Enabling Public Security and Forensics: NSF Programs and Initiatives

1
Enabling Public Security and Forensics NSF
Programs and Initiatives

• Sirin Tekinay
• Program Director
• Theoretical Foundations

National Science Foundation
2
We live in a network (of networks). We are the
network
3
BITS DATA INFORMATION KNOWLEDGE WISDOM
PHY MAC NET APP
Electrical Engineering Computer Science
Computer Engineering Information Systems
Conventional layering, based on the bottom-up
approach from bits onwards, and the distribution
of research and education among CISE disciplines
4
OUTLINE

• NSF Overview
• Relevant Programs in NSF
• CyberTrust
• Sensor Networking (NOSS) within NeTS
• GENI
• Signal Processing
• TF-SING
• Growing these programs at NSF
• SING
• Cyber Enabled Discovery and Innovation
• and beyond
• ITFAN

5
National Science Foundation
6
NSF Budget
7
Fiscal year 2002
8
Fiscal year 2002
9
Fiscal year 2002
10
Fiscal year 2002
11
FY 2008 Budget Request
12
APPROPRIATIONS FOR NSF FY 1998 2008 Request
7.5
Flat
9.4
Billions of Dollars
13
CISE Organization
Office of the Director
Office of the Assistant Director for CISE
CCF Computing and Communications Foundations
CNS Computer and Network Systems
IIS Information and Intelligent Systems
OCI Office of Cyberinfra- structure
(formerly SCI, now an NSF-wide mission,
reporting to Director of NSF since 2006)
Clusters
Clusters
Clusters

• NeTS
• CSR
• CRI

• EMT
• CPA
• TF

• HCC
• III
• RI

Crosscutting CISE Emphasis Areas
14
CISE Strategic Objectives

• Push the Frontiers of Computer Science
• Cyber Trust (cybersecurity)
• Science of Design
• Emerging models of computation
• Core concepts for all fields
• Advanced Applications
• Research for cyberinfrastructure
• Broaden participation
• Education Workforce Preparation
• Improve organizational effectiveness

15
CISE Budget2003-2008
600
550
500
450
400
350
300
250
Dollars in Millions
200
150
100
50
0
2003
2004
2005
2006
2007
2008
Fiscal Year
16
CISE FY 2008 Budget Request to Congress

• The FY 2008 Budget Request for CISE is
  574.00 million, an increase of 47.31 million,
  or 9.0 percent, over the FY 2007 Request of
  526.69 million.

• Major highlights are
• 19.0M increase for Cybersecurity, 10.0M of
  which is for Cyber Trust.
• 20.0 million for Cyber-enabled Discovery and
  Innovation (CDI)

17
CyberTrust

• Vision A society in which
• Computing systems operate securely and reliably
• Computing systems protect sensitive information
• Systems are developed and operated by a
  well-trained and diverse workforce
• Research on foundations, network security,
  systems software, and information systems
• Integrated education and workforce activities

18
Cyber Trust in CISE
Office
of the
Assistant
Director
Computing and
Computer and
Information and
Communication
Network
Intelligent
Foundations
Systems
Systems
(CCF)
(CNS)
(IIS)
Computer Systems Network Systems Computer
Research Infrastructure Education and Workforce
Theory Software Engineering Architectures
Human-Centered Computing Information Integration
and Informatics Robust Intelligence
Cyber Trust Cluster
19
Current Cyber Trust Research Areas

• Cryptography provable security, key management,
  lightweight cryptographic systems, conditional
  and revocable anonymity, improved hash functions
• Formal methods program and access control rule
  analysis, analysis policy, verification of
  composable systems, lightweight analysis of
  programs, on-line program disassembly
• Defense against large scale attacks worms,
  distributed denial of service, phishing, spam,
  adware, spyware, stepping stone
• Applications critical infrastructures, health
  records, voice over IP, geospatial databases,
  sensor networks, digital media, e-voting
• Privacy privacy-preserving data-mining, RFID
  networks
• Hardware enhancements for security
  virtualization, encryption of data in memory,
  high performance IDS
• Formal models access control, artificial
  diversity and obfuscation
• Network defense trace-back, forensics, intrusion
  detection and response
• Wireless Sensor networks security, privacy,
  pervasive computing
• Future Threats spam in VoIP, Google-like
  everywhere, virtualization
• Metrics work required to break a defense

20
NSF Strategic Priorities in Cyber Trust

• Support research leading to computer-based
  systems networks that
• Function as intended, especially in the face of
  cyber attacks
• Process, store and communicate sensitive
  information according to specified policies
• Systems of national significance, e.g., in
  critical infrastructures, finance, elections,
  healthcare, national defense, national-scale
  databases, air traffic control, and systems
  important to individuals, e.g., automobiles,
  office systems, homes
• Collaborative activities addressing the full
  scope of dependable systems (reliability, safety,
  security, etc.) and other research areas (e.g.,
  confidentiality and usability of research data)

