Protect

Our computing systems are constantly under attack, by everyone from pranksters to agents of hostile nations. Many of those systems and networks make the task of the adversary easier by responding to attacks with useful information. This is because software and protocols have been written for decades to provide informative feedback for error detection and correction. It is precisely this behavior that enhances the chances of success by attackers, by allowing them to map networks and determine system flaws.

This project provides support for a National Academies Roundtable, the Forum on Cyber Resilience. The Forum will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with the resilience of computing and communications systems, including the Internet, critical infrastructure, and other societally important systems.

Autonomous systems (AS) are key building blocks of the Internet's routing infrastructure. Surveillance of AS may allow large-scale monitoring of Internet users. Those who aim to protect the privacy of their online communications may turn to anonymity systems like Tor, but Tor is not designed to protect against such AS-level adversaries. AS-level adversaries present unique challenges for the design of robust anonymity systems and present a very different threat model from the ones used to design and study systems like Tor.

Warning messages are one of the last lines of defense in computer security, and are fundamental to users' security interactions with technology. Unfortunately, research shows that users routinely ignore security warnings. A key contributor to this disregard is habituation, the diminishing of attention due to frequent exposure. However, previous research examining habituation has done so only indirectly, by observing the influence of habituation on security behavior, rather than measuring habituation itself.

The modernized electric grid, the Smart Grid, integrates two-way communication technologies across power generation, transmission and distribution, in order to deliver electricity efficiently, securely and cost-effectively. On the monitoring and control side, it employs real-time monitoring offered by a messaging-based advanced metering infrastructure (AMI), which ensures the grid?s stability and reliability, as well as the efficient implementation of demand response schemes to mitigate bursts demand.