Research in network security to date focuses largely on defenses---mechanisms that impede the activities of an adversary. Practical security, however, requires a balance between defense and deterrence. While defenses may block current attacks, without a meaningful risk of being caught adversaries are free to continue their attacks with impunity. Deterrence is usually predicated on effective means of attribution---tying an individual to an action. In the physical world attribution is achieved through forensic evidence, but constructing such evidence is uniquely challenging on the Internet.
This project is developing a novel architectural primitive---private attribution, based on group signatures--that allows any network element to verify that a packet was sent by a member of a given group. Importantly, however, actually attributing the packet to a particular group member requires the participation of a set of trusted authorities, thereby ensuring the privacy of individual senders. In addition, this work explores content-based inverse firewalls that can inspect the content of traffic leaving a secured network, ensuring that sensitive information is kept within an enterprise. Approved data can then be labeled by the inspecting firewall, providing an audit trail should concerns arise.
Broader Impacts: This research is developing a key architectural component to improve the level of security and assurance available to network services. In addition, the PIs are initiating a dialogue among both researchers and network operators about critical policy aspects of network security. In particular, information about the sources of both normal and attack traffic that must be safeguarded according to some policy.
