Full Program »
Panel: Cyber Experimentation of the Future (CEF): Catalyzing a New Generation of Experimental Cybersecurity Research
Thursday, 10 December 2015
13:30 - 15:00
Sierra D
Chair: David Balenson, SRI International
Moderator: David Balenson, Computer Science Laboratory, SRI International
Panelists:
- Terry Benzel, Deputy Division Director, Internet and Networked Systems, USC Information Sciences Institute
- Trent Jaeger, Professor of Computer Science and Engineering and Co-Director of the SIIS Lab, Pennsylvania State University
- Lee Rossey, CTO, SimSpace
- Jinpeng Wei, Assistant Professor, School of Computing and Information Science, Florida International University
Abstract
The ever-increasing cyber threat landscape demands new forms of advanced research and development coupled with new revolutionary approaches to cybersecurity experimentation. The Cybersecurity Experimentation of the Future (CEF) report, released in July 2015, presents strategic plan and enabling roadmap intended to catalyze generational advances in the field of experimental cybersecurity research [1]. The overarching finding is that transformational progress in three distinct, yet synergistic, areas is required:
(1) Fundamental and broad intellectual advances in the field of experimental methodologies and techniques;
(2) New approaches to accelerate multi-discipline and cross-organizational knowledge generation and community building; and
(3) Advanced, accessible experimentation infrastructure capabilities.
The plan includes recommendations for immediate action to start the effort towards achieving the CEF vision. The CEF roadmap lays out capability-based development goals for the near-, mid-, and long-term. The roadmap will enable members of the community to work cooperatively toward realizing the needed capabilities, each focusing on parts of the roadmap that are most important to him or her. By cooperatively developing this community-wide research infrastructure, we will reduce redundant efforts, enabling us to redirect resources into solving hard cybersecurity challenges more rapidly.
This panel will discuss the role of experimental science and its corresponding needs for research infrastructure. We will provide an overview of the CEF vision and the top recommendations for achieving its vision. More importantly, we will hear from key members of the community, including researchers and developers currently building cybersecurity research infrastructure, and cybersecurity researchers, who will share their perspectives and views on the CEF vision and roadmap, and how they envision their role as early supporters, adopters, and contributors to CEF as it evolves.
[1] D. Balenson, L. Tinnel, and T. Benzel, Cybersecurity Experimentation of the Future (CEF): Catalyzing a New Generation of Experimental Cybersecurity Research, July 31, 2015, http://www.cyberexperimentation.org/.
Chair/Moderator:
David Balenson is a Senior Computer Scientist in the Computer Science Laboratory at non-profit research institute SRI International. He provides technical and project management support for the U.S. Department of Homeland Security Science and Technology Directorate (DHS S&T) Cyber Security R&D Program. Balenson is Co-PI for the NSF-funded Cybersecurity Experimentation of the Future (CEF) project, a community-based effort to study current and expected cybersecurity experimentation infrastructure, and to produce a strategic plan and roadmap for developing infrastructure that supports tomorrow’s research.
Panelists:
Terry V. Benzel is Deputy Director for the Computer Networks Division at the Information Sciences Institute (ISI) of the University of Southern California (USC). She participates in business development, technology transfer and special projects with industrial and academic partners. She is the technical project lead for the Cyber Defense Technology Experimental Research (DETER) testbed projects funded by DHS, NSF and DARPA. The projects are developing an experimental infrastructure network and scientifically rigorous testing frameworks and methodologies to support the development and demonstration of next-generation information security technologies for cyber defense. Terry is also the USC-ISI PI for the CEF study.
Trent Jaeger is a Professor in the Computer Science and Engineering Department at The Pennsylvania State University (PSU) and the Co-Director of the Systems and Internet Infrastructure Security (SIIS) Lab. His research area is computer security, specifically systems security, program analysis for security, virtualization, trusted computing, and access control. Trent is also a member of the Army Research Laboratory (ARL) Cyber Security Research Alliance (CSRA) led by PSU.
Lee Rossey is the Chief Technology Officer and Co-founder of SimSpace, an early stage cyber security software company offering state-of-the art network emulation and modeling tools for realistic cyber training, assessment, and hardening. Lee was previously a Group Leader for the Cyber System Assessments Group at MIT Lincoln Laboratory (MIT-LL) where he and the team developed tools and processes for conducting independent assessments of cyber systems and capabilities for the U.S. Government.
Jinpeng Wei is an assistant professor at the School of Computing and Information Sciences, and the director of the Systems Security Lab at Florida International University. His research interests include secure computer systems, including stealthy malware detection and defense, botnet C&C covert channels, high assurance of systems software, information flow security in distributed systems (e.g., web service composition), security in cloud computing, and software vulnerability modeling, detection, risk-assessment, and prevention. Jinpeng is presenting the paper, MOSE: Live Migration Based On-the-Fly Software Emulation, at the conference.
Panel Topic and Key Questions:
The role of experimental science and its corresponding future needs for advances in methodologies and techniques, new approaches to community collaboration, and advanced infrastructure for applied cybersecurity research.
- Briefly describe your research and work in the area of cybersecurity and cybersecurity experimentation.
- What is your perspective on the role of experimental science and research infrastructure in the cybersecurity space?
- What experimental infrastructure have you developed and/or do you leverage as part of your cybersecurity research?
- What are the key experimentation tools and methodologies needed to support future research?
- How can the research community best collaborate to generate and share experimental infrastructure, tools, and/or results?
- What do you see as your role as an early supporter, adopter, or contributor to advanced, accessible experimentation infrastructure?