Proposal# 0844144 Raheem A. Beyah Georgia State University
Award Abstract Day by day, threats to the cyber infrastructure are becoming more complex and, in response, so too are defense mechanisms. One approach to securing nodes is to place a defense mechanism (e.g., intrusion detection system) on the node. This brings many challenges, with the most significant being that potential vulnerabilities in the defense mechanism can provide an additional avenue through which the host can be compromised. To address these challenges, this research investigates completely decoupling the defense mechanisms from the host, while continuing to provide insight about malicious activity as if the defense mechanisms resided on the host. This requires the development of new algorithms and the application of various techniques (e.g., statistical, machine learning, signal processing) to extract from a node?s network traffic characteristics that enable the inference of the state of its hardware components. Over the course of this project, a combination of experimentation and simulation will lead to the development of empirical and analytic models. The models will be used to develop network-based defense systems that provide capabilities similar to those provided by mechanisms traditionally considered host-based. This work leverages the concept of information leakage to bridge the computer architecture, computer networking, and network security fields. This project also seeks to broaden participation of groups traditionally underrepresented in the areas of science, technology, engineering, and mathematics (STEM). Accordingly, through a summer academy, the PI is actively engaging underrepresented middle school students by using current technology to convey abstract computer architecture and computer networking concepts.