FSL Sponsor Abstract: NYS

Networked information systems are playing increasingly essential roles in our infrastructures for critical services such as commerce, banking, telecommunication and national security. According to the CERT Coordination Center, a major national reporting center for Internet security incidents, Cyber security incidents have increased by over a factor of 100 in the past decade. Virtually all of the participants in the recent CSI/FBI Computer Crime Surveys report experiencing cyber attacks. A survey by Carnegie-Mellon University and Information Week found that 17% of small businesses were victims of cyber extortion. Despite this acceleration in volume and severity of cyber security threats, little progress has been made to address them in the fields of software development, deployment and management. As a result, systems continue to be vulnerable to a vast array of "hacker attacks" and subsequent loss or theft of enterprise-critical data.

This project is aimed at initiating development of a cyber security toolkit, tools and techniques that will (a) greatly increase the difficulty of mounting successful attacks on existing software systems, (b) significantly reduce the likelihood of loss of critical data or services due to successful attacks, and (c) develop a comprehensive monitoring framework that can provide assurances about the security posture of these systems, as well as provide a basis to evaluate conformance of these systems to various federal and state regulations concerning their operation. Through this project, a collaboration of industry and academia will be built in the Long Island region to continue the research and development program beyond the time-frame of this seed project, to bring these technologies to maturity and incorporate them into commercial products targeting safety- and security-critical systems. The nature and quality of the regional assets that have been identified for this project provide confidence that the region can become a leading national center for fail-safe systems.

The project will be led by Stony Brook University Prof. R. Sekar, Director, Center for Cyber Security and Computer Associates (John Kane, Divisional Senior Vice President).