Overview
Develop methodologies and tools that enable security assessment of systems too large to be evaluated in a lab or testbed.
Cyber-Plexus System Protection
The Cyber-Plexus System Protection thrust focuses on technologies to secure the digital community’s interconnected infrastructure, specifically prioritizing AI-driven defense and the establishment of AI-resilient systems. This work builds upon prior research involving anomaly detection in power systems. Current efforts balance the development of advanced AI models for sophisticated attack detection and protection with the engineering of hardware systems designed to make these solutions deployable and practical in real-world scenarios. While AI-based solutions offer high detection accuracy, the research simultaneously addresses critical implementation challenges, alongside primary initiatives focused on predictive hardening and AI models designed for complex, evolving threat vectors. To mitigate scalability constraints, the thrust proposes a unified high-performance system designed for low false-alarm rates and rapid response times within high-performance computing environments.
The Challenge
Digital communities integrate diverse platforms (HVAC systems, smart grids, and autonomous vehicles) into a shared infrastructure. Establishing trust across these platforms is complicated by inconsistent security requirements and complex cross-platform topologies. Key challenges include:
- Sophisticated Threat Landscape: Traditional defenses struggle against stealthy APTs and Zero-Day vulnerabilities that have no known signatures.
- Absence of Unified Trust: Independent platforms lack inherent trust relationships, making cross-platform coordination vulnerable to identity spoofing.
- Heterogeneous & Dynamic Environments: The network must support both high-performance nodes and resource-constrained devices that frequently join or leave, rendering traditional certificate management inefficient.
- Performance Constraints: Security must not compromise responsiveness; detection mechanisms must meet strict real-time latency requirements to protect critical urban services.
The Solution
The Cyber-Plexus System Protection thrust
implements a multi-layered security architecture that balances high-accuracy AI-driven solutions with hardware-speed verification and implementation:
- iPROTECT (AI-Based Protection): An AI framework designed to detect and protect against advanced threats, including Zero-Day and supply-chain attacks. It has demonstrated over 98.0% detection accuracy in fine-grained detection across diverse DDoS attacks.
- Hardware-Accelerated Protection (SecureMPV): A provenance-aware verification system implemented on programmable hardware and DPUs. It achieves microsecond-level latency (~2.9 µs in switch environments and ~40 µs on DPUs), enabling the real-time detection of policy violations and tampering.
- Privacy-Preserving Computation (MPC): A novel hardware-software co-design for Multi-Party Computation that achieves a 6.8× speedup over conventional GPU-based solutions, allowing secure collaboration across different administrative domains.
- Distributed Trust Framework: A permissioned distributed architecture utilizing blockchain principles and digital signatures to facilitate secure device authentication and establish trust among verified participants.
Next Steps
Ongoing research focuses on the development of AI frameworks specifically tailored for the detection of and protection against sophisticated supply-chain and APT attacks. Efforts are also directed toward creating synthetic adversarial environments to enable the robust training, stress-testing, and validation of detection solutions against evolving and stealthy threat models. Furthermore, predictive hardening techniques that leverage these AI insights to proactively reconfigure system defenses and mitigate potential vulnerabilities before an exploit can occur are being explored.
