Academics get NSF grant for Net security centers

National Science Foundation grants $12.6 million to university scientists to study worms, viruses and the Net's ecology.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
Robert Lemos
2 min read
The National Science Foundation announced Tuesday that it has granted more than $12 million to academic researchers for the creation of two centers to investigate infectious code and study the Internet's ecology.

The funds set aside for the centers are part of the NSF's Cyber Trust program, through which the foundation has granted a total of $30 million to 33 projects focused on researching ways to provide better information security.

The Center for Internet Epidemiology and Defenses, or the CIED, will work to understand how digital diseases such as worms and viruses spread across the Internet, and how epidemics can be defeated. The Security Through Interaction Modeling, STIM, Center will draw parallels with nature's ecology to understand the complex interaction between machines, humans and cyberattacks.

"These centers, as well as our other funded activities, are looking not only for new ways to cope with imperfections in today's systems but also for the knowledge and techniques to build better systems in the future," Carl Landwehr, the NSF's program director for Cyber Trust, said in a statement.

The Cyber Trust Centers are the latest government-funded efforts to conduct broad studies of the Internet and network security.

Last December, the NSF granted $750,000 to two universities to study the problems that could arise from overreliance on a single technology or protocol. The issue, known as a technology monoculture, came to prominence last year, when seven security researchers wrote a paper warning that Microsoft's dominance could have security repercussions.

Two other universities received $5.46 million last year to fund networked research centers that would create a distributed model of the Internet and study how attacks affect its operation.

The CIED, led by Stefan Savage of the University of California at San Diego and Vern Paxson, a fellow principal investigator at the International Computer Science Institute of the University of California at Berkeley, will receive $6.2 million from the NSF. The center will study ways to quickly analyze self-propagating programs and to develop techniques for stopping outbreaks before they spread worldwide.

"It is easy to build a defense against one particular virus or worm; that is what we do now," Paxson said in a statement. "But to stop whole classes of these pathogens requires far more insight into what it means to be an epidemic and how infectious behavior stands apart from legitimate use."

The STIM Center, led by Mike Reiter of Carnegie Mellon University, will receive almost $6.4 million in funding from the NSF. The center will classify "healthy" network interactions to determine how to distinguish attacks and will study the interplay between different "species" of applications, such as e-mail and peer-to-peer networks.

The Cyber Trust program is unrelated to the merger of TrueSecure and Betrusted, which will form a company that the two participants plan to call CyberTrust.