Kickoff joint projects NL-USA:online and mobile security

June 4, 2014

NWO Physical Sciences (NWO-EW), the Ministry of Security and Justice and the U.S. Department of Homeland Security (DHS) Science & Technology Directorate (S&T) Cyber Security Division (CSD) will jointly fund research in the field of cybersecurity. Three cybersecurity research projects with Dutch and American scientists will receive grants adding up to a total amount of approximately 1.3 million Euros. The Netherlands and the U.S. each pay half. Project results will increase online and mobile security. By signing agreements associated with these projects, representatives of the subsidizing organizations from the Netherlands and the USA have ratified the cooperation.

Reginald Brothers, Pieter Cloo and Louis Vertegaal

International cooperation is essential
Hackers and cyber criminals often work together worldwide. This reality makes global research cooperation and joint research a necessity and prerequisite to deal with the current cross-border challenges in cybersecurity. Recently the Ministry of Foreign Affairs computer system, located in Brussels, was hacked. Criminals succeeded in capturing files about Ukraine.

In 2012, at an expert meeting, DHS S&T, NWO-EW and Dutch experts identified a number of overlapping transatlantic research areas in the field of cybersecurity. The five areas of mutual interest are: cyber forensics, malicious software in a mobile environment (malware), cross-border identity management, critical infrastructure / supervisory control and data acquisition systems (SCADA) and cloud computing. Research proposals were submitted related to these areas. Ultimately three proposals were selected.

Greg Wigton, Luke Berndt, Ann Cox, Reginald Brothers, Douglas Maughan, Eelco Stofbergen, Pieter Cloo and Jan Piet Barthel

Signature and kickoff
Agreements associated with these projects were recently signed in Washington, D.C. by Pieter Cloo, Secretary General of the Ministry of Security and Justice, Reginald Brothers, Under Secretary for DHS S&T and Louis Vertegaal Director NWO-EW. On June 2, 2014, two of the three DHS-NWO cybersecurity research projects were kicked off by their Principal Investigators during the NCSRA Symposium in The Hague (about the execution of the Dutch National Cyber Security Research Agenda). The kickoff of the third joint research project will take place in Washington, D.C. in August this year.

Alfonso Valdes,Tyler Moore, Sandro Etalle, Michel van Eeten, Douglas Maughan, and Louis Vertegaal

Research

Under the Dutch-American Project Arrangement about cooperative research and development on cybersecurity, the following joint cybersecurity research projects were granted:

Malware on smartphones: collection, analysis, and defensive measures

  • Herbert Bos (VU University Amsterdam, NL)
  • Christopher Kruegel (University of California Santa Barbara, US)

Is the amount of malicious software on smartphones growing? Currently experts lack the tools to analyze smartphone applications in sufficient detail to decide whether or not software is malicious or not, and if so, what it does exactly. In this project an environment will be developed to gather and analyze malware on smartphones as well as new techniques to analyze the software in detail, using both static and dynamic analysis. Both environment and tools will be made available to external parties so that they can submit samples for analysis also.

Increasing the impact of voluntary action against cybercrime

  • Michel van Eeten (Delft University of Technology, NL)
  • Tyler Moore (Southern Methodist University, US)

The bulk of incident response remains voluntary by the operators running Internet infrastructure and services. Voluntary action typically takes the form of one party notifying another about potential abuse and asking it to act against it. This project aims to identify when and how notification regimes prove to be the most effective and how this effectiveness could be further enhanced.

In-depth defense of SCADA and Industrial Control Systems

  • Sandro Etalle (University of Eindhoven, NL)
  • Alfonso Valdes (University of Illinois at Urbana Champaign, US)

Systems like Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS), formerly isolated and relying on proprietary protocols, are increasingly interconnected and employ open or legacy protocols encapsulated in TCP/IP. Trends like smart grids and advanced automated manufacturing provide an opportunity for vastly increased system performance, but may also expose these systems to cyber-attacks. Application of intrusion detection techniques, like anomaly detection and specification-based detection, should lead to a blended system securing SCADA and ICS. The developed security technology will be made available in an open framework.