Network Security Research

Cybersecurity is a major concern for mission-critical information networks. Since 2000, ASG and the Complex Problems Group (CPG) have been funded in multiple grants from the Defense Advanced Research Projects Agency (DARPA) to protect and improve the survivability of these networks. DARPA has also awarded the group one of only nineteen postdoctoral fellowships among twelve universities nationwide.

Project research and development has included two important parts. The first part involves advanced research to discover new methods to monitor networks and to detect intrusions. The second part has established a highly available network for mission-critical computer systems across the United States.

Monitoring Information Networks to Detect Intrusions

The first part of the project has developed a new approach to monitor networks and to detect hostile intrusions. To study information flow, researchers have applied advanced methods from mathematical physics (complexity theory, fast Fourier transforms, and wavelet analysis) to study complex systems. Findings offer a basis to build software that detects intrusions in the earliest stages of a cyber-attack.

Employing theoretical physics and mathematical methods to analyze network behavior, researchers have recently discovered a unique method to describe information flows. By identifying characteristics to distinguish normal traffic from aberrant behavior, the project introduces analysis, reporting, and predictive techniques to identify real-time threats to local and wide area networks.

The research sets a framework to develop new software that will detect a network intrusion during the reconnaissance stage, before it becomes a full attack. Such new software can greatly improve network security and critical network survivability.

High Availability Information Network

To engineer a high availability network, the project has established three robust servers in the Eastern, Western, and Pacific regions of the United States. The computers use a complex network hierarchy to improve functional reliability of a robust emergency information system, such as the IRIS emergency management system. The goal of the high availability network is to prevent loss of service caused by the incapacitation of any one site, as happened at the World Trade Center disaster.

The network achieves high reliability by replicating data and programs for IRIS to three dispersed computers at computing centers at the University of South Carolina, the University of Utah, and Maui, Hawaii.

The project uses the network to replicate the full IRIS database for emergency management in South Carolina, allowing the system to fail over to any of the three alternate server sites within minutes.

Applications to the Real World

The CPG Defense project, through both parts, contributes great benefits to improve cybersecurity for critical information networks. The high availability information network protects critical data by using replication to establish a reliable network. The project thus improves survivability of a critical emergency information system through a wide area network across the United States.

The advanced physics research in the second part offers to support software development to detect real-time network intrusion in the reconnaissance stage of a cyber-attack. Such development can greatly impact the security of local and wide area networks for commercial and government information networks.

Learn more from the Network Metrics Project web site, the Exasphere web site, the Complex Problems Group web site and the ASG brochure on Protecting Critical Information Networks.

Critical Applications for the Real World

• Provide Robust Fail-over for Emergency Information Management
• Establish Reliable Networks
• Detect Network Intrusion in Real Time
• Improve Security and Survivability
  

• Home
• About ASG
  • Dr. Joseph E. Johnson
• Threat Information Management Engine
  • IRIS Modules for Emergency Management
  • State Emergency Mobilization System
  • Industrial Impact Evaluation System
  • Network Security Research
  • Counterterrorism Course
  • SEACOOS
  • Caro-COOPS
  • IVIS
  • Jail and Prison Information Network
• Criminal Justice Applications
  • Central Court Docket Database
  • Court and Warrant Information Network
  • Domestic Violence Information System
  • Ethics Database and Document Management System
  • Incident Reporting Systems for Law Enforcement (NIBRS)
  • Internet Victim Information System (IVIS)
  • Internet Voice-Accessible Database (IVAD)
  • Jail and Prison Information Network
  • Prosecution Case Management System
  • SCI-CRIS, an Integrated System for South Carolina
  • VOICE, a Justice Information Suite for Colorado
• Advanced Scientific Applications
  • Astronomy Self-Paced Course System
  • Biostratigraphy Portal
  • Caro-COOPS
  • COBRE-CCCR Resources
  • Network Metrics
  • Omega 0
  • QRECT
  • SATURN Grant Administration System
  • SEACOOS
  • WebEval
• Contact Us
• Technical Presentations
• News