GGrantIndex
← Search

Conference: Post-Alert: Data Attribution and Attack-Response

$49,998FY2023CSENSF

University Of California-Santa Cruz, Santa Cruz CA

Investigators

Abstract

Over the past decades, research and industry have provided several tools for preventing and detecting attacks; however, what to do after an attack is detected has comparatively received less attention. This workshop brings together an interdisciplinary team of scientists looking at future research directions for attack recovery. The workshop's novelties are the multidisciplinary focus on attack recovery and the plan to define a future roadmap of open challenges and research directions to solve them. The workshop's broader significance and importance are to improve the security of our networks. The workshop will also look into inclusive best practices in technology and education to attract a diverse population to fulfill the nation's needs for incident response in our critical computer networks. The specific technical subtopics required for fast and effective incident response include (1) data provenance, (2) persistence, and (3) automated recovery. Each category requires deep technical expertise to develop the next-generation tools to protect our networks. For example, grammar induction techniques can be applied to provenance graphs to eliminate redundancy and correlate events. The rise of artificial intelligence tools like reinforcement learning can also be used to teach agents to operate through post-breach behavior. The outcome of this workshop will provide future guidance on research directions for real-time incident response and automated forensics. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →