SoS Lablet Quarterly Meeting - NCSU

SoS Lablet Quarterly Meeting - NCSU


Raleigh, NC -- January 29, 2015

Lablet Researchers meet at NC State to exchange and advance research and Ideas about Science of Security

The quarterly Science of Security Lablet meeting, sponsored by NSA, was hosted by the Lablet at the North Carolina State University on January 27 and 28, 2015. Quarterly meetings are held to share research, coordinate, present interim findings, and stimulate thought and discussion about the Science of Security. Laurie Williams, Principal Investigator at NC State, organized the series of talks and discussions about technical and behavioral aspects of cybersecurity.

Orv Stockland
Members of the Research Directorate at NSA, the program’s sponsor, began the talks. Orville Stockland, Special Assistant for Novel Research Partnership Strategies, Trusted Systems Research Group, greeted the assembled researchers and encouraged them both to share the results of their research throughout the community and to make their students aware of the many government resources available to them online. StephanieStephanie Yannacci, Science of Security Program Manager, provided an SoS program update and described the core elements of the Science of Security Program noting how the Lablets, the HOT SoS conference, the annual paper competition and the CPS-VO web page mesh to offer communication and information sharing among the members of the Science of Security community. StuartStuart Krohn, SoS Technical Director, described the progress the Lablets are making. He relayed a presentation given by Dan Geer at the National Science Foundation’s SaTC Principal Investigators’ meeting about Science of Security based on Thomas Kuhn’s work, “The Structure of Scientific Revolutions.” He noted that NIST, NSF, DHS and NSA all presented Science of Security briefings to the National Academy of Science, and that NSA's work reflected a stricter definition of foundational: Basic scientific tenets in the multi-disciplinary areas of security upon which we can base trust. Krohn explained the selection process for the annual best paper award and noted the SoS Virtual Organization now numbers more than 500 individuals and that sub-Lablet research partners have expanded the SoS community globally.

Pete Loscocco of NSA presented the keynote address, “Integrity Measurement: The Way Ahead, Knowing if your Systems have been Altered”. He outlined issues and solutions on the use of integrity measurement as a tool to achieve trusted computing. The broad goal, he stated, is to secure systems, but we are falling short of the ideal. Software cannot sufficiently protect systems from attack, and the question of remote trust remains unanswered. Integrity measurement can be useful in bridging the gap between traditional concepts—that is, if the design and implementation of a system are correct, it is “secure”—and the reality of network security. Loscoco described prototypes of Integrity Measurement currently in use and characterized it as a tool that augments existing systems and is useful for detecting trust issues. The large issue, he says, is that trust decisions require system integrity to preserve trust, and that evidence is required to test the trust attestations that are rooted in trustworthy mechanisms. Using load time and run time, the process effectively allows scalability to trust relationships anywhere on the network, can adapt to changing requirements and can project trust across domains using currently available technologies.

Lablet ResearcherIndividual researchers from each Lablet and their teams presented materials from their work addressing the five Hard Problems in cybersecurity. Lablet ResearcherCarnegie-Mellon’s Lablet presented current research on security risk perception in composable systems and on analyzing highly configurable systems. Preemptive intrusion detection and hypothesis testing for network security were the topics presented by the University of Illinois. Maryland contributed presentations on a trust-aware social recommender system design and on remote voting protocols. Host NC State presented an objective resiliency analysis of smart grid systems and a discussion of systematizing isolation techniques. In addition, 16 research posters were presented and NCSU presented their work on analysis of bibliometrics applied to Science of Security publications. Jeff Carver of the University of Alabama (working in cooperation with the NCSU lablet) presented an interactive exercise that presented a rubric for teams to determine if a specific research paper showed scientific value and rigor.
 

The next quarterly meeting will be held April 21 and 22, 2015 at the University of Illinois Urbana Champaign in conjunction with HOT SoS 2015.

(ID#:14-3364)


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.