21
Networks of Sensor Systems
Redwoods
Elder Care
Factories
Soil monitoring
22
Focus of NOSS from 2003-Now

• Monitoring, Sensing, Processing, Communicating
  Actuating of Physical Systems/Environments

Applications
NetworkProgramming
HW/SWSystems
ProtocolsAlgorithms
PrivacySecurity
NetworkArchitecture
Store
Comm.
uRobots actuate
MEMS sensing
Proc
Power
technology
Miniature Connections to Physical World
23
Focus Area Approach
Driven by Real Applications Creating Societal
Impact
CommercialSolutions
DeployedInfrastructureApplications
ReusableSystems Science
Accelerate Progress Realize Full Potential
Close Coupling Required
FoundationsResearch
ExperimentalSystems
24
Security and Privacy Challenge

• Very different and challenging
• Physical environment cannot be protected
• Traditional firewall key distribution
  approaches do not work
• A compromised sensor node or application can
  easilydisrupt, carefully alter, or snoop
  operation
• Damage would be very serious
• Need new thinking and solutions
• Implications on hardware, OS, networked
  programming tools
• Have just barely started

25
GENI Initiative

• Global Environment for Networking Investigations
• The new new Internet
• existing network testbeds
• PlanetLab, ORBIT, WHYNET, Emulab, X-Bone, DETER
  and others
• GENI comprises two components
• 1) the GENI Research Program and
• 2) the experimental GENI Facility

26
GENI Vision

• The GENI Initiative envisions the creation of new
  networking and distributed system architectures
  that, for example
• Build in security and robustness
• Enable the vision of pervasive computing and
  bridge the gap between the physical and virtual
  worlds by including mobile, wireless and sensor
  networks
• Enable control and management of other critical
  infrastructures
• Include ease of operation and usability and
• Enable new classes of societal-level services and
  applications.

27
Next Generation Internet- a Simplified Picture?
28
GENI Design

• The GENI Initiative will support research,
  design, and development of new networking and
  distributed systems capabilities by
• Creating new core functionality Going beyond
  existing paradigms of datagram, packet and
  circuit switching designing new naming,
  addressing, and overall identity architectures,
• Developing enhanced capabilities Building
  security into the architecture designing for
  high availability balancing privacy and
  accountability
• Deploying and validating new architectures
  Designing new architectures that incorporate
  emerging technologies (e.g., new wireless and
  optical technologies) and new computing paradigms
  enabled by pervasive devices
• Building higher-level service abstractions
  Using, for example, information objects,
  location-based services, and identity frameworks
• Building new services and applications Making
  large-scale distributed applications secure,
  robust and manageable developing principles and
  patterns for distributed applications

29
GENI Experimental Facility

• One approach for a GENI Facility would enable
• Shared use through slicing and virtualization in
  time and space domains (i.e., where slice
  denotes the subset of resources bound to a
  particular experiment)
• Access to physical facilities through
  programmable platforms (e.g., via customized
  protocol stacks)
• Large-scale user participation by user opt-in
  and IP tunnels
• Protection and collaboration among researchers by
  controlled isolation and connection among slices
• A broad range of investigations using new classes
  of platforms and networks, a variety of access
  circuits and technologies, and global control and
  management software and
• Interconnection of independent facilities via
  federated design

30
GENI Research Foundations

• In the Theoretical Foundations Research
  Community, we believe GENI should be based on
  NEW
• Core theory
• Fundamental algorithms
• Applications

31
SING- Core Theory

• expanding information theory
• formulating a new communication framework
• considering the temporal and spatial distribution
  of information and power
• ties to physical, biological, and social sciences
• relationships to theoretical foundations of
  social computing, economic theory, game theory,
  and computational biology quantum theory
• an evolution theory for computing and learning
  with mobile information sources
• the role of location from spatial behavior of
  propagation to place

32
SING- Fundamental Algorithms

• cooperative communications,
• scalability, complexity, interactivity problems
• security,
• adaptive compression, signal processing
  techniques to support content analysis
• power aware processing studies on the tradeoff
  between communication versus computation and
  storage
• models for mobility enhanced information
  dissemination
• search and information retrieval, complex
  queries, full text search,
• peer-to-peer communications,
• auctions,
• manipulating massive data sets
• algorithmic distributed mechanism design
  distributed control
• mobility based information dissemination, quality
  of service driven mobility

33
SING- Applications

• multimedia signal processing
• wireless communications mobile and sensor
  networks, ad hoc networks,
• smart displays,
• enabling pervasive computing and communication
  environments

34
SING 2006

• Received 100 proposals
• Funded out of cluster reserves
• Co-funding from CNS, AFOSR, DARPA
• 2006 success rate 8, and increasing
• Topics
• Network theory
• Wireless networking, security
• Network optimization, algorithms
• Large scale, distributed systems
• Ties to biology, switching,

35
SING next steps

• 2007 TF Solicitation
• In review cycle
• 2008 CISE Program!!

