By Calvin Biesecker

In an effort to get in front of emerging and future cyber threats, Northrop Grumman [NOC] has partnered with three universities to create the Northrop Grumman Cybersecurity Research Consortium (NGCRC) and has funded long-term research projects at each institution.

"Research spans many areas of cyber security that may be defined as protection of information and information systems on networks, hardware and software security, privacy, simulation of computer attacks and defenses, and the protection of critical infrastructure," Robert Brammer, chief technology officer at Northrop Grumman’s Information Systems sector, told reporters yesterday at a briefing to announce the NGCRC.

The initial partnerships have a five-year term and include 10 research projects spread among the three schools, which are Carnegie Mellon Univ., Massachusetts Institute of Technology, and Purdue Univ. Brammer said that Northrop Grumman will be spending "millions of dollars" annually on the NGCRC, including the funding of research projects.

Much of the work into computer and network security over the years has been reactive and usually academic institutions have had to compete for limited funding rather than work together, said Eugene Spafford, a professor at Purdue and the founder and executive director of the school’s Center for Education and Research in Information Assurance and Security (CERIAS).

"This is a really unique opportunity for the community, I think, for all of us to work together," Spafford said at the briefing. "We have some wonderful resources and people to do this. This is a case where we’re looking ahead to the future for a change rather than being reactive. We’re actually looking at problems we know are going to come but we’re not facing them quite yet and it gives us an opportunity to get ahead and we’re hoping that maybe this will serve as an example for other organizations to step forward and start taking the threat a little more seriously."

Each of the schools has a leading cyber security research lab consisting of faculty, students and other partners. CMU’s CyLab will lead three research projects for the consortium. These are: Detection Mechanisms for Integrity Attacks on Sensing & Control Software Systems; Minimizing the Attack Window for Exploitable Bugs; and Real-Time Execution Trace Recording & Analysis.

MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) will also host three projects. One deals with information flow and logging. The second deals with dependable software analysis. The third is on novel computer architecture, focusing on developing a new style of computer that has less vulnerability, Howard Strobe, principal research scientist at CSAIL, said.

Purdue’s CERIAS Center is leading four projects for the consortium. They are: Fast Forensics, which is focused on improving the speed and fidelity of forensics in the field on devices such as cell phones and PDAs; Watermarking and Provenance of Data Streams for Attribution, which is aimed at devising indications in data to record source, confidence, and other information; Partitioning Network Experiments for the Cyber-Range, which involves decomposing Internet-scale models to accurately perform constrained experiments; and Context-Based, Adaptable Defense Against Collaborative Attacks in Service Oriented Architecture, which involves the detection and defense against attacks in cloud-like computing distributed systems.

In addition to sponsoring the research projects, Northrop Grumman will also provide graduate student fellowships.

Northrop Grumman’s Brammer said that the NGCRC will help "grow" the nation’s cyber security professionals. The center will create leap ahead technologies that can be implemented on a large scale, he said. For Northrop Grumman, the partnerships will give the company a competitive advantage in the federal, defense and international markets the company serves, he added.

Northrop Grumman’s new consortium builds on other efforts the company has taken this year to expand its capabilities in cyber security. In July, the company opened its own Cybersecurity Operations Center to protect its own networks and data, and to provide it with lessons it can share with its customers (Defense Daily, July 30).