The University of Arizona
Map Home
Adjust height of sidebar


CICI: SSC: Proactive Cyber Threat Intelligence and Comprehensive Network Monitoring for Scientific Cyberinfrastructure: The AZSecure Framework

Sponsored by National Science Foundation

$998K Funding
4 People

Related Topics


The rapid growth of computing technologies in scientific instruments has increased the rate of discovery. Some recent examples include the discovery of new fundamental particles and the first-ever images of a black hole. Unfortunately, the same technologies contributing to these high-impact discoveries are also being targeted by hackers to steal ideas or for profit. These attacks threaten the privacy, integrity, and ability to access valuable scientific data and events. The risks to scientific facilities and how they can be attacked have still not been properly mapped. This project will use novel Artificial Intelligence to (1) study hackers in the international and ever-evolving Dark Web and identify and categorize hundreds of thousands of risks and (2) link those risks to possible attacks on two large-scale science community facilities. One of them is a facility funded by the National Science Foundation offering advanced computing resources for Life Sciences. The other uses a network of sensors around the globe to collect detailed and timely data for Earth Sciences. Studying these valuable targets enables investigation of current and emerging threats that present risk to scientific discovery. Led by the Hispanic Serving Institution (HSI) University of Arizona (UA), this project designs an innovative, holistic, and proactive Cyber Threat Intelligence (CTI) framework with two synergistic research streams. The first builds upon advanced topic modelling and text classification approaches from our NSF Secure and Trustworthy Cyberspace (SaTC) research to systematically collect and explore multi-million record Dark Web hacker forums for scientific cyberinfrastructure exploits. The second designs novel banner data feature extraction, text analytics, and custom vulnerability scanning integrating state-of-the-art tools to comprehensively categorize and assess the vulnerabilities within CyVerse?s (life sciences) and LEO?s (earth sciences) diverse instruments, data, hardware, and software. Exploit and vulnerability assessment results are linked via a novel deep learning-based Exploit Vulnerability Deep Structured Semantic Model (EV-DSSM) based on word embedding. UA?s National Security Agency-designated Center of Academic Excellence in Cyber Defense, Research, and Operations, NSF Scholarship-for-Service (SFS) Cyber-Corps, and Master?s in Cybersecurity programs position the project for synergy with teaching and research. Techniques developed in this project will advance knowledge not only CTI, but network analysis, deep learning, and text analytics across multiple disciplines. Findings from this research will be disseminated to 75+ SFS partner institutions and operational intelligence for the larger scientific community (e.g., NSF Cybersecurity Summits of Large Facilities and Cyberinfrastructure). This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.