CyberSecurity Performance Analysis Capability (CSPAC)
Defending the Navy and DoD information infrastructure is a daunting task for which there are currently no tools to provide a 100% solution. Typically, multiple security tools are deployed from various vendors for which performance data is validated neither individually nor collectively. Further complicating the picture is the fact that no capabilities exist to effectively measure the performance of a tool or tools used to secure a digital infrastructure. This situation is compounded by increasing volumes of regulations and directives specific to securing the information infrastructure for both support and combat systems. Knowing the limitation of the security tools and how well they fulfill security requirements helps DoD security professionals select the best tool and helps researchers/developers evaluate emerging concepts and prototypes. Realistically, the quality of our information infrastructure defense is not well understood, leaving the DoD information infrastructure vulnerable.

The CyberSecurity Performance Analysis Capability (CSPAC) offers capabilities to conduct performance testing of security tools through Internet traffic simulation using actual exploits. The concept allows for side-by-side comparison of the performance of selected tools for testing using dynamically generated real-time internet traffic with super imposed exploits. A summary of functionality offered by CSPAC follows:
• Measures collective performance of cyber/digital security tools
• Measures performance of multiple tools comparatively
• Can deliver both planned or random test data to tools being evaluated
• Uses multiple actual exploits
• User configurable
• Test existing security visualization tools (test example)
CSPAC offers a modular design including an Internet Traffic Generation module, an Attack Tool module, a configuration module, and a performance analysis module.
 
Project Leads
Wayne Meitzler, PNNL
Steve Ouderkirk, PNNL
 
Project Contributors
Richard Griswold, PNNL
William Yurcik, NCSA

Return to Projects list


The National Center for Advanced Secure Systems Research NCASSR) at the University of Illinois at Urbana-Champaign (UIUC) is a multi-institutional cybersecurity research team. NCASSR focuses basic and applied research necessary to develop next generation information security technologies that address national cybersecurity needs. NCASSR is led by the National Center for Supercomputing Applications (NCSA) and supported by funding from the Office of Naval Research (ONR).


SELS 0.7 released
Secure Email List Services (SELS) is an open source software for creating and developing secure email list services among user communities.
 
Strong community engagement strengthens cybersecurity research and development
NCASSR-supported exploratory research at NCSA and elsewhere has sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.
 
NCASSR Collaborator Goes To Washington
Carl Gunter, a professor in the University of Illinois Department of Computer Science and a project lead on NCASSR-supported work involving adaptive, secure messaging, recently spoke to an audience of congressional staffers and lobbyists on Capitol Hill regarding ways to address a variety of critical cybersecurity issues in areas such as healthcare and energy distribution.