Cybersecurity Performance Analysis Capability (CSPAC)
Defending the Navy and DoD information infrastructure is a daunting task for which there are no current tools to provide a 100% solution. Typically, multiple tools are deployed from various vendors for which there are no validated performance data either individually or collectively. Further complicating the picture is the fact that no capabilities exist to effectively measure the performance of a tool or tools used to secure a digital infrastructure. Knowing the limitation of tools helps DoD security professionals select the best tool and researchers/developers evaluate emerging concepts and prototypes. Realistically, the quality of our information infrastructure defense is not well understood, leaving us very vulnerable.

This year, research will leverage the CSPAC testbed infrastructure developed with Year Three NCASSR support to develop a methodology and application that provides decision support for the optimization of cybersecurity resource allocation. Use of this tool will allow the management of cybersecurity systems to more effectively identify and mitigate deficiencies and plan for future needs.

CSPAC offers capabilities to conduct performance testing of security tools through Internet traffic simulation using actual exploits. The concept allows for side-by-side comparison of the performance of selected tools for testing using dynamically generated real-time internet traffic with super imposed exploits. CSPAC functionality includes the following:
  • Measurement of collective performance of cyber/digital security tools

  • Measurement performance of multiple tools comparatively

  • Delivery of both planned and random test data to tools under evaluation

  • Use of multiple actual exploits

  • Configurability by user

  • Ability to test existing security visualization tools (test example)
CSPAC offers a modular design including an Internet Traffic Generation module, an Attack Tool module, a configuration module, and a performance analysis module.

Phase 2 of this project will expand the testing process beyond security component testing and evaluation to include system testing, including the effects of operator skill levels, security policy effects, and component interaction effects. These changes will allow improved methods for the identification of security deficiencies and the allocation of limited resources for mitigation of risks.

The outcome of this research will be an automated security report generator that will identify optimal security resource deployment.
 
Project Leads
Wayne Meitzler, PNNL
Steve Ouderkirk, PNNL

Return to Projects list


The National Center for Advanced Secure Systems Research NCASSR) at the University of Illinois at Urbana-Champaign (UIUC) is a multi-institutional cybersecurity research team. NCASSR focuses basic and applied research necessary to develop next generation information security technologies that address national cybersecurity needs. NCASSR is led by the National Center for Supercomputing Applications (NCSA) and supported by funding from the Office of Naval Research (ONR).


SELS 0.7 released
Secure Email List Services (SELS) is an open source software for creating and developing secure email list services among user communities.
 
Strong community engagement strengthens cybersecurity research and development
NCASSR-supported exploratory research at NCSA and elsewhere has sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.
 
NCASSR Collaborator Goes To Washington
Carl Gunter, a professor in the University of Illinois Department of Computer Science and a project lead on NCASSR-supported work involving adaptive, secure messaging, recently spoke to an audience of congressional staffers and lobbyists on Capitol Hill regarding ways to address a variety of critical cybersecurity issues in areas such as healthcare and energy distribution.