GGrantIndex
← Search

CAREER: Transforming Residential Networks into Security Assets

$507,862FY2017CSENSF

Worcester Polytechnic Institute, Worcester MA

Investigators

Abstract

Residential computer networks are often insecure because they are unable to apply the best practices employed in corporate networks. The general public, who are often responsible for administering these networks, may lack the financial resources or computing expertise to deploy state-of-the-art network security systems. As a result, residential networks often offer little resistance to fraud and compromise. Further, these networks can enable infiltrations into corporate networks when users bring their mobile devices from the home to the corporate network. The rise of Internet-enabled embedded devices, such as household appliances and electrical power switches, can exacerbate these problems since a compromise can affect the residence's physical environment. To address these risks, this project will explore new mechanisms to send network traffic through security enforcement systems located outside the residence to carefully screen for attacks, both to traditional computers and to Internet-enabled embedded devices. The project's goal is to create new techniques that can improve security for the millions of residential computer networks in the United States. The researchers will create a system to answer research questions surrounding the effectiveness, efficiency, performance, scalability, costs and incentives of delegating network security decisions to an external third-party security provider. Using an array of cloud-hosted security middleboxes, the researchers will measure the network latency and impact on bandwidth associated tunneling residential network traffic through these middleboxes before sending the traffic to its destination. The researchers will evaluate how new security mechanisms can be introduced at these middleboxes and how existing security protocols can be fortified in this model. The project will further explore how to detect and create custom security filters for Internet-enabled embedded devices to protect them attempts to exploit vulnerabilities that may be present on the devices. The researchers will explore generalizable models that can apply to embedded devices that have similar network interaction patterns to enable support for a large number of devices. Finally, the researchers will explore the potential for a new subfield of deployable residential network security. The researchers will examine which types of techniques are compatible with external third-party security providers and which techniques require an on-site security solution to be viable.

View original record on NSF Award Search →