ICS@PSU: Institute for CyberScience

News Archive

Published on October 18, 2017 by Erin Cassidy Hendrick

ICS affiliate helps ward against cyberattacks

When a computer system is compromised by a cybercriminal, chaos ensues. Not only have attackers accessed the data they’re after, they could also bring the everyday business processes to a grinding halt.

Thanks to new research from the Penn State College of Information Sciences and Technology (IST), there may be a new way to help organizations mitigate the wave of disruption left in the wake of a cyberattack.

The study, “Building an Active Cyber Defense Toolkit based on Actionable Impact Analysis in Cloud Computing,” is being spearheaded by Peng Liu, professor of IST, and is funded by a grant from the National Institute of Standards and Technology (NIST). Liu is an ICS affiliate.

Liu’s research focuses on identifying an organization’s mission impact, which are the theoretical effects of a cyberattack on everyday business processes. Liu used the example of LionPATH, Penn State’s online student hub for managing tuition payments, grade reporting, and a variety of student services.

“When a hacker is attacking a computer network like LionPATH, the real purpose may not be to affect those business processes,” Liu explained.

The attacker’s primary goal is usually to capture data, but it’s quite likely the business processes would be disrupted from a successful intrusion.

Said Liu, “The motivation of this project is to more quantitatively assess those types of indirect impacts.”

The need for this kind of preparation is heightened, as nearly all organizations across every industry are readily adopting cloud computing technologies.

“A virtual network introduces some new vulnerabilities. Therefore, an attack will exploit them,” Liu said.

This research aims to address an existing gap of knowledge, as the cybersecurity analysts who are trained to identify and thwart cyberattacks aren’t usually familiar with the day-to-day businesses systems and how they could be affected.

“On the other side are the people responsible for those things, like accountants, but they aren’t able to detect a cyberattack themselves,” Liu explained.

However, those managing the daily processes are often the first to know when a disruption occurs, such as a payment system crashing. Liu plans to create a tool that can merge the two priorities to automatically determine which business processes can be affected in the event of a hack and how to quarantine the effects.

In the example of payment systems, Liu notes, the tool could potentially identify that if payment information is contaminated, the overarching system may not be able to accept payments or may invoice incorrect amounts.

This proactive mindset also adds an additional layer of resiliency to an organization, helping them regain control of their systems and resume business as usual.

In an environment where cyberattacks are becoming increasingly prevalent, the application of this tool can help fortify an organization’s security by directly using log data as an input, thus making the impact analysis mostly automatic.”

Concludes Liu, “This research is a critical step forward.”

This article originally appeared on Penn State News and has been modified to clarify Peng Liu’s connection with ICS. Read the original here: http://news.psu.edu/story/488262/2017/10/16/research/ist-research-help-ward-against-cyberattacks

Penn State Institute for CyberScience

Help us build the future. Contact ICS at Penn State.

  • email: ics@psu.edu
  • phone: ICS-ACI Support (i-ASK Center): 814-865-4275 | General Inquiries: 814-867-1467

November 2017

  • Nov 7, 201711:00 am - 5:00 pm

    XSEDE HPC Workshop: GPU Programming Using OpenACC

    OpenACC is the accepted standard using compiler directives t…

    More Info
  • Nov 6, 201710:00 am - 3:00 pm

    NIIMBL Teaming Event with Celgene

    Celgene, a biotechnology company, invites researchers to a m…

    More Info
  • Nov 8, 20178:30 am - 4:30 pm

    Amazon Web Services Research Immersion Day

    Come and learn how to do science on the cloud! From scaling …

    More Info
  • Nov 9, 20171:30 pm - 2:30 pm

    SIRO Proposal Development Workshop: Perspectives on Graduate Education

    Dean Evasius, Director, NSF Division of Graduate Education, …

    More Info
  • Nov 2, 201712:00 pm - 1:00 pm

    Introduction to Data Science with R Workshop 8: Managing Multiple Datasets

    In this workshop, we will begin to synthesize what we have l…

    More Info
  • Nov 10, 20172:00 pm - 3:00 pm

    SIRO Proposal Development Workshop: NSF Research Traineeship Program-Limited Submission Opportunity

    The NSF Research Traineeship (NRT) program (NSF 18-507) is d…

    More Info
  • Nov 14, 20179:00 am - 5:00 pm

    GIS Day 2017

    Penn State GIS Day strives to bring together those who are w…

    More Info
  • Nov 9, 201712:00 pm - 1:00 pm

    Introduction to Data Science with R: Working with Text Data in R

    In this workshop, we will cover the basics of manipulating a…

    More Info
  • Nov 14, 20175:00 pm

    Paul Hawken, “Drawdown, the Most Comprehensive Plan Ever Proposed to Reverse Global Warming”

    Environmentalist and entrepreneur Paul Hawken will be the ke…

    More Info
  • Nov 16, 20172:00 pm - 3:30 pm

    Ari Fertig of “The Conversation”

    Penn State will host editor Ari Fertig from the academic med…

    More Info
  • Nov 17, 20174:00 pm - 5:00 pm

    Stochastic Computations Working Group: “Parameter estimation using linear response statistics: Theory and numerical scheme”

    Join ICS Associate John Harlim and Xiantao Li for their bi-w…

    More Info
  • Nov 30, 20174:00 pm - 5:00 pm

    Geodynamics Seminar with Tim Masterlark – Impulse Response Experiments for Magmatic Systems

    Join the Department of Geosciences for a Geodynamics Seminar…

    More Info