June 4, 2014
NWO Physical Sciences (NWO-EW), the Ministry of Security and Justice and the U.S. Department of Homeland Security (DHS) Science & Technology Directorate (S&T) Cyber Security Division (CSD) will jointly fund research in the field of cybersecurity. Three cybersecurity research projects with Dutch and American scientists will receive grants adding up to a total amount of approximately 1.3 million Euros. The Netherlands and the U.S. each pay half. Project results will increase online and mobile security. By signing agreements associated with these projects, representatives of the subsidizing organizations from the Netherlands and the USA have ratified the cooperation.
Reginald Brothers, Pieter Cloo and Louis Vertegaal
International cooperation is essential
Hackers and cyber criminals often work together worldwide. This reality makes global research cooperation and joint research a necessity and prerequisite to deal with the current cross-border challenges in cybersecurity. Recently the Ministry of Foreign Affairs computer system, located in Brussels, was hacked. Criminals succeeded in capturing files about Ukraine.
In 2012, at an expert meeting, DHS S&T, NWO-EW and Dutch experts identified a number of overlapping transatlantic research areas in the field of cybersecurity. The five areas of mutual interest are: cyber forensics, malicious software in a mobile environment (malware), cross-border identity management, critical infrastructure / supervisory control and data acquisition systems (SCADA) and cloud computing. Research proposals were submitted related to these areas. Ultimately three proposals were selected.
Greg Wigton, Luke Berndt, Ann Cox, Reginald Brothers, Douglas Maughan, Eelco Stofbergen, Pieter Cloo and Jan Piet Barthel
Signature and kickoff
Agreements associated with these projects were recently signed in Washington, D.C. by Pieter Cloo, Secretary General of the Ministry of Security and Justice, Reginald Brothers, Under Secretary for DHS S&T and Louis Vertegaal Director NWO-EW. On June 2, 2014, two of the three DHS-NWO cybersecurity research projects were kicked off by their Principal Investigators during the NCSRA Symposium in The Hague (about the execution of the Dutch National Cyber Security Research Agenda). The kickoff of the third joint research project will take place in Washington, D.C. in August this year.
Alfonso Valdes,Tyler Moore, Sandro Etalle, Michel van Eeten, Douglas Maughan, and Louis Vertegaal
Under the Dutch-American Project Arrangement about cooperative research and development on cybersecurity, the following joint cybersecurity research projects were granted:
Malware on smartphones: collection, analysis, and defensive measures
Is the amount of malicious software on smartphones growing? Currently experts lack the tools to analyze smartphone applications in sufficient detail to decide whether or not software is malicious or not, and if so, what it does exactly. In this project an environment will be developed to gather and analyze malware on smartphones as well as new techniques to analyze the software in detail, using both static and dynamic analysis. Both environment and tools will be made available to external parties so that they can submit samples for analysis also.
Increasing the impact of voluntary action against cybercrime
The bulk of incident response remains voluntary by the operators running Internet infrastructure and services. Voluntary action typically takes the form of one party notifying another about potential abuse and asking it to act against it. This project aims to identify when and how notification regimes prove to be the most effective and how this effectiveness could be further enhanced.
In-depth defense of SCADA and Industrial Control Systems
Systems like Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS), formerly isolated and relying on proprietary protocols, are increasingly interconnected and employ open or legacy protocols encapsulated in TCP/IP. Trends like smart grids and advanced automated manufacturing provide an opportunity for vastly increased system performance, but may also expose these systems to cyber-attacks. Application of intrusion detection techniques, like anomaly detection and specification-based detection, should lead to a blended system securing SCADA and ICS. The developed security technology will be made available in an open framework.