 |
|
|
Award Abstract #0433668
Collaborative Research: Cybertrust Center for Internet Epidemiology and Defenses
| NSF Org: |
CNS
Division of Computer and Network Systems
|
|
|
| Initial Amendment Date: |
September 21, 2004 |
|
| Latest Amendment Date: |
September 7, 2007 |
|
| Award Number: |
0433668 |
|
| Award Instrument: |
Continuing grant |
|
| Program Manager: |
Karl N. Levitt
CNS Division of Computer and Network Systems
CSE Directorate for Computer & Information Science & Engineering
|
|
| Start Date: |
October 1, 2004 |
|
| Expires: |
September 30, 2010 (Estimated) |
|
| Awarded Amount to Date: |
$3100000 |
|
| Investigator(s): |
Stefan Savage savage@cs.ucsd.edu (Principal Investigator)
George Varghese (Co-Principal Investigator)
Geoffrey Voelker (Co-Principal Investigator)
|
|
| Sponsor: |
University of California-San Diego
Office of Contract & Grant Admin
La Jolla, CA 92093 858/534-0246
|
|
| NSF Program(s): |
UNDISTRIBUTED PANEL/IPA FUNDS,
CYBER TRUST,
INFORMATION TECHNOLOGY RESEARC
|
|
| Field Application(s): |
0000912 Computer Science
|
|
| Program Reference Code(s): |
HPCC,9218,7371,7254
|
|
| Program Element Code(s): |
9199,7371,1640
|
ABSTRACT
Collaborative Research: Cybertrust Center for Internet Epidemiology and Defenses
Stefan Savage, University of California - San Diego
Vern Paxson, International Computer Science Institute
Award 0433668
Abstract
The combination of widespread software homogeneity and the Internet's unrestricted communication model creates an ideal climate for infectious, self-propagating pathogens - "worms" and "viruses" - with each new generation of outbreaks demonstrating increasing speed, virulence, and sophistication. The Center for Internet Epidemiology and Defenses aims to address twin fundamental needs: to better understand the behavior and limitations of Internet epidemics, and to develop systems that can automatically defend against new outbreaks in real-time.
Understanding the scope and emergent behavior of Internet-scale worms seen in the wild constitutes a new science termed "Internet epidemiology". To gain visibility into pathogens propagating across the global Internet, the Center is pursuing the construction and operation of a distributed "network telescope" of unprecedented scale. The telescope in turn feeds a "honeyfarm" collection of vulnerable "honeypot" servers whose infection serves to indicate the presence of an Internet-scale worm.
To then fight worms once detected, the Center works on developing mechanisms for deriving "signatures" of a worm's activity and disseminating these to worm suppression devices deployed throughout the global network.
Finally, the Center strives to ground its research in the potentially thorny, but highly relevant, "real-world" issues of informing the development of legal frameworks in terms of the appropriate use of anti-worm technologies and their applications for providing forensic evidence; and enabling the development of actuarial models for quantifying exposure to aggregate risk and liability from Internet epidemics, critical for supporting the emerging cyber-insurance industry.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Next
(Showing: 1 - 20 of 34).
Abhishek Kumar, Vern Paxson and Nicholas Weaver.
"Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event,"
ACM Internet Measurement Conference,
v.October,
2005,
p. 351.
Alper Mizrak, Stefan Savage and Keith Marzullo.
"Detecting Malicious Packet Losses,"
IEEE Transactions on Parallel and Distributed Systems,
2008,
Alper Mizrak, Stefan Savage and Keith Marzullo.
"Detecting Compromised Routers via Packet Forwarding Behavior,"
IEEE Network,
v.22(2),
2008,
Alper T. Mizrak, Yu-Chung Cheng, Keith Marzullo and Stefan Savage.
"Fatih: Detecting and Isolating Malicious Routers,"
International Conference on Dependable Systems and Networks (DSN 2005),
v.June,
2005,
p. 0.
Benjamin Laxton, Kai Wang, and Stefan Savage.
"Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding,"
Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2008,
Charles Reis, Steven D. Gribble, Tadayoshi Kohno, and Nicholas Weaver.
"Detecting In-Flight Page Changes with Web Tripwires,"
NSDI,
2008,
Chris Fleizach, Michael Lilijenstam, Per Johansson, Geoffrey M. Voelker, and Andras Mehes.
"Can You Infect Me Now? Malware Propagation in Mobile Phone Networks,"
Proceedings of the ACM Workshop on Recurring Malcode (WORM),
2007,
Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage.
"Spamalytics: An Empirical Analysis of Spam Marketing Conversion,"
Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2008,
Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, and Stefan Savage.
"The Heisenbot Uncertainty Problem: Challenges in Separating Bots from Chaff,"
Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET),
2008,
Christian Kreibich, Chris Kanich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, and Stefan Savage.
"On the Spam Campaign Trail,"
Proceedings of the USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET),
2008,
David Moore, Colleen Shannon, Doug Brown, Geoffrey M. Voelker and Stefan Savage.
"Inferring Internet Denial-of-Service Activity,"
ACM Transactions on Computer Systems,
v.24(2),
2006,
p. 115.
Erik Buchanan, Ryan Roemer, Hovav Schacham, and Stefan Savage.
"When Good Instructions Go Bad: Generalizing Return-oriented Programming to the SPARC,"
Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2008,
Erin E. Kenneally.
"Confluence of Digital Evidence and the Law: On the Forensic Soundness of Live-Remote Digital Evidence Collection,"
UCLA Journal of Law & Technology,
2005,
Erin E. Kenneally and Andrea Monti.
"Case Study: A Failure Wrapped in Success' Clothing- On the Need for Sound Forensics in Handling Digital Evidence Cases,"
Digital Investigation, Elsevier Ltd.,
2005,
Flavio Junqueira, Ranjita Bhagwan, Alejandro Hevia, Keith Marzullo and Geoffrey M. Voelker.
"Surviving Internet Catastrophes,"
Proceedings of the USENIX Annual Technical Conference,
v.April,
2005,
p. 0.
H. Dreger, A. Feldmann, M. Mai, V. Paxson and R. Sommer.
"Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection,"
Proceedings of USENIX Security Symposium,
v.August,
2006,
p. 0.
Jaeyeon Jung, Rodolfo A. Milito and Vern Paxson,.
"On the Adaptive Real-Time Detection of Fast-Propagating Network Worms,,"
Proc. Fourth GI International Conference on Detection of Intrusions & Malware and Vulnerability Assessment (DIMVA),
2007,
Justin Ma, Geoffrey M. Voelker, and Stefan Savage.
"Self-Stopping Worms,"
Proceedings of the ACM Workshop on Rapid Malcode (WORM),
v.Nov,
2005,
p. 0.
k. claffy, M. Crovella, T. Friedman, C. Shannon, and N. Spring.
"Community-Oriented Network Measurement Infrastructure (CONMI) Workshop Report,"
ACM SIGCOMM Computer Communications Review (CCR),
v.36,
2006,
p. 41.
Kirill Levchenko, Ramamohan Paturi, and George Varghese..
"On the Difficulty of Scalably Detecting Network Attacks,"
Proceedings of the ACM Conference on Computer and Communications Security,
v.October,
2004,
p. 12.
Next
(Showing: 1 - 20 of 34).
Please report errors in award information by writing to: awardsearch@nsf.gov.
|
|
|
