RESEARCH TO PRACTICE ORIENTATION

The Center for Assurance Research and Engineering (CARE) distinguishes itself by focusing not just on cybersecurity research but, whenever possible, on translating research into applications for the real-world environment.

Bridging the gap between research and practice can be a complex undertaking, requiring that our creative and insightful researchers also are attuned to such factors as product reliability and cost.

Our team of experts has the breadth and depth of knowledge to keep overall organizational goals in mind while producing solutions that can work across many platforms and the variety of equipment and applications found in the continuously changing world.

Commercial Success

In an unusual move within academia, CARE has even shepherded an idea from its research phase into the commercial marketplace. Backed by the Department of Homeland Security, Kryptowire, which sells software that can search for security vulnerabilities in mobile applications and archive the results, is currently pursuing business within government and private sectors.

Powerful Partnerships

CARE offers an integrated approach to cybersecurity in core areas such as: military, government, health and energy. We have partners from private industry, such as IBM and PwC and government institutions, including Defense Advanced Research Projects Agency (DARPA), Department of Homeland Security (DHS) and Intelligence Advanced Research Projects Activity (IARPA).

Examples of our current projects include:  

Department of Homeland Security

CARE, partnering with Kryptowire, LLC, received a $1.7 million contract from the Department of Homeland Security for a new authentication project. This project will provide a new way to continuously authenticate users to mobile devices.  

The system design employs several unique characteristics of the operating environment and device usage as behaviorial biometrics to detect imposters using the device even if the imposters possess a valid stolen password. In this work, Kryptowire is developing the core technology, and CARE is validating and testing  the device against a large user population.

Korea Agency for Defense Development

CARE and Mason's School of Business received a $268,000 grant from the Korea Agency for Defense Development (ADD) to provide technical consulting for test and evaluation methodologies for cyber security technologies being developed.  For this project, our researchers also are partnering with the Cyber Security Systems Research Lab at the Korea Advanced Institute of Science and Technology (KAIST).

National Science Foundation

  1. CARE received a $175,000 grant from the National Science Foundation (NSF) for a project focused on securing enterprise name servers that interact with the Domain Name System (DNS). According to the project abstract, these name servers are critical infrastructure, busily translating human readable domain names to IP addresses. DNS is a hotbed of malicious activity and, when properly monitored, it can offer invaluable information about network attacks and malicious activity. CARE's research will create a system to quickly identify infected clients.
  2. CARE and Mason's School of Business and Volgenau School of Engineering received a $500,000 grant from the NSF to develop chief information security officer (CISO) core competencies and then apply the results to establish learning objectives and curricula guidelines for cybersecurity leadership education programs.

Examples of our completed projects include:

IBM

A multidisciplinary team from George Mason University partnered with IBM to research imminent advancements in the electric power industry, changes that will challenge cybersecurity for the more than 3,000 electric companies in the United States. IBM awarded its prestigious Shared University Research Award to representatives from Mason's CARE (the Volgenau School of Engineering ), the School of Business, the Center for Infrastructure Protection, and Homeland Security, and the School of Public Policy.

A Cloud-Enabled Distributed Denial-of-Service Defense

Distributed Denial-of-Service (DDoS) attacks, which attempt to make a machine or network resource unavailable to its intended users, pose a severe security threat to internet services.

Our defense introduced a novel system architecture to take advantage of modern cloud computing environments. During a DDoS attack, this approach allows for quick server replication in the cloud, and the affected client sessions are migrated to the replacement replica servers.

We designed a shuffling mechanism that, while intelligently assigning clients to the new replica servers, enables the quick identification of potentially malicious clients. Through multiple rounds of shuffling, persistent attackers are progressively isolated.

Securely Taking On New Executable Software of Uncertain Provenance (STONESOUP)

Software vulnerabilities are a major security problem today, and compounding the problem is the fact that software is now developed all over the world and is often assembled from many sources.

In a project funded by IARPA, our team aimed to demonstrate technology providing comprehensive automated techniques that allow end users to safely execute new software. In addition to George Mason, several other universities and organizations participated on the team such as Columbia University, Stanford University and Symantec.  

As one area of focus, Mason studied the problem of detecting resource drains, a common attack vector that can cause various types of denial of service and other vulnerabilities, often allowing malicious users to take control of the program. Our team produced a resource monitoring system that enabled the efficient determination of normal system usage. Then, they developed an approach to more precisely detect when resources were being used beyond expected limits.

Cyber Genome

Catching criminals who launch cyber attacks is no easy task. But the goal of the Cyber Genome Program, an initiative of the Defense Advanced Research Projects Agency (DARPA), was to find the guilty parties by developing the cyber equivalent of DNA to pinpoint the origin of a cyber attack.

The project's premise was that while thousands of malware strains are created each day, most are variants of a select number of malware families.

Using the university's excellent computing resources, researchers tested thousands of malware samples and identified unique markers for malware families. Based on this data, a defense was developed to determine the similarity of unknown programs to that of known and mapped malware strains. In seconds, information is provided indicating the likelihood of a program being malicious.