36
Cyber-enabled Discovery and Innovation

• the Earth and space are populated with
• complex, heterogeneous, interconnected,
  interdependent manmade systems
• transportation, communication, distribution
  (food, supply, power) and sensor networks
• the dynamics of these systems increasingly
  resemble natures own physical, chemical,
  cellular, social, atmospheric, fluid interactions
• Insights into the artificial may lead to insights
  into the natural, and the reverse

37
An Old Example

• Two particles in free space
• Have a constant center of mass
• Move on conic trajectories
• (precessing conics in GR)
• Have positions that can be predicted exactly by a
  simple calculation
• Three particles in free space
• May have chaotic orbits
• Have no prediction method that is better than
  simulation
• Sundman-Wang convergence is too slow
• Do have properties that can be proved
  analytically
• Any non-colliding oscillatory solution is
  contained in a finite sphere. (Painleve)

38
Whats New?

• Interesting questions are increasingly complex
  and computational
• Exact answers only possible by watching and
  waiting (computation)
• Computing insights may give partial answers.
• Biology how do proteins control structure and
  function?
• Economics what is market equilibrium in the
  face of dynamic and incomplete information?
• Meteorology what will the weather be next week?
• Computing how will an ensemble of a million
  interacting computers behave?
• Communication how will a protocol change affect
  internet congestion?

39
Cyber-enabled Discovery
New
40
Status of CDI

• In Presidents FY08 Request
• NSF-wide initiative
• Knowledge extraction
• Complex interactions
• Computational experimentation
• Virtual environments
• Educating students and researchers
• 52M in FY08, up to 250M in FY12
• Under intense discussion in NSF
• Distributed funds
• How to coordinate?

41
Interagency Task Force on Advanced Networking
E-science, E-enterprise, E-commerce,
E-healthcare,E-Gov, E-entertainment, Network
centric warfare
Network Services Anytime Anywhere
Global Federated Networks
Network Complexity Heterogeneity
Network Technologies and Devices

• Future Internet
• Security and privacy
• Uniform reservation systems
• End-to-end network property negotiation
• Complexity hiding
• Tools for fault detection
• Understanding network state and traffic
• Managing trust and security
• Real Time network service negotiation
• Application APIs
• Grids
• Networks under stress (Katrina) robust to
  churning
• Service to users on the move, not simply nomadic
• Ad hoc and relay service when local
  infrastructure is not available
• Pervasive computing
• Service-oriented architectures
• Achievable rates via source channel and net
  coding

• Future Internet
• Security and privacy
• Millions or billions of interfaces
• Multiple, interacting, dynamic topologies at all
  layers
• Anticipation and management of emergent behaviors
• Fault tolerance in hybrid networks
• Fault Tolerance in stacked complex topologies
• Control and management of sensor networks
• Ultra high bandwidth
• Design tools to guarantee predictable behavior
• System Testing Tools
• Fine Grained Dynamic Security Services
• Mobile and Ad hoc Networks
• Wireless
• Control and management
• Cooperative nets, games

• Future Internet
• Security and privacy
• Federation of network management to enable
  end-to-end provisioning of services
• Adaptive end-to-end QoS coordination
• Multi-level precedence and preemption
• Federation of multilevel security systems
  including revocation of certificates
• Federation of networks with different properties
• Sensor nets, high bandwidth wired nets, mobile
  networks Packet switched, circuit switched
• Federation to exchange network state information
• Federation of network monitoring and performance
  systems
• Fault detection and location in federated systems

• Future Internet
• Security and privacy
• High speed transport protocols
• Transport protocols for wireless relay networks
• Routing schemes
• Compact Optical Devices
• Secure Identity Credentials
• MIMO networks
• Energy efficiency
• Geo-location
• Spectrum
• Antennae technologies
• Acoustic technologies
• Space division multiple access technologies
• Ad hoc relaying to reduce need for densely packed
  infrastructure

COMPUTING AND COMMUNICATIONS FOUNDATIONS
Theoretical Foundations, Modeling and Analysis
Tools, Performance Bounds
42
Food for thought

• Problem
• Basic science is under funded
• Were publishing nuggets continually
• Looks like were a bargain!
• Solution 1
• Stop producing nuggets
• Bad solution
• Solution 2
• Recognize new Sputnik era
• Define vision cutting edge to dominate
• Revolutionary, high impact, unconventional,
  multidisciplinary research enabling the vision

43
Contact

• Dr. Sirin Tekinay
• Program Director, Theoretical Foundations,
  Communications Research
• National Science Foundation
• 4201 Wilson Boulevard
• Suite 1115
• Arlington, VA 22230
• 703-292-8910
• stekinay_at_nsf.gov