The US Department of Homeland Security is planning several new pilot projects that officials hope will help solve one of the most pressing cybersecurity research problems to date: a lack of real-world attack data.
"The cybercommunity has suffered for years from the lack of good data for testing," said Douglas Maughan, security programme manager at the Homeland Security Advanced Research Projects Agency, which is part of the DHS's Science and Technology Directorate.
The DHS is moving ahead with a new programme called Protected Repository for Defense of Infrastructure Against Cyber Threats (Protect), said Maughan.
The Protect programme has been under way since February and is aimed at getting large private-sector infrastructure companies to volunteer real-world incident data that researchers can use to test prototype security products.
"We're looking to collect large, different types of data," said Maughan. He noted that the government would not hold the data and said those who volunteer for the programme can have data "anonymised".
Maughan said the programme would rely on a trusted access repository process that includes a government-funded but third-party hosted data repository with written agreements with data providers.
Researchers can apply to take part in the programme, and data owners would be allowed to stop specific researchers from accessing their data, said Maughan. So far, nearly two-dozen enterprises have indicated interest in the programme, which is scheduled to go live after 1 January.
The agency is also spearheading a cybersecurity test bed, known as Deter for Cyber Defense Technology Experimental Research, that will help develop next-generation security technologies for the nation's critical infrastructure. The goal is to construct a homogeneous emulation cluster based on the University of Utah's Emulab facility, said Maughan.
So far, he said, $14m (£7.9m) has been earmarked for the programme, which allows researchers to focus on security vulnerability prevention and detection and test the security and trustworthiness of operational systems. The DHS plans to hold an industry day on 27 September to answer questions about the programme, and plans to award pilot project contracts in mid-January 2005.
The DHS has also formed an ad hoc government/industry steering committee to study and develop security pilot projects for the Domain Name System, a critical part of the Internet infrastructure that converts text names of websites into internet Protocol addresses.
The goal is to develop pilot projects to study specific threats and vulnerabilities to the DNS, including loss of service due to a denial-of-service attack, hijacking and a loss of coherence due to the existence of unauthorized root servers and top-level domains.
Pilot projects are being planned for the .us and .gov domains, Maughan said.
Dan Verton writes for Computerworld