To protect against a new type of continuous computer hacking attack, known as advanced persistent threats, a research team led by Department Chair Radha Poovendran has received a five-year $7.5 million Department of Defense Multidisciplinary University Research Initiative (MURI) grant.
The highly competitive grant is one of 23 MURI awards, totaling more than $162 million, that support interdisciplinary research by teams of investigators in various science and engineering disciplines. The grants support research that has the potential to improve the nation’s security and expand military capabilities.
“Unlike conventional viruses, these threats exploit vulnerabilities and persist over a very long time and they’re very difficult to detect,” said principal investigator Radha Poovendran, chair of the UW Department of Electrical Engineering and Director of the Network Security Lab, which he founded in 2001. “Right now, there is no good understanding of the interactions in these complex cyberattacks, or how to mitigate them.”
The UW-led MURI team also includes co-investigator and electrical engineering associate professor Maryam Fazel and researchers from the University of California, Berkeley; the University of California, Santa Barbara; Georgia Tech and the University of Illinois. The award was granted through the Office of Naval Research. Initial research efforts were also funded by the National Science Foundation’s (NSF) Cyber-Physical Systems Program, administered by NSF Program Director David Corman.
The research team will develop a novel game theory framework to address the continuous computer hacking attacks, which are essentially a game played between the system and adversary, where each is constantly trying to outsmart the other. A unique trait of advanced persistent threats is that they consist of a variety of different attacks over time.
Economic game theory, which most modeling methods are grounded in, does not work well in this type of attack. To develop the new framework, the researchers will use a combination of statistical modeling, adaptive game theory, machine learning and control and systems theory. They plan to model the strategic interactions between the malware attacks and develop a methodology to determine which side is “gaining” or “losing” in the attack, which will enable the system to know when to activate a specific defense.