Northrop Grumman [NOC] yesterday said a research consortium it formed 18 months ago with leading universities to get in front of emerging and future cyber security threats has expanded the number of projects it is working on and is making progress on a number of fronts.
The Northrop Grumman Cybersecurity Research Consortium (NGCRC) has undertaken research projects addressing things like mobile devices, wireless networks, cloud computing, real-time malware detection, continuous network monitoring, identity management and more, Robert Brammer, vice president and chief technology officer for the company’s Information Systems sector, said at a media briefing. Northrop Grumman began the NGCRC with 10 projects and is now funding 13, he said.
In addition to Northrop Grumman, consortium members include Carnegie Mellon Univ., the Massachusetts Institute of Technology and Purdue Univ. (Defense Daily, Dec. 2, 2009).
Brammer listed a dozen or so trends that have occurred since the NGCRC kicked off in December 2009. On one hand have been developments that are demonstrating the “acceleration of the growth and value of cyber space,” he said. Among them have been a more than tripling in mobile Internet traffic, a 32 percent increase in the purchasing of mobile devices and a new cloud computing strategy released by the Obama Administration calling for moving 25 percent of annual federal information technology spending to cloud services, he said.
However, on the “bad news” side, cyber “threats are also increasing in scope and significance,” Brammer said. Malware is becoming more sophisticated, targeting data, money, identities and other information. In 2010, there was a 600 percent increase in the number of unique botnet victims, and threats have appeared such as the Stuxnet virus that can cause control systems to malfunction, he said.
The NGCRC is being managed to “accelerate the cycle for research to large scale operations,” which typically takes several years or more, Brammer said. One goal is to “significantly” reduce that cycle time, he said. And the consortium is “beginning to get some encouraging results.”
Brammer described several of the ongoing efforts, putting them into three categories. Under application software security, consortium members are researching ways to automate cyber security testing related to the certification and accreditation processes that must occur before something is operationally deployed with the aim of reducing the associated process times and costs, he said.
“Initial testing shows excellent potential for these productions while improving cyber security,” Brammer said of the automated testing. “So we’re now doing research with selected operational systems to see how we can scale up these processes to the large scale operations that we see in our customers for the next few years.”
In the area of cloud computing, which Brammer said is a “high priority for all our customers,” the consortium is researching various aspects, including end-to-end system management, interoperability, environmental friendliness, and secure approaches to community-private clouds.
For the community-private clouds, the NGCRC is looking at deploying low cost sensors in the cloud that do specialized encryption to lower the likelihood of unauthorized data access, Brammer said. Another effort in this area is digital watermarking to “establish the integrity and legitimacy of data and to trace it, if necessary,” he said. These efforts have shown they can withstand cyber attacks in the laboratory and now testing on larger scales is beginning on the company’s cyber ranges, he added.
In the area of infrastructure security, the consortium is looking at ways to optimize intrusion detection and prevention systems and other security measures for budget conscious enterprises, Brammer said. Another project involves cost-effective recovery from a cyber event using real-time forensics “to determine what has happened and to minimize the resources necessary to recover.”
Brammer said that laboratory for the infrastructure security-related efforts has gone well with the next step being larger scale testing.