An interdisciplinary team consisting of researchers from the UW, the University of California, Berkeley, and others has won a five-year, $7.5 million Multidisciplinary University Research Initiative (MURI) grant from the Department of Defense to model and create defenses against stealthy, long-term system attacks called “advanced persistent threats” (APT).
The data that is compromised as a result of APTs can be of different types.
“When you talk about the cyber attacks, the attacks can be of the type that target data of your intellectual property if you are an individual, company, or government organization,” said Radha Poovendran, principal investigator, chair of the UW department of electrical engineering and director of the Network Security Lab. “There is an intent in these attacks to inflict damage.”
These threats look at a system for multiple vulnerabilities called “attack surfaces” that they can exploit.
“An intelligent adversary observes the system, learns the vulnerabilities, and then chooses one or more vulnerabilities to exploit and mount an attack,” Poovendran said. “Unlike worms and viruses, the goal of advanced persistent threats is not to expose to the world that your system has been attacked.”
Because of the need to understand multiple vulnerabilities, steps, and their requirements, the MURI grant requires teams to be interdisciplinary in nature and pursue opportunities that, according to its website, “intersect more than one traditional technical discipline.”
While Poovendran brings expertise in network security and information theory, the research also has need for mathematical rigor.
“My research is about mathematical optimization,” said Maryam Fazel, associate professor of electrical engineering, and adjunct associate professor of computer science and engineering, mathematics, and statistics at the UW. “It involves mathematical models that we create for physical situations like these problems that arise in security, and algorithms we design to find or approximate the solution to the optimization model.”
Experts from other universities around the country also contribute their knowledge on topics like dynamic games, where different players move at different points in times.
“My focus … will be on the formulation and strategic analysis of the dynamic game between cyber defense and the adversary actions, and decomposition of the higher level game into local games through a multi-scaling approach,” said Tamer Başar, Swanlund endowed chair and Center for Advanced Study professor at the University of Illinois at Urbana-Champaign in an email.
What the actual final system will look like is hard to ascertain, but its fundamentals are relatively certain.
“The way we are going to look at it will be at the algorithmic level and the outcomes will be algorithms and software,” Poovendran said. “Clearly, if we consider certain applications, we can also look at the hardware side of it.”
The team is also keen to emphasize the role of students in helping to conduct this research. Both Poovendran and Başar mention the presence of graduate and postdoctoral students as an essential part of the process.
“The best part of this program is that students from one lab or university visit the others and interact,” Poovendran said. “What comes out of these interactions are the kinds of problems and understanding of ideas that wouldn’t otherwise happen. This is a significantly different way of working because people come from very different areas, expertise, and domain knowledge and styles of working.”
Now that the grant is secured, the team will attend kickoff meetings with government officials and begin thinking about the problems at hand.
“Following the kickoff meeting, the team’s immediate plan is to concentrate on what we defined as thrust 1 of the project, which is analytical representation of APTs,” Başar said. “This entails research and development of an analytical middleware that provides a time-varying representation of the adversarial actions … to construct realistic models of the adversarial cyber interactions and defense strategies.”
Poovendran hopes this project will influence how security systems are built in the future.
“Right now when we look at an adversary and a defence method, we don’t have good mechanisms to develop what is and is not feasible in the security domain,” Poovendran said. “I am confident that this work will contribute towards our understanding of how to address advanced persistent threats.”
Reach reporter Arunabh Satpathy at firstname.lastname@example.org. Twitter: @sarunabh