Project 131 (3rd year)
Network Security Assessment Technology Development
| This project aims to develop the next generation of advanced security assessment and defense technology. The major research fields of this project include: 1) vulnerability scanning and assessing; 2) intrusion detection and prevention support; 3) security information and event management. Based on the results we achieved in the previous two and a half years, the work of the third year focuses on: |
| All of the developed technology software has been integrating into three major platforms/systems and a suite of core components: |
| (1) | Intelligent Network Security Assessment System - it can execute automatic security assessment and penetration test to explore and verify security vulnerabilities, and manifest the immediate security risks. | |
| (2) | NIDS Resiliency Probing Tool - with advanced evasion test techniques, this tool can evaluate the effectiveness of NIDS, in dealing with various attack challenges. By generating mutated exploit packets, it can test against target NIDS to examine its defense resiliency. | |
| (3) | Intelligent Web Application Protection System - it detects and prevents various attacks in WEB application activities. With the positive and negative filtering mechanism, it can effectively block incoming application-level attacks, such as SQL injection, buffer overflow, CMD injection, etc. | |
| (4) | SIEM/SOC Core Components - as the kernel modules of SOC platform, that include event normalizer & correlator, and high-efficient security data archive. Besides, the techniques can also support for NIDS calibration, and event forensic. | |
| This project has leveraged the leading-edge technology capability and resources in security from UCB and CMU through international collaboration. This did help to expedite the progress of advanced information security technology development, such as IDS/IPS Resiliency Probing, and Efficient Archive and Retrieval. Ultimately, all of the developed systems and technology in this project will be converged into a total solution that enables a secure ubiquitous network society and allows anyone to exchange information safely and securely anytime. This will also help the information security industry in Taiwan to increase its competitiveness in worldwide market. |
Achievements and Contributions
Member List
| Country | Organization | Full Name | Title | |
|---|---|---|---|---|
Taiwan |
III |
Wu, Jain-Shing |
PI |
|
Taiwan |
III |
Woo, Chien-Shing |
Co-PI |
|
US |
UCB |
Vern Paxson |
CPI |
|
US |
CMU |
Dawn Song |
CPI |
Required Documents (3rd year)
Self-Assessment Presentation File (Internal Review Meeting)
Midterm Report (External Review Meeting)
Final Report (External Review Meeting)