DISCERN: Datasets to Illuminate Suspicious Computations on Engineering Research Networks

The NSF project led by Prof. Jelena Mirkovic and Prof. Brian Kocoloski.

• Identify and address 1 major security issue (reverse shell root access) and over 3 vulnerabilities in Kubernetes-based Testbed Platform, coordinated with the SPHERE Dev Ops, and mitigated potential risks of unauthorized access and system compromise
• Enhanced scalable data collection and analysis pipeline for Kubernetes based testbed, improving process efficiency by 15%
• Co-develop 5 testbed sensors with DISCERN researchers, incorporating InfluxDB and PostgreSQL, monitor testbed operation, providing 2 new facets of metrics to monitor malicious activities, improving system security and reliability by 35%
• Establish a knowledge graph for the SPHERE testbed, enabling threat and structure visualization, boosting research efficiency by 10% and cut data retrieval time by 40%
• Lower attack surface by more than 15%, through comprehensive analysis and producing a detailed security report addressing identified vulnerabilities, simulated attacks, and patching suggestions
• Developed a new security framework based on STPA-Sec and Mission Centric that estimates security postures of cyber systems