and Reusable Cybersecurity Artifacts

迈向可查找、可访问、可互操作和可重复使用的网络安全工件

• DOI: 10.1145/3546096.3546104
• 发表时间: 2022-08
• 期刊: Cybersecurity Experiment and Test Workshop
• 作者: Balenson, D.;Benzel, T.;Eide, E.;Emmerich, D.;Johnson, D.;Mirkovic, J.;Tinnel, L.
• 通讯作者: Tinnel, L.