The project has secured five-year funding for the core and enhanced program, which totals $23.2 million. An additional $25 million will come in an optional five-year extension – a potential total of $48.2 million over the 10-year collaboration. The research alliance includes Carnegie Mellon University, Penn State University, the University of California at Davis, the University of California at Riverside and Indiana University, as well as Army Research Lab scientists.
The “new science” will enable future computing systems to take actions in response to attacks without human intervention in both civilian and military areas. In a civil example, a server observing unusual network traffic from an unknown entity might determine it was under attack and filter that traffic. Many of the required actions will need human interaction, but many do not, the alliance postulates.
“One of the salient aspects of our proposed research is in the realization that humans are integral to maintaining cybersecurity and to breaches of security,” said Carnegie Mellon lead investigator Lorrie Cranor, associate professor of computer science and engineering and public policy at the university and director of the CyLab Usable Privacy and Security Laboratory, in a statement. “Their behavior and cognitive and psychological biases have to be integrated as much as any other component of the system that one is trying to secure.” Cranor added that the CMU researchers will work in all of the areas, but will focus especially on psychosocial activities.
The group has identified three interrelated aspects of cybersecurity to explore and a cross-cutting psychosocial perspective that takes into account the human element of the network. The alliance will focus on detecting adversaries and attacks in the cyberspace; measuring and managing risk; and agility, or altering the environment to achieve best results at the least cost. A fourth area, developing models of human behaviors and capabilities that enable understanding and predicting motivations and actions of users, defenders and attackers, will be integrated into the first three areas.
For its part, the Army Research Laboratory is looking to explore the basic foundations of cyber science issues in the context of Army networks.
"Such a science will eventually lead to network defense strategies and empirically validated tools. Substantial interactions and staff rotations between domain experts and scientists across the consortium and ARL will be vital to enable the joint research that will ensure the success of the program," said Ananthram Swami, who was recently announced as the collaborative alliance manager at ARL.
In a military sense, in risk, the project seeks to develop theories and models for dynamic risk assessment and explores risk-related fundamental properties of dynamic cyber threats, Army networks and defensive mechanisms. Detection research should shape cyber-threat detection and recognition capabilities that inform approaches to rapid adaptation of a detection technique or algorithm as new cyber threats emerge on the battlefield. And finally, the agility research supports planning and control of cyber maneuvers, which are ways to rapidly adjust networks and defenses in order to defeat or mitigate cyber threats and effects.
"We generally enter into these kinds of alliances with complex problems in mind," said John Pellegrino, director of the ARL directorate. "The fundamental science of cybersecurity is a long-standing challenge that will take a long time to solve."