- Jun 9, 2013
- 6,720
- Content source
- http://www.net-security.org/secworld.php?id=19243
How do cybersecurity experts discover how to properly defend a system or build a network that's secure?
As in other domains of science, this process involves hypothesis, experimentation, and analysis -- or at least it should. In reality, cybersecurity research can happen in an ad hoc fashion, often in crisis mode in the wake of an attack.
However, a set of researchers has imagined a different approach, one in which experts can test their theories and peers can review their work in realistic but contained environments -- not unlike the laboratories found in other fields of science.
"Our adversaries have an incredible environment for testing out attacks: the Internet, on which all our production systems operate," said Terry Benzel, deputy director for the Internet and Networked Systems Division at the Information Science Institute (ISI) of the University of Southern California. "They can sit and analyze our vulnerabilities for as long as they want, probe and poke and run experiments until they find the right way in. Our researchers and leading technology developers don't have anything like that."
This "asymmetry," as researchers call it, is part of the reason so many cyberattacks and breaches occur. It also served as motivation for the the National Science Foundation (NSF) moving in 2013 to fund a multi-year effort to determine how to best advance the field of experimental cybersecurity.
Led by cybersecurity researchers from SRI International and the Information Science Institute with decades of years of experience designing, building, and operating large cybersecurity testbeds, the effort involved more than 150 experts, representing 75 organizations. They participated in three workshops in 2014. The researchers released areport in July 201
Full article. Vision for a new generation of experimental cybersecurity research
As in other domains of science, this process involves hypothesis, experimentation, and analysis -- or at least it should. In reality, cybersecurity research can happen in an ad hoc fashion, often in crisis mode in the wake of an attack.
However, a set of researchers has imagined a different approach, one in which experts can test their theories and peers can review their work in realistic but contained environments -- not unlike the laboratories found in other fields of science.
"Our adversaries have an incredible environment for testing out attacks: the Internet, on which all our production systems operate," said Terry Benzel, deputy director for the Internet and Networked Systems Division at the Information Science Institute (ISI) of the University of Southern California. "They can sit and analyze our vulnerabilities for as long as they want, probe and poke and run experiments until they find the right way in. Our researchers and leading technology developers don't have anything like that."
This "asymmetry," as researchers call it, is part of the reason so many cyberattacks and breaches occur. It also served as motivation for the the National Science Foundation (NSF) moving in 2013 to fund a multi-year effort to determine how to best advance the field of experimental cybersecurity.
Led by cybersecurity researchers from SRI International and the Information Science Institute with decades of years of experience designing, building, and operating large cybersecurity testbeds, the effort involved more than 150 experts, representing 75 organizations. They participated in three workshops in 2014. The researchers released areport in July 201
Full article. Vision for a new generation of experimental cybersecurity research