As the techniques around maintaining a safe level of cybersecurity continue to evolve both publicly and privately, a group of ΒιΆΉΣ³» professors along with the University's chief information security officer are working on creating an active approach to a cybersecurity mindset that they believe has become too passive.
Associate professor Shamik Sengupta, the executive director of the interdisciplinary Cybersecurity Center, has teamed-up with fellow computer science and engineering department associates Mehmet Gunes, Ming Li and Nancy LaTourrette, as well as the University's chief information security officer Jeff Springer, to begin working on their two-year, $986,067 National Science Foundation-funded grant researching methods to allow for organizations and companies to share cyber threat information within a privacy-preserving computing paradigm.
"Cybersecurity is still very reactive in the sense that how certain threats can be avoided tends to become a conversation after such threats have been made," Sengupta, the grant's principal investigator, said. "With this grant, we want to help organizations share their threat information in a privacy-preserving manner, and in turn, give every participant organization a proactive and unified security defense approach."
Sengupta and his fellow co-principal investigators hope that this project can fill the gap between attacks by creating a proactive cybersecurity information exchange. The group will use the shared data to build a cyberinfrastructure that can review the state of the threat landscape and help predict and prevent major cyber attacks across the participating organizations.
"Essentially, we're working on enhancing the thinking and sharing methods around cybersecurity," Sengupta said, "and then bringing this to organizations across the state and then across the nation."
The research starting line
Although the grant's funding began recently in January 2018, the group has identified the main factors that will go into the development of their cyber information-sharing program, including managing the affordability of a large-scale data environment and, most importantly to the research team, meeting the needs of security analysis while maintaining and protecting the privacy of the data.
"The challenge is developing a governance framework that includes both policies and procedures to protect the data," Sengupta said. "Our process has to be able to demonstrate that we're complying with regulatory and internal data governance requirements."
To respect the organizational constraints and trust boundaries, the project will use "blind processing" to safeguard the organizations' shared information within the computing paradigm. Gunes has built a prototype for sharing information among smart grid participants under his own NSF Nexus grant. This project will be able to deploy an operational blind processing system for trusted information exchange that protects sensitive information.
"The research is particularly unique as the sharing of threat information among the organizations will happen in a privacy-preserved manner," Sengupta said. "That means we have to investigate techniques to ensure that the organizations will not only share their information in a secure and authentic manner, but they will also be able to hide their own identities or privacy-sensitive information from human operators."
In order for the project to run as efficiently as it can, communication between entities that may compete with each other will be key, and blind processing allows for information to be exchanged with protection mechanisms against everyone, including system administrators.
"Our privacy-preserving process depends on blind processing which will process data in sandboxes and make the data anonymous when informing participant organizations," Sengupta said. "It's the main way we can ensure that we will be able to prevent anyone from gaining access to the sensitive data while providing a complete picture of the whole system in computations."
Approaching cybersecurity together
The outcome of this project has a broader impact on the development of a cybersecurity information-sharing platform with privacy preservation and a large governance structure. The project also has direct impact on undergraduate and graduate student education and training, and emphasizes the engineering development of minorities and women by providing a real-world platform for investigation and management of cyber threats.
{{RelatedLinks}}
"We envision that through this project, engineering students will be able to explore cutting edge research," Sengupta said. "They will be able to develop new tools and they will be the next generation of the cybersecurity-aware workforce."
This project is one of several that are part of the University's interdisciplinary Cybersecurity Center. The center provides cutting-edge applied research on cybersecurity, educational resources for the state, and partners with a wide range of public and private organizations.