November 15, 2018
The board of NWO Domain Science (ENW) has granted funding for five proposals in the call Joint U.S. – Netherlands Cyber Security Research Programme. This call supports academic collaboration between top cybersecurity researchers from the Netherlands and the United States. The call is an initiative of NWO, the Dutch Ministry of Justice and Security and the American Department for Homeland Security, Science and Technology Directorate (DHS S&T).
The following five proposals were granted funding:
Planning Anycast for Anti-DDoS
Prof. dr. ir. A. Pras & Prof. J Heidemann
University of Southern California - Information Sciences Institute, Marina del Rey, California, and University of Twente, Enschede—to define a framework to counter the IoT DDoS threat by creating tools to reconfigure capabilities in DNS servers and content delivery networks. This framework will be used to create tools to manage anycast (methodology in which a single destination address has multiple routing paths to two or more endpoint destinations) before and during DDoS attacks, and evaluate operational DNS systems.
TROPICS: Timely and RObust Patching of Industrial Control Systems
Prof. dr. ir. H.J. Bos & Prof. dr. C Kruegel
University of California, Santa Barbara and Vrije Universiteit (VU) Amsterdam—to develop a methodology for making patching decisions for ICS software. The methodology will make a determination of the severity of the vulnerability, which will drive a decision on how immediate a patch needs to be applied; Analyze the impact of patches to determine stability or functionality of software; and develop novel methods to apply the hardening only to vulnerable execution paths.
Mapping DNS DDoS Vulnerabilities to Improve Protection and Prevention
Dr. Anna Sperotto & Dr. Kimberly Claffy
University of California, San Diego and University of Twente, Enschede—to analyze the DDoS attacks focused on exploitation of DNS. Attack sources, targets, and characteristics observed in DDoS attack traffic will be analyzed and an assessment of vulnerabilities and single points of failure that threaten the resilience of the DNS under DDoS attack will be conducted. By combining these two perspectives, actionable intelligence will be used to improve the resilience of the DNS against attacks, while facilitating prevention of DNS attacks.
MitigatINg IOt-based DDoS attacks via DNS
Dr. ing. C. Hernandez Ganan & Dr. D. McCoy
New York University and Delft University of Technology, Delft—to design and create a prototype to implement DDoS countermeasures and remediation for in-home networks and Internet of Things (IoT) devices, primarily from attacks using Domain Name System (DNS).
DEPICT: DEep Packet Intelligence for industrial ConTrol systems
Prof. Dr. Sandro Etalle & Dr. Alvaro A. Cardenas
University of Texas at Dallas, and Technische Universiteit Eindhoven—to create new tools, algorithms, and software to improve the situational awareness of security analysts for ICS. The results will enable security analysts and operators to identify and mitigate threats, and the impact of cyber attacks.
The Joint U.S. - Netherlands Cyber Security Research Programme is a joint call for proposals from NWO, the Ministry of Security and Justice and the Department for Homeland Security, Science and Technology Directorate (DHS S&T). Researchers based in the Netherlands have submitted a proposal in partnership with a U.S. co-applicant within two themes: Industrial Control Systems/ Supervisory Control and Data Acquisition (ICS/SCADA) and Distributed Denial of Service (DDoS) attacks and the Domain Name System (DNS). The submission deadline was 31st of August 2017. In total, 13 proposals have been assessed, of which 5 are granted.
For more information regarding the Joint U.S. - Netherlands Cyber Security Research Programme you can contact Amber Kerkhofs, firstname.lastname@example.org.