Project Details
Description
Cyberinfrastructure plays a crucial role in the nation's critical infrastructures, driving advancements in science, engineering, education, and collaboration. However, cyberinfrastructure also becomes a perfect target for cyber attackers, due to its high-value data (e.g., nuclear test results) and massive computing resources (e.g., supercomputers). As shown by data, cyber attacks are happening to cyberinfrastructure more frequently, causing remarkable damage to the economy, environment, public health, and even national security. This project aims to transition recent cybersecurity advancements and techniques for enhancing cyberinfrastructure resilience under cyber threats. In particular, this project ensures that security updates, or patches, for software systems running on cyberinfrastructure are adopted in a timely, reliable, and safe way, which can help eliminate up to 85 percent of targeted attacks, according to US-CERT. The research outcomes advance the scientific study of software patching under challenging conditions such as limited monetary resources, insufficient admin expertise, and highly diverse environments. The research outcomes are also projected to deploy to large-scale cyberinfrastructure platforms, including Utah CHPC (a 5,600-user platform) and many similar platforms (e.g., PNNL, ORNL, and the Rutgers Office of Advanced Research Computing).Technically, this project develops three innovations to offer security updates desired by cyberinfrastructure. First, it adapts recent open-source frameworks to provide affordable patch management for cyberinfrastructure and explores research advancements in patch presence detection and automated exploit generation to detect unadopted patches and assess their urgency. Second, it introduces directed fuzz testing and regression fuzz testing as methods to evaluate patch quality for cyberinfrastructure and tailors differential program analysis to analyze the testing outcomes and measure the reliability of available patches. Third, it develops a system-wide dependency analysis to understand the components impacted by a target patch and informed by the analysis result, assembles a low-cost testbed on the fly to assess the safety of the patch to the entire system.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
Status | Active |
---|---|
Effective start/end date | 9/1/23 → 8/31/26 |
Funding
- National Science Foundation: $1,198,133.00
Fingerprint
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.